urlscan.io logo urlscan.io
SecurityTrails logo

www.kanui.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kanui.com.br/
Effective URL: https://www.kanui.com.br/
Submission: On May 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 12 countries across 89 domains to perform 528 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.kanui.com.br.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 30th 2022. Valid for: a year.
This is the only time www.kanui.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.168.219.188 14618 (AMAZON-AES)
91 179.191.182.65 52580 (Azion Tec...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
1 20.206.128.53 8075 (MICROSOFT...)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
22 108.138.36.98 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
1 18.66.192.125 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
6 151.101.1.194 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 35.169.33.119 14618 (AMAZON-AES)
3 2a02:2638:d::2 44788 (ASN-CRITE...)
1 18.66.121.152 16509 (AMAZON-02)
4 2.23.209.20 20940 (AKAMAI-ASN1)
3 4 185.184.10.30 203690 (RTB-HOUSE...)
3 5 37.252.171.22 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.251.189.55 16509 (AMAZON-02)
3 99.84.88.7 16509 (AMAZON-02)
4 34.120.4.21 396982 (GOOGLE-CL...)
49 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
32 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.217 54113 (FASTLY)
1 18.198.118.250 16509 (AMAZON-02)
5 7 2a02:2638:d::d 44788 (ASN-CRITE...)
2 34.246.79.42 16509 (AMAZON-02)
2 178.250.1.11 44788 (ASN-CRITE...)
1 1 178.250.7.11 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
15 54 172.217.18.2 15169 (GOOGLE)
4 7 185.80.39.216 27381 (CASALE-MEDIA)
4 35.244.159.8 15169 (GOOGLE)
1 7 104.111.217.42 16625 (AKAMAI-AS)
12 2a00:1450:400... 15169 (GOOGLE)
8 142.250.186.34 15169 (GOOGLE)
1 2 62.144.160.15 12312 (ECOTEL)
3 3 18.196.255.22 16509 (AMAZON-02)
5 3.33.220.150 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
7 8 52.28.232.169 16509 (AMAZON-02)
2 2 54.76.65.236 16509 (AMAZON-02)
3 3 2600:9000:20c... 16509 (AMAZON-02)
2 4 51.89.9.254 16276 (OVH)
2 4 46.228.164.11 56396 (AMOBEE)
2 2 34.91.62.186 396982 (GOOGLE-CL...)
2 2 37.157.3.30 198622 (ADFORM)
2 6 178.250.1.9 44788 (ASN-CRITE...)
4 4 198.47.127.19 62713 (AS-PUBMATIC)
4 4 216.52.2.6 32475 (SINGLEHOP...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 3 69.173.144.138 26667 (RUBICONPR...)
2 3 34.242.172.162 16509 (AMAZON-02)
1 1 151.101.194.49 54113 (FASTLY)
3 185.86.138.153 201081 (SMARTADSE...)
4 5 3.71.149.231 16509 (AMAZON-02)
2 2 185.94.180.126 35220 (SPOTX-AMS)
5 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
22 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 37.252.171.52 29990 (ASN-APPNEX)
1 95.101.148.20 16625 (AKAMAI-AS)
1 35.159.45.56 16509 (AMAZON-02)
1 185.86.139.103 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 37.157.6.237 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
1 2 54.229.40.109 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.69.141.119 16509 (AMAZON-02)
1 70.42.32.255 22075 (AS-OUTBRAIN)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.215.16.120 16625 (AKAMAI-AS)
1 52.51.50.145 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 213.19.147.44 26120 (RHYTHMONE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 18.132.62.161 16509 (AMAZON-02)
1 54.154.227.90 16509 (AMAZON-02)
1 104.102.45.165 16625 (AKAMAI-AS)
2 2 142.250.186.70 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 145.239.193.130 16276 (OVH)
2 108.138.36.89 16509 (AMAZON-02)
2 18.155.129.28 16509 (AMAZON-02)
1 3.13.159.91 16509 (AMAZON-02)
4 35.176.156.184 16509 (AMAZON-02)
528 99
1    35.168.219.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-219-188.compute-1.amazonaws.com
kanui.com.br
91    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
www.kanui.com.br
dafitistatic.dafiti.com.br
static.dafiti.com.br
static.kanui.com.br
1    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
selo.compreconfie.com.br
3    2606:4700:20::681a:b5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
1    2600:9000:2248:3000:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
1    20.206.128.53 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
analytics-stamp.confi.com.vc
2    2620:1ec:4f:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.confi.com.vc
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:219c:5e00:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
22    108.138.36.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-98.muc50.r.cloudfront.net
async-px.dynamicyield.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
25    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2600:9000:20c3:fc00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
17    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net
static.hotjar.com
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
wkxppshj-qx.global.ssl.fastly.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    35.169.33.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-33-119.compute-1.amazonaws.com
kibana-mkt.dafiti.com.br
3    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.121.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-152.fra60.r.cloudfront.net
d34e3zwe3zzpan.cloudfront.net
4    2.23.209.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-20.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
5    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.251.189.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-189-55.eu-west-1.compute.amazonaws.com
pond.datajet.io
3    99.84.88.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-7.muc50.r.cloudfront.net
script.hotjar.com
4    34.120.4.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.4.120.34.bc.googleusercontent.com
eum-orange-saas.instana.io
49    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
32    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.480app.com
1    18.198.118.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-118-250.eu-central-1.compute.amazonaws.com
colrep.sitelabweb.com
7    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    34.246.79.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-79-42.eu-west-1.compute.amazonaws.com
session.sitelabweb.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
54    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
r.casalemedia.com
ssum-sec.casalemedia.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
7    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
12    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
2    62.144.160.15 (Düsseldorf, Germany)

ASN12312 (ECOTEL, DE)
ssl.hurra.com
3    18.196.255.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-255-22.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    52.28.232.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-232-169.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.76.65.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-65-236.eu-west-1.compute.amazonaws.com
r.scoota.co
3    2600:9000:20c3:2c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    34.242.172.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-172-162.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
22    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    35.159.45.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-45-56.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    54.229.40.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-40-109.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.69.141.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-141-119.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:92b3:de3:12af:b1c1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    52.51.50.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-50-145.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
12    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
assets.ad4m.at
2    18.132.62.161 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
track.webgains.com
1    54.154.227.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-227-90.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net
analytics.webgains.io
2    18.155.129.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-28.cdg52.r.cloudfront.net
cdn.track.production.webgains.team
1    3.13.159.91 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-159-91.us-east-2.compute.amazonaws.com
s.thebrighttag.com
4    35.176.156.184 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
90 dafiti.com.br
dafitistatic.dafiti.com.br — Cisco Umbrella Rank: 248813
static.dafiti.com.br — Cisco Umbrella Rank: 292199
kibana-mkt.dafiti.com.br — Cisco Umbrella Rank: 347484
2 MB
87 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
ade.googlesyndication.com Failed
511 KB
83 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337
ad.doubleclick.net — Cisco Umbrella Rank: 165
328 KB
34 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 32812
ad4m.at — Cisco Umbrella Rank: 10585
assets.ad4m.at — Cisco Umbrella Rank: 43177
729 KB
27 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
ssl.google-analytics.com — Cisco Umbrella Rank: 427
87 KB
25 dynamicyield.com
st.dynamicyield.com — Cisco Umbrella Rank: 7108
cdn.dynamicyield.com — Cisco Umbrella Rank: 7455
async-px.dynamicyield.com — Cisco Umbrella Rank: 7070
64 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 723
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
sslwidget.criteo.com — Cisco Umbrella Rank: 1726
widget.us.criteo.com — Cisco Umbrella Rank: 18228
dis.criteo.com — Cisco Umbrella Rank: 575
22 KB
14 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3686
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
2 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
2 MB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
3 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
397 KB
7 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1255
criteo-sync.teads.tv — Cisco Umbrella Rank: 1927
1 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
r.casalemedia.com — Cisco Umbrella Rank: 1339
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
5 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 417
8 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21135
api.webgains.io — Cisco Umbrella Rank: 56810
63 KB
6 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178
static-de.ad4mat.net — Cisco Umbrella Rank: 183763
11 KB
6 fastly.net
wkxppshj-qx.global.ssl.fastly.net — Cisco Umbrella Rank: 36765
322 KB
6 gstatic.com
fonts.gstatic.com
131 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 373
110 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
2 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6080
adservice.google.de — Cisco Umbrella Rank: 9037
1 KB
5 instana.io
eum.instana.io — Cisco Umbrella Rank: 6990
eum-orange-saas.instana.io — Cisco Umbrella Rank: 4921
10 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
2 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
339 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
r.turn.com — Cisco Umbrella Rank: 3335
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
975 B
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 436
644 B
4 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 2365
2 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 715
101 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 633
script.hotjar.com — Cisco Umbrella Rank: 793
112 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2082
ad.360yield.com — Cisco Umbrella Rank: 644
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
cm.adform.net — Cisco Umbrella Rank: 1155
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 713
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
3 KB
3 sitelabweb.com
colrep.sitelabweb.com — Cisco Umbrella Rank: 8070
session.sitelabweb.com — Cisco Umbrella Rank: 32770
878 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
75 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 343
13 KB
3 confi.com.vc
analytics-stamp.confi.com.vc — Cisco Umbrella Rank: 379472
cdn.confi.com.vc — Cisco Umbrella Rank: 326912
4 KB
3 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 189627
27 KB
3 kanui.com.br
kanui.com.br
www.kanui.com.br
static.kanui.com.br
65 KB
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947
30 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44502
4 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4604
745 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
2 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 694 Failed
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 34563
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
1 KB
2 hurra.com
ssl.hurra.com — Cisco Umbrella Rank: 85080
527 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
187 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1806
269 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 58728
365 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 91562
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 78256
435 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 80054
261 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16768
704 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 601
338 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
574 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44088
608 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
464 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2169
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4221
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 33513
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2297
398 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 737
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1306
885 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2616
274 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
235 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 358
140 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1288
99 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
360 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 599
793 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
542 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
872 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2889
104 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 607
187 B
1 480app.com
cdn.480app.com — Cisco Umbrella Rank: 8955
328 B
1 datajet.io
pond.datajet.io — Cisco Umbrella Rank: 271147
250 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 cloudfront.net
d34e3zwe3zzpan.cloudfront.net
11 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
3 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3590
11 KB
1 compreconfie.com.br
selo.compreconfie.com.br — Cisco Umbrella Rank: 223539
2 KB
528 89
Domain Requested by
76 dafitistatic.dafiti.com.br www.kanui.com.br
static.dafiti.com.br
www.googletagmanager.com
54 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
47 pagead2.googlesyndication.com eum.instana.io
tpc.googlesyndication.com
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
www.kanui.com.br
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.kanui.com.br
25 www.google-analytics.com www.kanui.com.br
www.googletagmanager.com
www.google-analytics.com
eum.instana.io
22 async-px.dynamicyield.com cdn.dynamicyield.com
eum.instana.io
13 static.dafiti.com.br www.kanui.com.br
static.dafiti.com.br
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
www.kanui.com.br
as.ad4m.at
ad4m.at
12 s0.2mdn.net www.kanui.com.br
googleads.g.doubleclick.net
s0.2mdn.net
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
11 www.google.com tpc.googlesyndication.com
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
www.kanui.com.br
10 assets.ad4m.at as.ad4m.at
9 googleads.g.doubleclick.net www.googletagmanager.com
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 x.bidswitch.net 7 redirects
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.kanui.com.br
8 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 securepubads.g.doubleclick.net www.googletagservices.com
eum.instana.io
www.kanui.com.br
8 www.googletagservices.com www.kanui.com.br
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
7 gum.criteo.com 5 redirects static.criteo.net
6 dis.criteo.com 2 redirects 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
6 wkxppshj-qx.global.ssl.fastly.net www.kanui.com.br
eum.instana.io
wkxppshj-qx.global.ssl.fastly.net
6 fonts.gstatic.com fonts.googleapis.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ups.analytics.yahoo.com 4 redirects
5 match.adsrvr.org 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 api.webgains.io analytics.webgains.io
4 ap.lijit.com 4 redirects
4 image6.pubmatic.com 4 redirects
4 onetag-sys.com 2 redirects 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
4 us-u.openx.net googleads.g.doubleclick.net
4 eum-orange-saas.instana.io eum.instana.io
4 us.creativecdn.com 3 redirects
4 analytics.tiktok.com www.kanui.com.br
analytics.tiktok.com
3 static-de.ad4mat.net as.ad4m.at
3 prod-rtb.ad4mat.net www.kanui.com.br
3 ssbsync.smartadserver.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
3 pixel.rubiconproject.com 2 redirects
3 s.ad.smaato.net 3 redirects
3 pm.w55c.net 3 redirects
3 script.hotjar.com static.hotjar.com
script.hotjar.com
3 www.google.de
3 static.criteo.net www.googletagmanager.com
dafitistatic.dafiti.com.br
eum.instana.io
3 bat.bing.com www.kanui.com.br
bat.bing.com
3 cdn.privacytools.com.br www.kanui.com.br
eum.instana.io
2 cdn.track.production.webgains.team as.ad4m.at
track.webgains.com
2 analytics.webgains.io track.webgains.com
2 ad.doubleclick.net 2 redirects
2 track.webgains.com as.ad4m.at
2 sync.1rx.io 2 redirects
2 pool.admedo.com 2 redirects
2 s.tribalfusion.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 dpm.demdex.net 1 redirects
2 secure.adnxs.com 1 redirects
2 sync.search.spotxchange.com googleads.g.doubleclick.net
2 match.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 um.simpli.fi 2 redirects
2 r.turn.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 r.scoota.co 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 ssl.hurra.com 1 redirects 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
2 mug.criteo.com
2 session.sitelabweb.com eum.instana.io
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 stats.g.doubleclick.net eum.instana.io
www.googletagmanager.com
2 ssl.google-analytics.com www.kanui.com.br
2 www.googletagmanager.com www.kanui.com.br
www.googletagmanager.com
2 cdn.dynamicyield.com st.dynamicyield.com
dafitistatic.dafiti.com.br
2 cdn.confi.com.vc selo.compreconfie.com.br
www.kanui.com.br
2 fonts.googleapis.com www.kanui.com.br
securepubads.g.doubleclick.net
1 s.thebrighttag.com
1 pv.medialead.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.awin1.com as.ad4m.at
1 beacon.krxd.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 r.casalemedia.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 contextual.media.net
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 dclk-match.dotomi.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 colrep.sitelabweb.com wkxppshj-qx.global.ssl.fastly.net
1 cdn.480app.com wkxppshj-qx.global.ssl.fastly.net
1 bidder.criteo.com eum.instana.io
1 pond.datajet.io eum.instana.io
1 region1.analytics.google.com www.googletagmanager.com
1 www.facebook.com
1 d34e3zwe3zzpan.cloudfront.net www.kanui.com.br
1 kibana-mkt.dafiti.com.br www.googletagmanager.com
1 connect.facebook.net www.kanui.com.br
1 static.hotjar.com www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 analytics-stamp.confi.com.vc selo.compreconfie.com.br
1 st.dynamicyield.com www.kanui.com.br
1 static.kanui.com.br www.kanui.com.br
1 selo.compreconfie.com.br www.kanui.com.br
1 eum.instana.io www.kanui.com.br
1 www.kanui.com.br
1 kanui.com.br 1 redirects
0 ade.googlesyndication.com Failed securepubads.g.doubleclick.net
528 130
Subject Issuer Validity Valid
*.kanui.com.br
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-05-30 -
2023-06-23		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-17 -
2023-11-17		 a year crt.sh
*.dafiti.com.br
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-05-30 -
2023-06-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
selo.compreconfie.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-07 -
2023-09-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-01 -
2023-09-01		 a year crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-17		 8 months crt.sh
*.confi.com.vc
Go Daddy Secure Certificate Authority - G2		 2022-09-05 -
2023-10-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.dwin1.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-12-01		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-04 -
2023-06-02		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-05 -
2024-03-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
dafiti.com.br
Amazon RSA 2048 M01		 2023-03-01 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.datajet.io
Amazon RSA 2048 M02		 2023-02-09 -
2023-11-01		 9 months crt.sh
*.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
cdn.480app.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-25 -
2024-05-26		 a year crt.sh
*.sitelabweb.com
Go Daddy Secure Certificate Authority - G2		 2023-03-13 -
2024-04-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-27		 6 months crt.sh
itm.ivitrack.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-02-11 -
2023-08-04		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pv.medialead.de
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 42 frames:

Primary Page: https://www.kanui.com.br/
Frame ID: 3B3AB14A15DF3B0FC4A125DC0381659B
Requests: 227 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A3BA3C6C553CBD5AE31A11BDA19C32C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2169D1C23CF84BE52155C96578694432
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DE8C7458FB42132D4F76F4528E6AD44
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kanui.com.br&origin=onetag
Frame ID: 7405EA86BDED595895452E70047E892A
Requests: 2 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92D5E803ED3B1D019A627BEB866CF0F3
Requests: 21 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEDDC61A6B87EF370B496CCA68BF11D6
Requests: 19 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C87619283EBE1D1D5567CD523A6E6644
Requests: 19 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F4D9571508DCAB7A38A5B8EA880EF92
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Frame ID: C856BBC504D024462E3F26599B37FC4B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Frame ID: A2FB47EA30CCC1F4C524ED53E56DF257
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Frame ID: 0D7A888B6E564A61BDC1F756825CD4CB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNUr7q0sKWNtPEm8wv1nQVow1HELegdLzuLGMEFsMqK_d8AAF7GMgl3sPORhHjAyUh1wcno43Y0aNHYAH8UNmWTocDz5gykXF4VIX_i1Ya6FGHmuaoPHnTMI-zYK8dyEI2AbCHmuhrJ1cIrmykqqwCfV1oTQ7LiTeHgMpiwU_WGVtxLb0t8
Frame ID: FDD3C174B7CECE596820A68C4CC58E3F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27D97F54EA89E398726F0BD07A8F7380
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87357F0E6A7D0F1EDA4BDACEBF26410E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/795616883461662477/index.html
Frame ID: 0D3ABE385DB6B43C9128166EAC7205E7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2578F1AEC0475F6FBA52ACC336E9E358
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 36A2E0CBE2F4F0C1E8C700757F55C39A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9C3DF17B4F840085C05E1B58BABB062
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB7D594EC70634C295F444D9E42E79B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7BA8A34443EEAF36A854EB1A0381A40
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F815BF4B12F9E218E39E4ADC4406FA1
Requests: 3 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DB5808AB0647349D553E38DCBE4259C4
Requests: 9 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F27B3CE9E69AB8A5E89FD2020C14B03E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Frame ID: CFB85E2948887C96B2E2C8BB4787281F
Requests: 16 HTTP requests in this frame

Frame: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5FF3310D5A32B37F8B638F0F901BFFDE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Frame ID: D90D5F59E869B0D67C52ABCE91698A55
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCCE00AE30121CBD6E007C2F31097809
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrYN9N9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTqAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdCMAsEWxDO2R7IaevMrJ3Wtpg2aatYi5f20MpDXW1vzh4YgeDV2aOAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDMxNjcwMzMwMTY4NDMxGIvcKQ&sigh=qehzd28wWcc&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB
Frame ID: 21D7910CA366616E4F52B6181ACAA65D
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Frame ID: 3B65A6B2AF7A0000FF6CA1964211B2A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE3518E9E82AE9206F98558C3F1AC32C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce_buN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTqAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXxD-0V0kH_vGwDDFlhO5I6yrYjhyh2N3_ygE7vbmCQhbOnvAUuvKOAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDMxNjcwMzMwMTY4NDMxGIvcKQ&sigh=O5khwPf3AHo&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB
Frame ID: 0DB951C707FDC40CED19D6DC9ECA4273
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Frame ID: 62180F7D3928B9B302D0D35C76130059
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D9019BA1C2582BB2A1618C25B8F6A4B
Requests: 9 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vn365pUuDIvj1rJgGNe3Ji3-78Gq_pn8YJ7BwA&expires=30
Frame ID: BFCCC1B3A233602000C05E0CEB1A99F6
Requests: 27 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5B9E7C60FF2013D8BBCCEB1ED2B639AF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4BD47D995171F8D56984CAF7CDEA558E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0C23862E44B0F53725863FF7B9E5E56B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kanui.com.br
Frame ID: 08F27B9018430A99DC75CEF73D9DE1A5
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Frame ID: A7A7A02F892DF9C99A0DE105EABC5DF1
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Frame ID: 7E3FC1B5315D54B49E0B38D272086B8C
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Frame ID: 3BEC8957375F4A2E7BE74F166C3367AA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kanui | Ofertas - Tênis, Roupas Esportivas, Acessórios e Mais.FavoritosCarrinho

Page URL History Show full URLs

  1. https://kanui.com.br/ HTTP 301
    https://www.kanui.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

528
Requests

86 %
HTTPS

34 %
IPv6

89
Domains

130
Subdomains

99
IPs

12
Countries

7219 kB
Transfer

14611 kB
Size

116
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kanui.com.br/ HTTP 301
    https://www.kanui.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 135
  • https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744 HTTP 302
  • https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744&tc=1
Request Chain 136
  • https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956745 HTTP 302
  • https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956745&tc=1 HTTP 302
  • https://ib.adnxs.com/setuid?entity=315&code=wWw3OmlSP68Q3gDfthnD HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DwWw3OmlSP68Q3gDfthnD
Request Chain 219
  • https://gum.criteo.com/sid/json?origin=onetag&domain=kanui.com.br&sn=ChromeSyncframe&so=0&topUrl=www.kanui.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1xIACXxMWDltQlVjSnFPYjJsZlIvZC9aTVNZTW1UN2NIMVN1RUd1V0x1ZE9sNUlSVlJBVmtlTUgwa2d4dTdGb2F2dmlxbmgxUEY0WjBqWXpjQlZVMUxZSmRNWmkrQkNsYjh3MTlyOG5iTzhaT29tdll1TGNiT1JtbG1iMDVVZTN3dE04bWYwMndxSFNKNnE2angzSThNT1BYT1hGM3RjN0lxVnAwdUp5TWhKTWlicVZ2WEZJbXI5TXAxYzJORVliekVDQk1GVEZiTmFSS2JGNmMzMndNRXpJMFpTdGtBMDlGV2J5dW11ZnRGbktYOFdyNi9TaVhrME9FMi9LMlMwMmd0M1g2UXFhT2hEYytCbTZUdFJUcGIxNE9OUT09fA&cppv=2
Request Chain 223
  • https://sslwidget.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMkZwNEpMS3VUSkRWemN1blpsbWQ2QWppTllxajF0cFlkZVdFdnVLTFFoM21yME5INnhhTTF0OFhFOHNEYUYyblA0JTJGYkNQUDhicDFEVXd6dmElMkYwZjdEMk50a21JTlBSZ2tza0YwZkR1M0ElM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&ceid=4cbd45de-d677-464b-9bba-b5221c893916&dtycbr=13266 HTTP 302
  • https://widget.us.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMkZwNEpMS3VUSkRWemN1blpsbWQ2QWppTllxajF0cFlkZVdFdnVLTFFoM21yME5INnhhTTF0OFhFOHNEYUYyblA0JTJGYkNQUDhicDFEVXd6dmElMkYwZjdEMk50a21JTlBSZ2tza0YwZkR1M0ElM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&ceid=4cbd45de-d677-464b-9bba-b5221c893916&dtycbr=13266
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&C=1
Request Chain 262
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZG-aNnyM0A68dk65JTbT.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&google_hm=2
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPu-jsP4PS4I4lLUymg5QV0&google_cver=1
Request Chain 264
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
Request Chain 310
  • https://ssl.hurra.com/pvs.gif?cid=397&tid=37148 HTTP 302
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=397&tid=37148
Request Chain 313
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-sM-1rInw7OrW3nPYTEB58CPSmDiL5-bCc30mgdoAVjSYDON7tqxsO HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-sM-1rInw7OrW3nPYTEB58CPSmDiL5-bCc30mgdoAVjSYDON7tqxsO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-sM-1rInw7OrW3nPYTEB58CPSmDiL5-bCc30mgdoAVjSYDON7tqxsO
Request Chain 316
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEONUw5YsPPx6cEb5QG-VHSs&google_cver=1&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4ZzWNFJsvu965ZK0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4ZzWNFJsvu965ZK0
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGNt8cnshYVylW4Zn2M5gzfCqK-u0PkFipUlLm6R7LgoI_8NXP0Ijbt7PA_5L3hgRVM58VC7aoDbrATknvpSDfCdjBYKBoE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGNt8cnshYVylW4Zn2M5gzfCqK-u0PkFipUlLm6R7LgoI_8NXP0Ijbt7PA_5L3hgRVM58VC7aoDbrATknvpSDfCdjBYKBoE HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7c4039ce-9a2f-46c6-bcb1-76c57765fcdd&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Request Chain 318
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHuie7ciyvJhmxsR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHuie7ciyvJhmxsR
Request Chain 319
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENd7xgTJ0IRACYO78rCVfaw&google_cver=1&google_push=ATf1kGMC-P6g0W9I1U5Zc_wzgO2BROJSVPJ31xqv0u9vHA95vm_QpUJOvLpRt2OQB3Y5nhJP9oo_u00urOHVdYypxvLjLA0iAuaHZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMC-P6g0W9I1U5Zc_wzgO2BROJSVPJ31xqv0u9vHA95vm_QpUJOvLpRt2OQB3Y5nhJP9oo_u00urOHVdYypxvLjLA0iAuaHZg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 332
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1&google_push=ATf1kGNRUruIfP0bsy4RMN2mJdhnCDhKvD4G-v2JfsBqZxpmH4z23IEyeQlNWdxUSUUKEC4h6USIDethQEcITLOnXb5vZrMORr1R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMDM1ODc5ODcxMzIyMDQwNA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
Request Chain 333
  • https://um.simpli.fi/gp_match?google_gid=CAESEFd6Cua9mxWNl-sUdA0348A&google_cver=1&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yhUN_rNC3KpG8qj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yhUN_rNC3KpG8qj
Request Chain 334
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Request Chain 335
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN0kt8tD0BlGpfbvyItC878&google_cver=1&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHUacdnA_6uPwCqFRV0-nku HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN0kt8tD0BlGpfbvyItC878&google_cver=1&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHUacdnA_6uPwCqFRV0-nku HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk4NzU3NzQ5Mzc5NDI2MDUyOQ&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHUacdnA_6uPwCqFRV0-nku
Request Chain 336
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_push=ATf1kGObQg9xR_qt-9tzbIlUONs04EK9CZrk68OKiHjm-eokUL-l2MFzVCLSoIfApfZJhB0M0mQGcpfTV7_9wPnbSXHOuN5AEQhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 337
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELc90NDWinY0W0Xlb274wxE&google_cver=1&google_push=ATf1kGOFEwCBXMPWRbCQfi8WyHo3NeC9aganC79ru6HDCHEwR5KQfEoBGz0pjVcHlLH7sQ3V392BV_vq2nl5E5VF1w_jx3tBMymB HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELc90NDWinY0W0Xlb274wxE&google_cver=1&google_push=ATf1kGOFEwCBXMPWRbCQfi8WyHo3NeC9aganC79ru6HDCHEwR5KQfEoBGz0pjVcHlLH7sQ3V392BV_vq2nl5E5VF1w_jx3tBMymB&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q4EsL34TTIqwQ2PJ4k87KQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOFEwCBXMPWRbCQfi8WyHo3NeC9aganC79ru6HDCHEwR5KQfEoBGz0pjVcHlLH7sQ3V392BV_vq2nl5E5VF1w_jx3tBMymB
Request Chain 338
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM8GqwkiLiwHaFduxfIpsao&google_cver=1&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj8sthpiJy_eg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj8sthpiJy_eg
Request Chain 342
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEONUw5YsPPx6cEb5QG-VHSs&google_cver=1&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uVDwBdT5nBxKaCo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uVDwBdT5nBxKaCo
Request Chain 343
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_push=ATf1kGOkoNM0zHOBjJSvGf2hx7U2MPCCNxL6IMNlw3q4HJQWZpnx-6h4Uja7xFZlL9Z3p_oXrqHdyGG3s4K6nbI0jMIB7yLuSVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 344
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECTVIHFF1BtfZHgmNWVQfB4&google_cver=1&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaLce7Xd5PCrrQgTyC5zLuqfhGs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIMFItMVktQkxOSA==&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaLce7Xd5PCrrQgTyC5zLuqfhGs
Request Chain 345
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOckTN-MLYcRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOckTN-MLYcRw
Request Chain 346
  • https://match.360yield.com/match/ebda?google_gid=CAESEGwgomYJaVKvqfG09Qspi9I&google_cver=1&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_XsccVjk HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGwgomYJaVKvqfG09Qspi9I&google_cver=1&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_XsccVjk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6cS6z1OKS_SxPyC_xEGgMw&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_XsccVjk
Request Chain 349
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIQ6d8qkz42bta60mbBkpmg&google_cver=1&google_push=ATf1kGM7NojlavCV9QKEMO5doR3DpFM1NKS6Z4nvoSxkVp8TedOjVC6hGQt6n34cneqVPX9X7PsFufVyYsuf2MgYVABh9RtDp1TI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIQ6d8qkz42bta60mbBkpmg&google_push=ATf1kGM7NojlavCV9QKEMO5doR3DpFM1NKS6Z4nvoSxkVp8TedOjVC6hGQt6n34cneqVPX9X7PsFufVyYsuf2MgYVABh9RtDp1TI
Request Chain 351
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELc90NDWinY0W0Xlb274wxE&google_cver=1&google_push=ATf1kGOCmadrPCikJaMdz2Tqq_wDBvT7zyAqT2RZ26nSR7YdB7PwTpJFtrQeE2VOTkUd73EWV93h8Yuo1nYeNtyqaUUC4TTo27Id HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELc90NDWinY0W0Xlb274wxE&google_cver=1&google_push=ATf1kGOCmadrPCikJaMdz2Tqq_wDBvT7zyAqT2RZ26nSR7YdB7PwTpJFtrQeE2VOTkUd73EWV93h8Yuo1nYeNtyqaUUC4TTo27Id&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OOy96hfSMmejI20dTE1kw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOCmadrPCikJaMdz2Tqq_wDBvT7zyAqT2RZ26nSR7YdB7PwTpJFtrQeE2VOTkUd73EWV93h8Yuo1nYeNtyqaUUC4TTo27Id
Request Chain 352
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Request Chain 353
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOWK7LLmkc5dNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOWK7LLmkc5dNw
Request Chain 355
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2GdCYlUWXvmz3do72SMFhyeITNGh HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2GdCYlUWXvmz3do72SMFhyeITNGh&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2GdCYlUWXvmz3do72SMFhyeITNGh
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDNgJvJ4aClw0XbU47u7K0M&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDNgJvJ4aClw0XbU47u7K0M&google_cver=1&__user_check__=1&sync_id=6652f1ea-fb47-11ed-afdf-1a377c5d0406
Request Chain 372
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=6650b2e1-fb47-11ed-a1ff-1eddb0c50406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjY1MGIyOTAtZmI0Ny0xMWVkLWExZmYtMWVkZGIwYzUwNDA2
Request Chain 373
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rb1JKc3VWRTJ1RTM4OTJRUFpHRUpQb3lIdTQ3bzNER35B
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_cm&google_hm=ay1HYlFtbEpVdURJdmoxckpnR05lM0ppMy03OEVoZEIzSHgxdHlnQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_ula=913071,0
Request Chain 431
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7569285522747727775
Request Chain 444
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8
Request Chain 454
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1&google_push=ATf1kGN1F_BGfxAVHvOjNg-R6p5knTfkz29mk-JsJaKG3UhZEo9YtUev6wagupobIrdYPK9X7I2Yo7GeDl-rd7lkI9uYskxraFnI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMDM1ODc5ODcxMzIyMDQwNA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
Request Chain 455
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPTU1je-c_z036ec7uAysri68PXsMaQVEWGZmZaXGTHa8CLnV8Kc960D4rQCSOevZMBbbzfX8i9QIUhL1apwryR5u2tzgfz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPTU1je-c_z036ec7uAysri68PXsMaQVEWGZmZaXGTHa8CLnV8Kc960D4rQCSOevZMBbbzfX8i9QIUhL1apwryR5u2tzgfz
Request Chain 456
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 457
  • https://um.simpli.fi/gp_match?google_gid=CAESEFd6Cua9mxWNl-sUdA0348A&google_cver=1&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaaUFWjAu9B9SRt8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaaUFWjAu9B9SRt8
Request Chain 459
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGOrwO2f9jjl4zhS4ZpK9qMvJ01ME6jMYjX14S32uHVjJPmcgTIlmCbR--bIZ9m5M5gH5RBpwf0YHqa6TYcMVnZagvlq_pk HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1353dea7-8c1b-4151-98b4-2a13c53fee88 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1353dea7-8c1b-4151-98b4-2a13c53fee88 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3f498af8-6378-4cfa-8e4d-200a7ce996ae&user_group=1&ssp=google&bsw_param=1353dea7-8c1b-4151-98b4-2a13c53fee88 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Request Chain 460
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEXKmEXvdUwT96LxqHsMN34&google_cver=1&google_push=ATf1kGNMHz6O9ZuWhjE--QtVQM9-p8gcEaKR4dJ3rerZKAniewSkGqEdYSX01giF2P3aeIM3OMfVnRQ5qam-_ZaGUi86GEdfSrKXQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNMHz6O9ZuWhjE--QtVQM9-p8gcEaKR4dJ3rerZKAniewSkGqEdYSX01giF2P3aeIM3OMfVnRQ5qam-_ZaGUi86GEdfSrKXQg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 463
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Request Chain 466
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECTVIHFF1BtfZHgmNWVQfB4&google_cver=1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2bIgB3NdZdqgPkNDORQNyKeHwE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIUzctUC1HSVE1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2bIgB3NdZdqgPkNDORQNyKeHwE
Request Chain 468
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn2ksDjGjIGS2s3jQkDBgZfpThQCmSS9-12TMAv4Y5ftqY0-d64y9pgpTyvmPFQ-rc6MBBl6V3xnL52iDukutLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn2ksDjGjIGS2s3jQkDBgZfpThQCmSS9-12TMAv4Y5ftqY0-d64y9pgpTyvmPFQ-rc6MBBl6V3xnL52iDukutLg
Request Chain 472
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBN0N05MiH0EiTlr8Zekf-k&google_cver=1&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5NSEUtbvcqpa5XBdK_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5NSEUtbvcqpa5XBdK_&google_hm=VZmDpI7rSH6_C4hVn-8yqig
Request Chain 473
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_cver=1&google_push=ATf1kGMkY4xqEAF7h-Bj303RR3OV8QgMMbAlNgI1-sTTGMei-_ncmywCz1eU63SXnwxRzRsOtE0uje6DHWnZKDYvmCD0ebIMbZY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_hm=ZG_aNnyM0A68dk65JTbT-QAAFLAAAAIB&google_nid=index&google_push=ATf1kGMkY4xqEAF7h-Bj303RR3OV8QgMMbAlNgI1-sTTGMei-_ncmywCz1eU63SXnwxRzRsOtE0uje6DHWnZKDYvmCD0ebIMbZY
Request Chain 474
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGt0Bx_6_6-WlCxEDB73KOw&google_cver=1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1685051960433 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-db9aaaef-acd7-4a32-bd28-01267cab7894-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R%26google_hm%3DA9uaqu-s10oyvSgBJnyreJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&google_hm=A9uaqu-s10oyvSgBJnyreJQ
Request Chain 476
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Nio7dobVtQEcsWP7PcysxwSnPIQnoJ2nC1ghPKGKze8rm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Nio7dobVtQEcsWP7PcysxwSnPIQnoJ2nC1ghPKGKze8rm
Request Chain 477
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENd7xgTJ0IRACYO78rCVfaw&google_cver=1&google_push=ATf1kGNNRDXFj4BGHh1XcpTIjGg3Ja1hzqStty3dfUWl_0IUvJIcUUqQnvChilXQSsIJavHHzIv58Ft5-943qbv8CQ4jq-DGgd4h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNNRDXFj4BGHh1XcpTIjGg3Ja1hzqStty3dfUWl_0IUvJIcUUqQnvChilXQSsIJavHHzIv58Ft5-943qbv8CQ4jq-DGgd4h HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 514
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ujj0S0rpsxExmiLebZWo5wKGSOxow3Uq
Request Chain 521
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COnsuNy7kf8CFZ6g_QcdHoIAtg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Request Chain 525
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kanui.com.br&sn=ChromeSyncframe&so=3&topUrl=www.kanui.com.br&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMkZwNEpMS3VUSkRWemN1blpsbWQ2QWppTllxajF0cFlkZVdFdnVLTFFoM21yME5INnhhTTF0OFhFOHNEYUYyblA0JTJGYkNQUDhicDFEVXd6dmElMkYwZjdEMk50a21JTlBSZ2tza0YwZkR1M0ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RRSz4Xx3YnlEaWtORFBDb3h3WWhpOEZQdUJKbytjdGlVeEx6MzNiNFA3OHhLMDFuR1VCTVkrbGZia01WTmlwSVFUc01QS1FMR2JOMXJWOHNkWjRiUjdQMWFBMjhET2hHazR0WmdyM2pFWVBJRGpOb0s4K0hjTFRhc21RZUtDTzhNc3duK2pSdi9rU0h5ZVEzWGFBSWZ3bWcya0JOSDRLcG1vdVgvSTV5ekJUMktKWUNkUFVqeml0V2pRc0FhUXJPN0w1M2xjMkx5ZTg1ZlFTT1VwbkhPQ3JyS2Z1dXlxcTNLNFgrcDRRSkFYRDZHT3doMjFEakRaRXF4YWlHRTZNSWp2dmhEOTkwMmpPTzVReUw4TGRhdmNreTB0UT09fA&cppv=2
Request Chain 530
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8I6pri-sHlHlyGCQzNsP1jaaYVQvySbk

528 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kanui.com.br/
Redirect Chain
  • https://kanui.com.br/
  • https://www.kanui.com.br/
145 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
7b40556d690b0e55ffa60252fed11640ca71c47e8c3869d4062a02034b62c0d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 May 2023 21:59:12 GMT
expires
Thu, 25 May 2023 22:59:12 GMT
server
nginx
server-timing
intid;desc=1b0f6e0664ab2db2
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-host
kanui.com.br
x-message-id
ip-10-100-2-134-1685051952.818-598
x-server
ip-10-100-2-134
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

content-length
134
content-type
text/html
date
Thu, 25 May 2023 21:59:11 GMT
location
https://www.kanui.com.br:443/
server
awselb/2.0
eum.min.js
eum.instana.io/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04857d263d127bca083f9036ffcb2c030cd12b943cf4cde1a71daf4da22fcdde

Request headers

Referer
https://www.kanui.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
etag
937898923--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
7cd10b528c0591d8-FRA
api_dynamic.js
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/ 		692 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/api_dynamic.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02fe7308e0ee7cc71de18579ddb4df59565d142823828888164ac0a99fa6c0ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
x-amz-version-id
m43Jc6ultSbX8GxC.AWeTyTkhM6TRfpN
content-encoding
gzip
last-modified
Thu, 25 May 2023 21:54:10 GMT
server
AmazonS3
x-amz-request-id
DVMJ300VFTXG3VBJ
etag
W/"da3ad50bff42f7b896f78921c9caf480"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-ctime
1685051649
x-amz-meta-gid
1001
x-amz-meta-uid
1001
x-amz-id-2
0/7OLA7XUhA+e45fiTLXsvRyOOAvfwcQwki/+Q1PEOQtya9f/GNOELQIBzxnoMvkvTY//hULvD0=
x-amz-meta-mtime
1685051649
api_static.js
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/api_static.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4aaabc3e1be879800a6945b987e4b758997f364931108cb80580d66b08590802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
x-amz-version-id
8tT0cF5cC3Ra1e9hpnVzI2.tFkdZGJOF
content-encoding
gzip
last-modified
Wed, 10 May 2023 19:15:48 GMT
server
AmazonS3
x-amz-request-id
V6VMGH9R5T36X40N
etag
W/"512537cfa87ac18ee95703fdcc3728bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-ctime
1683746147
x-amz-meta-gid
1001
x-amz-meta-uid
1001
x-amz-id-2
jvZ75ttE3CA7cRapB8XFAlYiB8nOe7diwoDT1UZ+6OX7ihom0+tqtrirkNC2ydomyO4SlBkkMrY=
x-amz-meta-mtime
1683746147
prebid.js
dafitistatic.dafiti.com.br/prebid/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br/prebid/prebid.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
e920df2d72369d6d348a9216cde2ba6fd1c9fe0e3d93faa55e1b3acde4addaaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
content-encoding
gzip
via
1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Fri, 29 Jun 2018 21:35:38 GMT
server
nginx
x-amz-cf-pop
ZRH55-P1
etag
W/"5eabbbe957ce0a7d35da032ee51f4e31"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
6HNvsKzdCaLobwhutSTR6whBLb_dFqjwkNzJswrk2Dq2QNhoMv5kAA==
expires
Sun, 16 Apr 2023 12:29:52 GMT
index-2014-8326d3cb.css
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/ 		197 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
3ccc4fa5d4d468f0c2b4907e9010385f5d3483a9d70e2a71d6c16ac2deefc3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
gzip
via
1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Tue, 23 May 2023 08:16:56 GMT
server
nginx
x-amz-cf-pop
HAM50-C3
etag
W/"cf9d7e9ea995f175f1a86e5e7631ce60"
x-cache
RefreshHit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
JdeRVVudzRM2L4SsqFwMByL-GlSB1TovvpcJdYafgFxcRWkGJY-8bg==
expires
Sat, 24 Jun 2023 21:59:13 GMT
main-8fa3c7fa52.css
static.dafiti.com.br/css/kanui/ 		126 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dafiti.com.br/css/kanui/main-8fa3c7fa52.css?1685038785
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
01699e82e37c86d8af26229cace1927e8a7787840c514a44802ff1878f71ea61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
gzip
via
1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Wed, 24 May 2023 08:12:09 GMT
server
nginx
x-amz-cf-pop
HAM50-C3
etag
W/"0033aa8440c4a423d33ec2690aa1cb91"
x-cache
RefreshHit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
_GC7yJbP8w6KEKrfNwEE0P88LXN1Y4u8GlKKB_zB4L67hUZzwus20A==
expires
Sat, 24 Jun 2023 21:59:13 GMT
header-javascript.min-e8228339.js
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/header-javascript.min-e8228339.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
491826940e7f69544d4ad7d9692f7a3ad70bed2796ca7efed26316fea6ed73d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
gzip
via
1.1 9c0ce977a13f3d9bbc6eed6540faf728.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Fri, 14 Apr 2023 08:09:53 GMT
server
nginx
x-amz-cf-pop
ZRH55-P1
etag
W/"af66e3e695e4cca88c3c03f05efa618a"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
9177
x-amz-cf-id
d13cpZ9K5pi7_eUjgbu1gxv9aRP3I_LxK4DoD7t4Br9ZoXNoA9HkhQ==
expires
Sat, 24 Jun 2023 21:59:13 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20b642d6d84bdb3f22bd739729db385a9fb781779304e542003c2967cef98600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 21:54:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 21:59:13 GMT
logo-kanui.png
static.dafiti.com.br/images/kanui/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/images/kanui/logo-kanui.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
b9b90f5b0ab7d55d88ecc7fab5b8ac2a37ef20857cfae21327104667857bd525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3382
etag
"f14f560c9ee5467b70a7d41deb3568c24055c745"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
1624
expires
Sat, 24 Jun 2023 21:59:14 GMT
getData.js
selo.compreconfie.com.br/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selo.compreconfie.com.br/scripts/getData.js?sellerId=102462
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7da80713891021cc2787c767bc376d8029ed7087fb9c2b70acb4faea5dbd9dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
br
last-modified
Mon, 02 Jan 2023 18:21:59 GMT
x-azure-ref-originshield
0tsJvZAAAAADui7VoragGQbebvV7djniHRlJBMjMxMDUwNDE3MDM1AGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
content-md5
xB1x5xESRo1223eVQ1EIog==
etag
0x8DAECEE3CB1BF0D
x-azure-ref
0MdpvZAAAAABLoMoEQrQLSq9dpvWKgkD2RlJBMzFFREdFMDMxOQBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache
TCP_HIT
content-type
application/x-javascript
x-ms-request-id
7fc94d77-a01e-00a2-5146-8ff81b000000
x-ms-version
2009-09-19
1dcf6353e1eef__selo-eu-reciclo.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1dcf6353e1eef__selo-eu-reciclo.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
b52baea12d32e2e512df377c2bb4ef3ca1b633e7d5abed226dfaebb8450f8d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3295
etag
"0b4d557b5990e3356b284d6d4e5d8737df7a0db4"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1252
expires
Mon, 17 Apr 2023 12:08:55 GMT
15f6536f28fec__logo-kanui-footer.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/15f6536f28fec__logo-kanui-footer.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7e1247451eb92d2cd89b3fa5aa15d9983eed061e6e2c508a5ef166e7eca59805

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
2830
etag
"b1ae8e40b8f5b05a8206d0526734f64c7f41f8e8"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1398
expires
Thu, 13 Apr 2023 12:20:07 GMT
gfg-logo.png
static.kanui.com.br/cms/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kanui.com.br/cms/gfg-logo.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
1af4b0c0e13785b45fba4c149b03f3b68c0a3a93714f73b0d13fe61e718104f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
82402
etag
"e7fb4a016a252a19b9cdec00880c8414ddd64b56"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
30204
expires
Sat, 24 Jun 2023 21:59:14 GMT
1c8898362baad__facebook.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1c8898362baad__facebook.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
96f452c979bde4478c26318d9bfaafaa28f3bd8fa295918901bf4ba6dd96933c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4164
etag
"aab1614c2da787428f1a79b6371649446eb68125"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
3578
expires
Thu, 13 Apr 2023 12:20:07 GMT
22bc19454ff31__instagram.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		708 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/22bc19454ff31__instagram.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
2a3f84875353e59da6e4efb3b38bddb9d4e5d54dc0e8d10e4f872abb89d13e5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4430
etag
"3cc4fc056b46eac88b3e64580f9606a1d2144257"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
708
expires
Thu, 13 Apr 2023 12:20:08 GMT
15561876cbd26__twitter.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		560 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/15561876cbd26__twitter.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ff0c083a624d58fde02443e7587d9fa86bb0b192bba55065d4d4cfdf595988fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4253
etag
"19452d1ea64e732016a1bf555ca1d6b008f73eb3"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
560
expires
Mon, 17 Apr 2023 12:13:53 GMT
6an24182.css
cdn.privacytools.com.br/public_api/banner/style/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/style/6an24182.css?t=1
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ca3a72714106fdf040a115ac9e32c64a1a456e5c23a0d24e55bb748403292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 25 May 2023 12:52:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4KT7nWa84Xv2t7raupFjG309WQNB61%2FN%2F23QNQIQBL0xRywuYogUru8SGkCv4ydTaQQ88zaY2mVERGgOSS4TteSZXCG70wFDTQq5PhDvrJoNw%2FH3qpNfSLVsi9U2eK6WoAK%2FqgFxGqPs14%2B5gN2XoU25%2FHq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
7cd10b56e9342bf0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
6an24182.js
cdn.privacytools.com.br/public_api/banner/script/bottom/ 		131 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/script/bottom/6an24182.js?t=1
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7ddc9e1c6516cac534ecbbe4603921ae538259dd32eb225f50c0e59d4f1cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 May 2023 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIFrLb2HsIZljas9qaxYssfG%2Fvt0wthnabBtQIpF%2By0hH8MHNfsMdlyOshcQ7HvpmNYpqSWfdsiYYRsPcTswwXy%2BIOvosgQ7D3Y2K6vEP1%2B8Y790fdzlcvC19E9Tsnw2QXcWdjSazSMvHsCfBovQk85Dlkai"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
x-robots-tag
noindex
cf-ray
7cd10b595b862bf0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
st
st.dynamicyield.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8767638&inHead=true&id=0&jsession=&ref=&scriptVersion=1.171.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:3000:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec0e3ffe0b2711a6690c2451fe108e9c095c66c852a16229dec58422f778a56a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
content-encoding
gzip
via
1.1 f0c44fcb623b0b5d0059f8c13f9793b0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
5gh1KjbFbSVVhND5oeJqGCVK4ZOfpnE4iVr87cr26Ls_FoeLiPiZIg==
expires
Thu, 25 May 2023 21:59:13 GMT
102462
analytics-stamp.confi.com.vc/api/v1/stamp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics-stamp.confi.com.vc/api/v1/stamp/102462
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.128.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.kanui.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
14
Content-Type
application/json; charset=utf-8
Date
Thu, 25 May 2023 21:59:14 GMT
getData.css
cdn.confi.com.vc/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.confi.com.vc/styles/getData.css
Requested by
Host: selo.compreconfie.com.br
URL: https://selo.compreconfie.com.br/scripts/getData.js?sellerId=102462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
985e58230b45baac2febe13ac675118309e93e1686f5ce83634e5353b2f6c75b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 25 May 2023 21:59:13 GMT
content-encoding
br
last-modified
Mon, 02 Jan 2023 18:00:21 GMT
x-azure-ref-originshield
0o8JvZAAAAADlbiA3HG2oRqNgqQYjlWhoRlJBMjMxMDUwNDE3MDI3AGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
content-md5
slTBOvtoFRTXBXP3j606lA==
etag
0x8DAECEB372F1605
x-azure-ref
0MtpvZAAAAACqa/8UnDDjTpbMTmh/Gsj2RlJBMzFFREdFMDMxNwBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache
TCP_HIT
content-type
text/css
x-ms-request-id
3a1b5e90-c01e-0040-1846-8fc53a000000
x-ms-version
2009-09-19
102462
analytics-stamp.confi.com.vc/api/v1/stamp/ 		0
0
102462.png
cdn.confi.com.vc/reputation/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.confi.com.vc/reputation/102462.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
513c9970da610d44c22a541db6b61f657a0b90c771066811ad7760831b5da6ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 25 May 2023 21:59:13 GMT
last-modified
Thu, 25 May 2023 07:16:39 GMT
x-azure-ref-originshield
0esRvZAAAAADKap3Ebpj/T6MJSvfTxUY7RlJBMjMxMDUwNDE3MDMxAGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
content-md5
bJXcmLdiPUXgP6FGFEwm0Q==
etag
0x8DB5CEFFB92D472
x-azure-ref
0MtpvZAAAAACoQ5rk0PBbTJi2w8YbHVBfRlJBMzFFREdFMDMxNwBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache
TCP_HIT
content-type
image/png
x-ms-request-id
59bbb3e7-e01e-0068-7047-8fa492000000
x-ms-version
2009-09-19
content-length
3074
ka-sprite-desktop-1684915806973.png
static.dafiti.com.br/images/kanui/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/images/kanui/ka-sprite-desktop-1684915806973.png
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/css/kanui/main-8fa3c7fa52.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
8d9a2c365a3ccd375fbf6fedbd37a3b61019b901ef429085362e095721825415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.dafiti.com.br/css/kanui/main-8fa3c7fa52.css?1685038785
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
68166
etag
"e0d9effc7eda440c7da65bc112fbccf18da2b8ae"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
25156
expires
Sat, 24 Jun 2023 21:59:14 GMT
default_201869.png
static.dafiti.com.br/images/bootstrap/sprites/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/images/bootstrap/sprites/default_201869.png
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
bac18217eff428a695ca1b18b1a989a6ed411b354f773c11949ca58b820c6057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
39243
etag
"7d8a7551c91dde3df88e902448ad76dc368839cf"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
66738
expires
Sat, 24 Jun 2023 21:59:14 GMT
Roboto-Bold-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/Roboto-Bold-webfont.woff
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Request headers

Referer
https://static.dafiti.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
x-amz-version-id
null
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
content-length
24808
last-modified
Fri, 14 Apr 2023 08:09:53 GMT
server
nginx
etag
"8b18d65d6824460ad37616723e493bcd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.kanui.com.br
cache-control
max-age=604800
vary
Accept-Encoding, Origin
x-amz-cf-id
x9iqK2PwCIHiktohnizdj9mo3bHUcreAViyQrEzJL1AfJ2HK5x3bog==
expires
Sun, 23 Apr 2023 12:08:55 GMT
Oswald-Light.otf
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/fonts/Oswald-Light.otf
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/css/kanui/main-8fa3c7fa52.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
49d7201c3b4337a86357646a2db5cfcddcf79fa5a638f24b172821e560b9fb4c

Request headers

Referer
https://static.dafiti.com.br/css/kanui/main-8fa3c7fa52.css?1685038785
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
x-amz-version-id
null
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
content-length
25660
last-modified
Fri, 14 Apr 2023 08:09:53 GMT
server
nginx
etag
"4dfd3dfb06126e122600cf063048d5f2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.kanui.com.br
cache-control
max-age=600
x-amz-cf-id
Vs7crTu706VdW4AtqPG-T82Nt0i8E37jA9RJAqdOh9cxgdzD7vwPhA==
expires
Thu, 25 May 2023 22:09:14 GMT
Roboto-Regular-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/Roboto-Regular-webfont.woff
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

Referer
https://static.dafiti.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
x-amz-version-id
null
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 08:09:21 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"3e5675c89f974f7811eeaf07e2dd5ba3"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
access-control-allow-origin
https://www.kanui.com.br
cache-control
max-age=604800
content-length
25020
x-amz-cf-id
CJgusqwIbJI6ggjuiLmgYGaSqWaqUgOj5cFerD8k_Cj7pLXYgvJdsQ==
expires
Mon, 19 Dec 2022 21:02:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:13:59 GMT
x-content-type-options
nosniff
age
431115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 22:13:59 GMT
dafiticons_14e8ccccc5dcd089e4f3f583f659489d.woff2
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/dafiticons_14e8ccccc5dcd089e4f3f583f659489d.woff2
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
2211ff2fd5a69d2f222920ca8d1c6a14041806fdace4d702ab79c1d1e2428d91

Request headers

Referer
https://static.dafiti.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
x-amz-version-id
null
via
1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
content-length
15680
last-modified
Thu, 02 Mar 2023 08:05:47 GMT
server
nginx
etag
"c36f9bf6e1c31a6f2db3dcbaacfda177"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.kanui.com.br
cache-control
max-age=604800
vary
Accept-Encoding, Origin
x-amz-cf-id
iPqRLVZina1760pNkelYL89Ci7SzvkijLVSl4AxYLk9kgtJG1ebqTw==
expires
Sun, 12 Mar 2023 21:45:25 GMT
MuseoSans_700-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/MuseoSans_700-webfont.woff
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-8326d3cb.css?1685038785
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
74df85b4472f8037e7e4ea143f1443d8eca40a01591e698d900bf6b8a18b85c8

Request headers

Referer
https://static.dafiti.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
x-amz-version-id
null
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-cache
RefreshHit from cloudfront
content-length
33344
last-modified
Mon, 27 Feb 2023 07:17:30 GMT
server
nginx
etag
"49a5667e6bf445d549f34def603cd0f4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.kanui.com.br
cache-control
max-age=604800
vary
Accept-Encoding, Origin
x-amz-cf-id
PpPaA06P0Fv5b-SzXkREYLDkAFmQ9ooLZQFaxa0CCpSj7OPOnh5BCw==
expires
Sun, 12 Mar 2023 21:45:25 GMT
dy-coll-min.js
cdn.dynamicyield.com/scripts/1.171.0/ 		181 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8767638&inHead=true&id=0&jsession=&ref=&scriptVersion=1.171.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:5e00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
b289bac9b12392b4e1e20a187f10bc98e91025d0acb717e4f4e395af5b1d36d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:44:40 GMT
content-encoding
gzip
via
1.1 5b94f68b8669a909c688f32ce5942b2e.cloudfront.net (CloudFront)
last-modified
Sun, 30 Apr 2023 15:05:19 GMT
server
DYCDN
age
1523675
x-amz-cf-pop
CDG3-C2
etag
W/"df3549cbdf7611b2fde0f10f012951e5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
jPW5zLbmc3K5vcqdg0LM-7CusgfGikUWUk8hwr3kDrtq6A8tw29PAg==
uia
async-px.dynamicyield.com/ 		0
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1685051954545
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
qDmz-afKXmtZW85nR3xEGnLwBXPuUjmeqjSXMnNrBPss4HLY-uHiZg==
expires
0
731d4c06f83a6a9fb2a9f5e8afeef622.json
cdn.dynamicyield.com/variations/8767638/466965/10304425/ 		141 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/variations/8767638/466965/10304425/731d4c06f83a6a9fb2a9f5e8afeef622.json
Requested by
Host: dafitistatic.dafiti.com.br
URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/api_static.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:5e00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
ce6141070b094e2b86bc5576dc4b7e91ad38476dbfa30f3c8bc6871234f15c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 03:03:29 GMT
via
1.1 12b082104e9893409b9ae6386e88d350.cloudfront.net (CloudFront)
age
68146
x-amz-cf-pop
CDG3-C2
x-cache
Hit from cloudfront
content-length
141
last-modified
Tue, 08 Nov 2022 16:03:42 GMT
server
DYCDN
etag
"731d4c06f83a6a9fb2a9f5e8afeef622"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
jmtKbSTdUOQhh1XqMkaJnL38iSLUO2nfw1JD8avZLYpqMPpfR2PxDg==
1f174f3c786bf__truck.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		456 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1f174f3c786bf__truck.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
e58351697744d1b13c815ea2b37bc019176fa595a7a56ae74a4ab8ffa911dfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
807
etag
"016803cc110cc0b946b1b47f9e4d9c2400d73d76"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
456
expires
Mon, 06 Mar 2023 21:45:24 GMT
accd689fac38__exchange.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		364 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/accd689fac38__exchange.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
f65ffadacf83c8cd584861fdb443cb9daa4f4fde52325ecb3ed30dd39c700414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
515
etag
"e3f2601eb16acc49b509c770cf967f5531ea29da"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
364
expires
Mon, 27 Mar 2023 12:09:59 GMT
198053f540c3d__store.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		310 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/198053f540c3d__store.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
963682b6480c487be0f00e54a32989eddc38611839c1ba052d541d8f9d5532f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
536
etag
"53e177f23f302bab0bb736a45353fbf8270a7a44"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
310
expires
Thu, 13 Apr 2023 12:18:44 GMT
a782830483d4__creditcard.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		212 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a782830483d4__creditcard.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
9634e8d62507de8ffd2a253deca5f7bc48a274c3a7a62b5a4f85bcb8b089b32c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
306
etag
"b9af3d19cb429d55ce81c3d56b1cf3c0805a378d"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
212
expires
Mon, 17 Apr 2023 12:13:55 GMT
32f032c8cd7a1__sale.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		788 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/32f032c8cd7a1__sale.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
af7c563112880ec7ebde4e8d9700a759699a1bdf84023783ec4ed81e59d87e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
1240
etag
"b7215fd2fd41baa1ff25e34f541bac16787082b3"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
788
expires
Thu, 13 Apr 2023 12:56:50 GMT
1f85c5c0c2c4f__tag.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		340 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1f85c5c0c2c4f__tag.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
cc5803ab4343f70b4b4993aa04e32e5bddab6f1191a2daa8f2e88c1b55e42167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
562
etag
"27bec634be2ca09d4762fa44dbb4c5ee1141eb87"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
340
expires
Mon, 17 Apr 2023 12:13:54 GMT
22606fb753e45__box.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		536 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/22606fb753e45__box.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
95e80901adda93269fa97276326096f8e3537aa30d4684411dc79f4c48ff2189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
934
etag
"05286b13ccd1c321d92f4d36d76fa799dce37b1e"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
536
expires
Mon, 27 Mar 2023 12:09:59 GMT
3393a0305027c__2405-johnjohn-produtosmasculinos_marcas-destacadas_kanui_masc_nd_v_1.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/3393a0305027c__2405-johnjohn-produtosmasculinos_marcas-destacadas_kanui_masc_nd_v_1.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
17e9d47909a54b367ae3d6045532bf9f98545fd19ea1cba9e9d7d7857d6bf5fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3491
etag
"7f30cde5282a7bc01f5bb009b848774539cd3923"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1268
expires
Tue, 25 Apr 2023 20:35:30 GMT
2b63b0d157ff6__new-era.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2b63b0d157ff6__new-era.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
d7aa5ee5fc5e760558483ae97feffb192e6eaf5f7d58cd8cb65699188b1baaa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3777
etag
"e1439f56f3b4f6d908948cf97c9b7b436e91190a"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1136
expires
Mon, 17 Apr 2023 12:13:55 GMT
209778fe3de54__fila.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/209778fe3de54__fila.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
4873e89721ee7fc0df35a1886dd9464fed179aff9ee147be8f1ee567b225e25f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3519
etag
"c30697e98d78b8fa539c272de27f60c561edfbe7"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
892
expires
Mon, 17 Apr 2023 12:13:55 GMT
203a74480da40__converse_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/203a74480da40__converse_sneaker.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
34213292a4712c8f99b268cd03d6a1e8624a62e58ade88fd5edb560cf13f1de9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4701
etag
"db28c9b1ad51d4a20641f60088234da7918b8a34"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1500
expires
Mon, 17 Apr 2023 12:13:55 GMT
106638f282872__vans.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/106638f282872__vans.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
974af4d36f26a2ebee2dd0d43165f5943340dd5e6d064c8627342b733abe1e0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4164
etag
"b4a2480dd72ca49dcf54241592298dddc63fd57a"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1550
expires
Mon, 17 Apr 2023 12:13:54 GMT
2338e8e7b6acb__tommy_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2338e8e7b6acb__tommy_sneaker.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
908d3d9814bd9773ba374617281297c3e74d15fde0a189013e45b23cce49ad33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3651
etag
"affbb63a5b1e9838cc2ae5449b748a4e90a250ff"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
878
expires
Mon, 17 Apr 2023 12:13:55 GMT
1c4384d4d39a__new-balance.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/1c4384d4d39a__new-balance.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c4e3a6660841a2aaefca4bc6bd707c3a83291d96e44afabc7a51a875be30e1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4655
etag
"6ba330b2e9c19d1ebc4bc47d64f45bdbae12fdb6"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1748
expires
Mon, 17 Apr 2023 12:13:55 GMT
20293c981fed8__Asics.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/20293c981fed8__Asics.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3acb0aed241bf33a59d203919cdf44c343c7b3e383fad0809f5581e6981778e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
47274
etag
"f0c553ef439aedcf3886d1dc0602f8035936964b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4324
expires
Mon, 17 Apr 2023 12:13:54 GMT
1af456f0d78ea__puma.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/1af456f0d78ea__puma.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
9586724a8919b155316b62e47f38a6b58205d06648560034004209e2d238555d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
3873
etag
"3d1e273d7f71473ce2ead1ca7abf4c76febbb1aa"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1100
expires
Mon, 17 Apr 2023 12:13:55 GMT
a23bc0504ee2__adidas.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/a23bc0504ee2__adidas.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
dc2bbcece24a41494bd7d15dbe450e37f167abcbb30c063772d1972bef448329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4712
etag
"21c9a4eee102380d78eabdff910546f7c27c21e9"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1626
expires
Mon, 17 Apr 2023 12:13:55 GMT
5aeea86dec17__nike_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/5aeea86dec17__nike_sneaker.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
6c902c245ddca0826e20d37ff8a07f1ce2b30477fadefee3da8b285cfe1ca31e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
4421
etag
"7089d2f4e219a819ff7ff158dd112207154d259b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1482
expires
Mon, 17 Apr 2023 12:13:55 GMT
19c2e980ec429__tabombando_377x500.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/19c2e980ec429__tabombando_377x500.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
4d7fdc1477cd41fa75ac83d648c81e26a83308a4ede2ff9a70f45af879ebc616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
240871
etag
"ed5861043ca7a973b9a0f395553484be982df990"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
12332
expires
Sat, 13 May 2023 23:30:56 GMT
240b9b297ed3__tabombando_377x500.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/240b9b297ed3__tabombando_377x500.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
634c21652f0f11c12b96ed30a9be9fe2d29dd2ed4ab4e5da4fe34dab72f5538d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
148044
etag
"cbc89779294ec21ea7a6f495782bfbbcf5d7bb7a"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
15700
expires
Sat, 13 May 2023 23:30:57 GMT
1c5c4f6d60573__tabombando_377x500.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1c5c4f6d60573__tabombando_377x500.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
90846c724fa542088099e2d56d23f2ed6be6bbb7b8d47737d176852b639d407d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
285338
etag
"bb46cf03acd3d439d2a78c824ab1317a8c0694a3"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
16700
expires
Sat, 13 May 2023 23:30:57 GMT
c2d31abe3f4e__tabombando_377x500.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/c2d31abe3f4e__tabombando_377x500.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
253510048017ed41c626e48e258a1cd2818f275632a27cc13e67b2c5b9acf82c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
131707
etag
"a7a4cbec41b24ac39cac9cdce72e86ab8ea5ada0"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
9760
expires
Sat, 13 May 2023 23:30:57 GMT
2023_05_16_11_04_07_Destaque_Desk_1920x700_-__M2.png
dafitistatic.dafiti.com.br/cms/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/cms/2023_05_16_11_04_07_Destaque_Desk_1920x700_-__M2.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7ca547bd416d9f8414efd584760ba6f9c515bee4293ebf2538dd012e9a27eb7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
2324751
etag
"0b578054d6b5b18e16d2ccf3f75dc98d1e83971f"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
140366
expires
Wed, 17 May 2023 19:20:54 GMT
1298c07bd6512__destaque_desk_1920x700.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1298c07bd6512__destaque_desk_1920x700.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
e606a7b9d89aae4ff95f6023167172228a5d50c485bcbdfd2070488fade6e354

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
2122261
etag
"28aab9da339a53ceebac4bc527c49088a8f58801"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
189810
expires
Sat, 13 May 2023 23:30:57 GMT
219c119e9c4ae__destaque_desk_1920x700.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/219c119e9c4ae__destaque_desk_1920x700.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
d5cc0708817ec6b47ca7011923dbf4a4a57562c5dcf482c37b5100a3db5fe217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
1853518
etag
"e4f68696a9e1c8b11dfb6932173d3556501fcf9b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
70718
expires
Sat, 13 May 2023 23:30:58 GMT
2023_05_16_11_03_58_afterheader_desk_1920x50.png
dafitistatic.dafiti.com.br/cms/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/cms/2023_05_16_11_03_58_afterheader_desk_1920x50.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
978f3d1dfe83e176b31cefa605353d06329513c53d427dc885047123472f144b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
17887
etag
"d0ba6c65fe9f1b8a4bd91d5470f6db2bdf69beea"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
6828
expires
Wed, 17 May 2023 19:20:53 GMT
2023_05_16_11_03_56_after_mobile_640x80.png
dafitistatic.dafiti.com.br/cms/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/cms/2023_05_16_11_03_56_after_mobile_640x80.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
9f8ddde7973da273414e2c4bf39f1310cfe833f16a5c0677d425a4aa413dc264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
15797
etag
"83e4c2bdf1871839badbc22c40858f04475fc67d"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
5904
expires
Wed, 17 May 2023 19:20:52 GMT
a00451ce4db5__camiseta.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a00451ce4db5__camiseta.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
bae8601a65f20808c0c7439df7f17d89c3f92fa625fd0b38232f0a581a0ecaec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
10411
etag
"ff77a9420a751c7da73286c973e9345165c3cacc"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
3092
expires
Mon, 17 Apr 2023 12:13:55 GMT
802581da7ce0__calca.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/802581da7ce0__calca.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
8121a35a4a3f74f2c76f84c38b8151f2505d451df55e1a0e7590534445741c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
18063
etag
"ac7a134579f7f0f11744afa8d00c5ab095683e8b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4684
expires
Mon, 17 Apr 2023 12:13:55 GMT
9237855ea58__moletom.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/9237855ea58__moletom.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
29eb18e4d01a9572f259847e4028769fadd2eb1bc0f4f3827a37e18ec60c878c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
10143
etag
"1cd8194e2c9861e93d4fa74bfe8ad46073ff25cc"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
2564
expires
Mon, 17 Apr 2023 12:13:55 GMT
931ca880e309__image20221128175209.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/931ca880e309__image20221128175209.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
549f9de3c5a955391f4987c6ffbe3adec7b4874ff054a1068285d50613bfaba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
21534
etag
"0824fef8529364f7bd2dea65b563422abfac2350"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4772
expires
Mon, 17 Apr 2023 12:13:55 GMT
2817badb95f3b__jaqueta-corta-vento.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/2817badb95f3b__jaqueta-corta-vento.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
86ef94466c01a222d640333449eb1d4989f117447123356473992a353557b2a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
8252
etag
"95110117b9144c2fd4b658a65434e40b98b836ca"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1714
expires
Mon, 17 Apr 2023 12:13:55 GMT
41e383cab926__bone.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/41e383cab926__bone.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
40ad26c2e2db17b50394fd87f16da9cd675f6f9d23adec11a29e4df920d98e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
11660
etag
"e50f5c7a0a7d4c1806b297f7186abef4b43b28e6"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
2516
expires
Mon, 17 Apr 2023 12:13:55 GMT
13f49305a2fd4__8_banner-categoria_180x180_masc_tenisesportivo.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/13f49305a2fd4__8_banner-categoria_180x180_masc_tenisesportivo.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3877c097b17f550165ef302a8cfeab1fdf866791d54f6b5bfefc08840f73c9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
11059
etag
"8fe47eb019b8da95334c6ebfe4958a984eec415f"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
3310
expires
Mon, 17 Apr 2023 12:13:55 GMT
235d71e3a15fa__1_banner-categoria_180x180_masc_bermudas.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/235d71e3a15fa__1_banner-categoria_180x180_masc_bermudas.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c8015792fdcae6f89230c479fd95e5998bf815c6d882c64fa6a7cecdb3c724d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
9631
etag
"544ca3e82387c02e0fadd32bd097f78057591eb5"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
2478
expires
Mon, 17 Apr 2023 12:13:55 GMT
add365da0d76__tenis.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/add365da0d76__tenis.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
acff40324ef40543d8d84a31217c27188b8a3f1cee1dff3cb1b3fd8a6073cd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
9060
etag
"66c19be8c36424346890d797b3bb4d23a6f4bf81"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
2876
expires
Mon, 17 Apr 2023 12:13:55 GMT
218d7a31ac0bb__image20220805140011.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/218d7a31ac0bb__image20220805140011.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
a9c5e748ccf72f5ed630e6e11eef4cb90aa6897e7116cfa2f45d3573dc47480d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
37669
etag
"4a56ebabd8c266b4253745ac819c4b023f53e6a1"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4294
expires
Mon, 17 Apr 2023 12:13:55 GMT
57628ef9a1bf__4_banner-categoria_180x180_masc_mochilasshoulderbags.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/57628ef9a1bf__4_banner-categoria_180x180_masc_mochilasshoulderbags.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
141725991fd548609dc13233286c4bd66b4d15871966379929567f2e64ef0fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
14597
etag
"dadf5f251e8d040e1146f01e08ae25d4672f0e9b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4418
expires
Mon, 17 Apr 2023 12:13:55 GMT
1-product.jpg
static.dafiti.com.br/77/565711/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/77/565711/1-product.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
027658e1822c7365a4a373756661a814c2a40226aa524c970087852890200020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
73621
etag
"0135e2e0a95e69d45626f0a9d356240da325be22"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
8854
expires
Sat, 24 Jun 2023 21:59:14 GMT
1-product.jpg
static.dafiti.com.br/38/963121/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/38/963121/1-product.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c292f61f54af368905af4b9d7b54338fb2da302c15f596c694fa68b210f2daaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
87215
etag
"59d9fcb314b0ee6d187d68d533c2597cd4c75364"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
9396
expires
Sat, 24 Jun 2023 21:59:14 GMT
1-product.jpg
static.dafiti.com.br/13/41109/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/13/41109/1-product.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
88f1d02668a56fc5ab75270f5540371cafc84f829646e0a5dd5286411c53f249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
128100
etag
"4780f8ff3aa227bd1276d888188f9d59bdee727c"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
21448
expires
Sat, 24 Jun 2023 21:59:14 GMT
1-product.jpg
static.dafiti.com.br/31/746711/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/31/746711/1-product.jpg
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
992bd3ee0d5870e5bc0e068fd99d9807f1ae09f3b5a9499bbecc754811943247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
55919
etag
"83f5b1f7a94a3aa8248f056602ac2345b8cc4d8e"
x-ims
Enabled
content-type
image/webp
cache-control
max-age=2592000
content-length
4860
expires
Sat, 24 Jun 2023 21:59:14 GMT
1214425f6702f__novidade_575x620.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1214425f6702f__novidade_575x620.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ffbd86d4d5e2589cefbba66deb541a09acdaaf99df503ef7902e5595c58e9b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
473757
etag
"217d75d2bf5fb690b514b2503422ec3151b569b6"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
26306
expires
Sat, 13 May 2023 23:30:57 GMT
ec587d545c3a__novidade_575x620.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ec587d545c3a__novidade_575x620.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
397472510bbd1416f81166d77511813010b1ee30cc5156dc9aeb734d0ff5065b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:14 GMT
server
Azion IMS
x-original-image-size
532079
etag
"604331e2676c3238f68c773cce42a608a72f7ec3"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
35126
expires
Sat, 13 May 2023 23:30:58 GMT
batch
async-px.dynamicyield.com/ 		0
383 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1685051954679_689715
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
CNCnlERhap5Nal6BCLb4Fi_VOSGpCMgyPHAEMjN864o6FtAmQS-Dag==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=829400&uid=6552737712912194098&sec=8767638&t=ri&e=288237&p=1&ve=3238047&va=%5B8765873%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621130854557034&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1685051954680&rri=3413690
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
uEy1ykvIcD_VVYwPj-Ei6hhXrMrkLYGVX_cdPQp0D0RZgSjMsw8ciA==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=116720&uid=6552737712912194098&sec=8767638&t=ri&e=375834&p=1&ve=4057828&va=%5B10924534%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621130928461930&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1685051954681&rri=8690249
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
FB3R1nW9mVWIj8oCfh2fx44Llv13qtmB8I1ANwsp9mNGlQvQMV6VtQ==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=529289&uid=6552737712912194098&sec=8767638&t=ri&e=629847&p=1&ve=6185263&va=%5B16876701%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621131318632477&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1685051954681&rri=6039566
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
qEUq2G3b2WHiCsDwW5OZI32g-nMYhWU9-bpOUikDcVoODlcZ3zlT7g==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=197560&uid=6552737712912194098&sec=8767638&t=ri&e=859593&p=1&ve=11749613&va=%5B21011461%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128964048575&mech=0&smech=2&eri=1&tsrc=Direct&reqts=1685051954725&rri=9885840
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
f0VcZzMSCxDNC4tax06qDlWtyvFVLr40NQzbxY-eSQi__NYgDETjng==
expires
0
batch
async-px.dynamicyield.com/ 		0
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1685051954779_44269
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.171.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:14 GMT
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
4aERWTEapNZUgFaJTMlFjZz4ai2QSNjGeq1Icc_kMtmIpdo7DidZMw==
expires
0
truncated
/ 		334 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
360f7707ffa97c30d46cf1b7ac868405ef0082cee8188eedc9868ca7e6c9edad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		332 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38299603ce44a55c924225e7c33259514bfb7f3197cdc94d69cf8ae7973f450f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=862190&uid=6552737712912194098&sec=8767638&t=ri&e=1262096&p=1&ve=12248677&va=%5B%7B%22id%22%3A27868052%2C%22idx%22%3A0%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621129856983155&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955553&rri=9595991
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
47D8pwb-e6mkNXjrpCstP--wlURtkyIw5WACxDtGXXvh83qFMwUIzw==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=406069&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613323%2C%22idx%22%3A0%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955555&rri=1896888
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
8RpYUCMRiGVq72YHl1aioEww7Kjg8r-0VCFZP3OSHzF995gX8rRxuQ==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=60740&uid=6552737712912194098&sec=8767638&t=ri&e=1468433&p=1&ve=12236802&va=%5B%7B%22id%22%3A27856106%2C%22idx%22%3A0%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621129720812003&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955555&rri=1715411
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
lO3v6gwfQfcALK0bGudZ_6Ma5tr5mGsBtOTouKeqMbd3RxtuG7uDng==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=195120&uid=6552737712912194098&sec=8767638&t=ri&e=1468478&p=1&ve=12228386&va=%5B%7B%22id%22%3A27855957%2C%22idx%22%3A0%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128922160450&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955556&rri=4361659
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
hhrIuXsHHQ4fYLN774aAmfDcsK97qgxVAL7qkRLfzMqeJ7IAJmcw6w==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=248396&uid=6552737712912194098&sec=8767638&t=ri&e=1473289&p=1&ve=12150991&va=%5B27872474%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621130666079350&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955557&rri=8080481
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
GpKfZWU9Il7za-xhNV224NOddPItniDSdePhnWzvZe42Ei4XW6V_Mg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=516461&uid=6552737712912194098&sec=8767638&t=ri&e=1388255&p=1&ve=11820065&va=%5B27589802%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621129665449929&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051955557&rri=9861905
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
awiqttwy_eejKixAN6xTclpHRZzCC8JoAk9Rif1-s9WOQ9Yph3bXwQ==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=835918&uid=6552737712912194098&sec=8767638&t=ri&e=291960&p=1&ve=11507665&va=%5B8896603%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128947884379&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1685051955558&rri=3949635
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:15 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
ujVaYeyn7daIMtLiSk-RS3M72GD86eAZ4yMx6EF7i9vK2r06CiNfbg==
expires
0
javascript.min-0e6b45c2.js
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/javascript.min-0e6b45c2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
gzip
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Wed, 24 May 2023 06:20:04 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"7ef0e36608b3d84d0ed3ac2630a851e1"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
8O-fFHoKomE5_kLigK6U5j42zIrPuzMreTcGpGzGT5OzxAV9OoCgCQ==
expires
Sat, 24 Jun 2023 21:59:16 GMT
136c8bbb3b03c__adidas.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/136c8bbb3b03c__adidas.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
b5c105c2b621413cb431064c0f40cf9f985e84dd293da14d93d2f102703dbf40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5684
etag
"45af98ab06de7c5f433827b60355fa75fe5dce22"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1170
expires
Mon, 10 Apr 2023 19:59:54 GMT
27f64f096ce1c__dc_shoes.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/27f64f096ce1c__dc_shoes.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ecc3da4087e1ff05f5492df1dee43224adce7750e28d3b212c1764a63559cd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4788
etag
"ecedeaee0e96587a711c881041a9b60b244d0012"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4016
expires
Mon, 10 Apr 2023 19:59:53 GMT
23aaaee7b7942__element.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/23aaaee7b7942__element.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c4430b97b55b8103f278e137eda1a2acae554981e0baa81c8cf45313ca4865f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5359
etag
"104052c441d6a8a156f703a463c8f290d5665bc4"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1112
expires
Mon, 10 Apr 2023 19:59:54 GMT
217196e041182__hang_losse.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/217196e041182__hang_losse.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3985eb7918f7b14c57e22a1ff7cf572892258d53357d8c286c9daa20b7f62624

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
6334
etag
"98ec9f1d43f20683e670c066dd569b66fbf5ff0b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1270
expires
Mon, 10 Apr 2023 19:59:54 GMT
1b59440d576dd__hurley.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1b59440d576dd__hurley.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3b267a7c2fba5cdeb5f060f693ebda234ad29aeccc3e523605727b6981e8ce64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4651
etag
"dfd5356b6d103296d46e439a4f058e2c96e4f158"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
3920
expires
Mon, 10 Apr 2023 19:59:55 GMT
117e9d7fa8545__newera.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/117e9d7fa8545__newera.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
5c1d9e173f6c357d72a617dca08e5ec8fbf78c2e7bfc5eba8821568ebee85af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5598
etag
"a4c3e9174aa0d0a699f946db9d6710c87a96c858"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1064
expires
Mon, 10 Apr 2023 19:59:55 GMT
4b39d5946f0b__nike.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/4b39d5946f0b__nike.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
bc348fdf3d6e98dfb1b06c53951baba12ccb2041a63a044d166ce5e4a4e61f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4984
etag
"0419b428f6b20f62cefcbd237771429f62e9bb11"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
954
expires
Mon, 10 Apr 2023 19:59:55 GMT
cf83781dbf52__oakley.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/cf83781dbf52__oakley.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
697d597df5ca9a0ceff77072433a2ec5a934720509605f5fecd52b3f39ac7ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4856
etag
"2ba59a79fc7f62befca5793a651569d70225957c"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
3992
expires
Mon, 10 Apr 2023 19:59:55 GMT
1ae934687ab1b__quicksilver.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1010 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1ae934687ab1b__quicksilver.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
249cfda2569911bfbf5a352e5bfeb9cc5fe78946863bf3e6c5a4934776a26b31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5209
etag
"35d828e2a9081bbfd453cd9ba2b735a88777786d"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1010
expires
Mon, 10 Apr 2023 19:59:55 GMT
320d6f04b87be__rip_curl.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/320d6f04b87be__rip_curl.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
9289a2f488a316419058b1b7e635ffac86eadb2a780c6845dc910dc85ed4b132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5346
etag
"803b3beadd20ff1a9c545b6e44f25828cbb07d4d"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
882
expires
Mon, 10 Apr 2023 19:59:56 GMT
a5a12ad969c6__rusty.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a5a12ad969c6__rusty.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
44cfa94e43355d002c25d8fb3d03593f9312a81bafaff29b117065a35f878bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4880
etag
"49da8c5399fe822215e929f96854ab7677284251"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4042
expires
Mon, 10 Apr 2023 19:59:56 GMT
50b85ce796c2__vans.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/50b85ce796c2__vans.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
990708a370fc7f0173e951516c5ec91ce9d2e3ff35c2471e40bb3ba4ee43bc9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
7804
etag
"334115264776ddf6331a86b3238eb7c45fc084bc"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1638
expires
Mon, 10 Apr 2023 19:59:56 GMT
1a81268fa6c8a__adidas_originals.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		822 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1a81268fa6c8a__adidas_originals.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c8eab4253dfcb0a960d80bd71d5e2849a0cd77139cdf8a05412c55c3e7da0cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4909
etag
"c9827688e566e40ab22aeabb80e4b33dd120069c"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
822
expires
Mon, 10 Apr 2023 19:59:57 GMT
347e632212c7d__asics.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/347e632212c7d__asics.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
b612c829e284a05a3c1ad7c038a0256a8bb1b51ad5c755ec464db9d297d0231f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5453
etag
"0800064959dac77a0809245bb6628de116e9034f"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1188
expires
Mon, 10 Apr 2023 19:59:56 GMT
1abb973b53a89__converse.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1abb973b53a89__converse.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
56a7e557715091a4a0429c162ea64459b1bd92f7ad7f6a9ba7a3d202788afbcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5112
etag
"903d17f3444463bca4bebc625e389f59bc01e9a5"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
926
expires
Mon, 10 Apr 2023 19:59:57 GMT
3632929913700__fila.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		812 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/3632929913700__fila.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
80ec86ca07b179e383d7280ffefa2bc3143116c7e6d29c06eede960ca6e5174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5298
etag
"f716b30b9ebfd45f4ee597556f044c2b785dbc87"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
812
expires
Mon, 10 Apr 2023 19:59:57 GMT
1d868d622a828__new_balance.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1d868d622a828__new_balance.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
d7971b9f10a7f8a94f87b5820ee0421e39ad41c8ad90c64fbdc7cf7b5431d8f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
6970
etag
"db49455d198d730d9a8b0559597b1ab261b3e3c3"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
1532
expires
Mon, 10 Apr 2023 19:59:58 GMT
215a004d193bf__puma.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		738 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/215a004d193bf__puma.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
194bff381ec3d81f6f66034f0ff9eeee31361b982ce0d050bc5d62372cf449cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
4417
etag
"99745a049dc1f26f55928ddfbecd123cf9990903"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
738
expires
Mon, 10 Apr 2023 19:59:57 GMT
1842992de8719__roxy.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		894 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1842992de8719__roxy.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7de00920bb0b147111be6d35c3d9f3d5cb63fbd4dc81c94f333607797ee7c48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5263
etag
"5f56933cfbbd29ed9a0847db36e8347bc5073e50"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
894
expires
Mon, 10 Apr 2023 19:59:58 GMT
33613a64cfa07__volcom.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/33613a64cfa07__volcom.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7551480907a2cf13b43a57267750cf88b619d7161f4678de3b6a8fbf0489e5a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
5614
etag
"1569e05814e68dff00d370f984841cb1fd42fb8b"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
4250
expires
Mon, 10 Apr 2023 19:59:58 GMT
9c3581308585__novidades50off_home.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/9c3581308585__novidades50off_home.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
83f9f6450a9f79a3c5fa90cc2fdbb1c745958d47cf8dc2def841f52efffc3751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
133525
etag
"536cdfe41943a7c9350bbdecb180058d9545e195"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
17534
expires
Mon, 10 Apr 2023 19:59:59 GMT
6512593ccec3__kanui-eco.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/6512593ccec3__kanui-eco.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
8f6613577546dee652f8313e5e11ce45ce42f9db18d75b3eee10eb97451d1075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
77659
etag
"0a5be138ff31e72e50c8b6a672d87886d360ccb4"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
21906
expires
Mon, 10 Apr 2023 19:59:59 GMT
2a35b2871b194__Image20190823155023.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2a35b2871b194__Image20190823155023.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
970e322932327436b9fbbba9bf325d576d04448a1d722b8ebb55c0cd747e18a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
server
Azion IMS
x-original-image-size
129396
etag
"91716fb6952d18e582600b30d52f3c2d7f945390"
vary
Accept
content-type
image/webp
x-ims
Enabled
content-length
15568
expires
Mon, 10 Apr 2023 20:00:00 GMT
6an24182.html
cdn.privacytools.com.br/public_api/banner/pop/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/pop/6an24182.html?t=1&m=0&c=1,680,637,395,156
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344d52234fdfd14efd6d3a3b433daa8f548ab20d8adc561eac0d4e4a8db086d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2440919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"Tue Apr 04 16:43:17 GMT-03:00 2023"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpDaaXq08y%2BB0iuXkqB%2B0%2Bpd0ECMTn1UHoHelP8FVIYEgAtIOxrj5M0SM0J4HFaRbzTEyzl25Goip%2FHG7qKMwQ0wbP2s7%2B2ydeBKZv7tGz2OWwcN74vyWYIWoZRBTt8ZfPm2L9aVKLoJsE8l%2BSTZeFpuFi4S"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-robots-tag
noindex
cf-ray
7cd10b66780f39eb-FRA
javascript.min-0e6b45c2.js
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 		775 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/javascript.min-0e6b45c2.js
Requested by
Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/header-javascript.min-e8228339.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a988b63f99db965bfc7f0af6f354c464ab171808cdf5dcc54bdf4f7f55e75029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
gzip
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Wed, 24 May 2023 06:20:04 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"7ef0e36608b3d84d0ed3ac2630a851e1"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
8O-fFHoKomE5_kLigK6U5j42zIrPuzMreTcGpGzGT5OzxAV9OoCgCQ==
expires
Sat, 24 Jun 2023 21:59:16 GMT
gtm.js
www.googletagmanager.com/ 		375 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1534793e8ef1132ecc6f0d9c7bed223e837f5f1eb4f1495ea40a08ef40e204a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
113360
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 May 2023 21:59:16 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 May 2023 20:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5022
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 25 May 2023 22:35:34 GMT
optimize.js
www.google-analytics.com/gtm/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-N3QSNMV
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1962aebe29e9703e1035fdf49a4ddd9abfc31de50d5c5e3599fabb3ff5525f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47014
x-xss-protection
0
last-modified
Thu, 25 May 2023 21:02:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 May 2023 21:59:16 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 May 2023 20:51:49 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4048
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 25 May 2023 22:51:49 GMT
17715.js
www.dwin1.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/17715.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:fc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9092fae1a997291e19a5b9761a725b6c91aaa91400a0baa150d795c94a92fb91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
kLBEQfMFpXskCUzKxjmVS4ZIW_gQe5h8
content-encoding
gzip
via
1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
date
Thu, 25 May 2023 21:59:17 GMT
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 16:43:09 GMT
server
AmazonS3
etag
W/"6f91e63e5ad28eeb5d003af79a8d89fc"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
C3wK-V8bkAz2HPiltvkgJwe7Y9Ly_NUaLaF3YCocTNHpwHlm5rJWyA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1012508079/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1012508079/?random=1685051956738&cv=11&fst=1685051956738&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kanui.com.br%2F&label=GNVwCLnZ-gIQr8vm4gM&hn=www.googleadservices.com&frm=0&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&auid=844634158.1685051957&uamb=0&uaw=0&data=ecomm_pagetype%3Dhome&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34f6a119625653e80dc5e63874c499772c5ea977e5516c2ab70d84bc8b13f537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1196013.js
static.hotjar.com/c/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1196013.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-125.muc50.r.cloudfront.net
Software
/
Resource Hash
8498bd65ae34f504ddf87975d5eff9552b477fe79e4f7763512133fa1d4b5ef7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 25 May 2023 21:59:16 GMT
via
1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/edb2b7fbea8411106df1be490b3718ad
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
1L5qWAwrFWrXsUzrCBrRP3Gso3FkdSdmRcNO0WdBaim7tAss1hkH5g==
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5df0afc3702167718a0cd800f3f20f4ed1158900978c121f2f0bba0a7d23a58f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 May 2023 21:59:16 GMT
content-md5
8A1mbSVI3CRlYWHWVuul6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2167
x-fb-rlafr
0
x-fb-debug
jVrHY7W+QH9U+CdTcqur5i5/mELsNuR/3hELjt5AT4EnLL4ODf50ggfRYRf0hC2XKoE5a5Hoy3p9rcyJ3XaXhw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
32b7225d03b56c7c46fc40ecb24093f1
cross-origin-opener-policy
same-origin-allow-popups
etag
"54904a169595fd2ddc213d156f82236e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 25 May 2023 22:18:43 GMT
DADJEF833.js
wkxppshj-qx.global.ssl.fastly.net/ 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c247c945a05e3ec94b805689e080e8714de8fe4f3d479a3f38d0bb627281fa4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:16 GMT
Age
1871
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
73692
X-Served-By
cache-fra-etou8220090-FRA
Last-Modified
Tue, 16 May 2023 08:20:30 GMT
X-Timer
S1685051957.774759,VS0,VE1
ETag
"8e25ff5034b42841dbd7d0f17e5ad8ab"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
gpt.js
www.googletagservices.com/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e48cd1831dff2135e45c657d77ab4f283268b87033a376b355aa34b77fe8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25200
x-xss-protection
0
server
cafe
etag
968 / 19502 / m202305220101 / config-hash: 8162924834617908161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:16 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 25 May 2023 21:59:16 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 286834986EBB4A3B81C6628897394C7F Ref B: FRA31EDGE0206 Ref C: 2023-05-25T21:59:17Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
lc.js
kibana-mkt.dafiti.com.br/track/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kibana-mkt.dafiti.com.br/track/lc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.33.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-33-119.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
ac07b21b9c8016dd564bf9de88d4b0f401ac0c90b586c59b6af3f62d8cd80c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 21:59:17 GMT
Last-Modified
Mon, 27 May 2019 14:56:10 GMT
Server
nginx/1.8.0
ETag
"5cebfa8a-e9c"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3740
ld.js
static.criteo.net/js/ld/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 17 May 2023 12:05:15 GMT
server
nginx
etag
W/"6464c2fb-b219"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 May 2023 21:59:16 GMT
dj.200.min.js
d34e3zwe3zzpan.cloudfront.net/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34e3zwe3zzpan.cloudfront.net/dj.200.min.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-152.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11ce26e765d589e5cda02781e1a5984398b420d0499b5ab4a551d33327c339bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 04:18:25 GMT
Content-Encoding
gzip
Via
1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
Last-Modified
Thu, 18 Feb 2016 10:53:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
63652
ETag
W/"915e08c94ec67cb2086c0197d036d887"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
LP2PIn_xFi1oHTSeWJfPK_A9DPSFTAnwb5weRBwtwLkLTLkjEWso5A==
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9UKI83C77UCFR8RC6JG&lib=ttq
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0b62f4c17b493e76cc391cd94f57229bd1505523b9255e7b7f1207a3af7496e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
c686fa9.d9ac401
date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
x-parent-response-time
93,23.62.213.84
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=5, inner; dur=3
content-length
1159
pragma
no-cache
server
nginx
x-tt-logid
20230525215916BD29F0F842CD1D1957E6
x-cache-remote
TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.207
x-tt-trace-host
01798c57de0a0fb91e98df7cf0d23b5bebc6839c3d4c612d57614f351602ae590b47e652f3bb8e6fee4b2eeff4525f20f2cb18b303443e91f52c0788ca7d1dc7bad4ab0c9eea2d84f2d1b57eb40baf2c53107dbcaeedf6ee5a82887016b14f9f1a112950311c3b069f37486cbd0d356236
expires
Thu, 25 May 2023 21:59:16 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c4be53d9a3aa721aa64ec05844a230d092723e3deddec5b467376f9b65a5159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77981
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 May 2023 21:59:16 GMT
tags
us.creativecdn.com/
Redirect Chain
  • https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744
  • https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744&tc=1
42 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744&tc=1
Protocol
H2
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT, Thu, 25 May 2023 21:59:17 GMT
vary
Origin
access-control-max-age
3600
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:17 GMT
vary
Origin
access-control-max-age
3600
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
location
https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956744&tc=1
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956745
  • https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1685051956745&tc=1
  • https://ib.adnxs.com/setuid?entity=315&code=wWw3OmlSP68Q3gDfthnD
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DwWw3OmlSP68Q3gDfthnD
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DwWw3OmlSP68Q3gDfthnD
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
AN-X-Request-Uuid
0339ead6-eaf0-4feb-904c-08b79ea617cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
AN-X-Request-Uuid
41b4b886-abe8-4573-a708-a9db53f74794
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DwWw3OmlSP68Q3gDfthnD
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 25 May 2023 22:24:28 GMT
collect
www.google-analytics.com/j/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=301698643-Home%20Mista%20-%20Desktop%20-%2021%2F11%2F22%20&el=Homepage&_u=YEBAAAIJQAAAACAAI~&jid=434796901&gjid=320546974&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&_r=1&_slc=1&z=2050882514
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1704549942-add%20cookie%20&el=true&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=360302434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=533085504-USP%20-%20Desktop%20-%2012%2F04%2F23%20&el=USP&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=235105769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1880083209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1653510029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=140725701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1905177981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1812454102-MASCULINO%20-%20besthomepage%20-%20Namorados%20-%2015%2F05%20&el=161003064-NA-BRZ01-NamoradosPresentePerfeitoAte60Off&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=100843488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=9&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=923263760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=10&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1433181035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=11&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1591477194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=12&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1563989631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=13&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1755546850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=14&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=450392546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=15&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=259997138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=16&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=1297418115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=17&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=894431207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=18&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=2032874692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=19&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=374725650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1169205849&t=event&ni=1&_s=20&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1064099095-MASCULINO%20-%20besthomepage%20-%20GDocs%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=61963534.1685051957&tid=UA-24844488-1&_gid=1790114719.1685051957&z=41869508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 00:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=319037&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613321%2C%22idx%22%3A6%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956811&rri=4136
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
zPi-3kRr8CCai6HTAtMsnH_Ctnl2e5fw-xbrrLp4b66R9Scj2dk5qg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=619396&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613322%2C%22idx%22%3A5%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956813&rri=4539570
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
bfV8DsPNkEQI2ZjeO-skXNeCL6SgDXJHI5zYIxIRBngxtGqieEDJSg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=587100&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613318%2C%22idx%22%3A4%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956814&rri=8838588
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
XmhS-l4pzx_UveorHywemj15GSGprlEsB-xgBK1OZFpSjGdR6mV18w==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=829400&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613325%2C%22idx%22%3A3%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956814&rri=7396843
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
V21iUn4AGkmpQS5aejyIblKbpbAr0J5b0dsjtjuHUpvGC5Aq9Npa8A==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=28269&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613319%2C%22idx%22%3A2%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956814&rri=7423769
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
q5B0zAaGSMEJuMLy4aAtTJegfeYLHarqaFp5UyLjzM8nWIFqnoTerw==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=453463&uid=6552737712912194098&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613316%2C%22idx%22%3A1%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621128893015894&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051956815&rri=1477149
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
2xv2c5Hl7Rk8xfFHqysxZbciKrFxDgBxqmwKgLcS3_46-eW2ze0LXg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=778809&uid=6552737712912194098&sec=8767638&t=ri&e=1457997&p=1&ve=12236776&va=%5B27822778%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621129359294913&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1685051956815&rri=3971829
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
PtJCuC18ayO0_QBQ1H4V5Xhyt0jEjkdOkpgeFYD88ouou2pcN7D5eg==
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-24844488-1&cid=61963534.1685051957&jid=434796901&gjid=320546974&_gid=1790114719.1685051957&_u=YEBAAAIIQAAAACAAI~&z=1851777737
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=645747682160894&ev=PixelInitialized&dl=https%3A%2F%2Fwww.kanui.com.br%2F&rl=&if=false&ts=1685051956822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 25 May 2023 21:59:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1169205849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAIJQAAAACAAI~&jid=1691466063&gjid=1998922640&cid=61963534.1685051957&tid=UA-86950572-1&_gid=1790114719.1685051957&_r=1&_slc=1&gtm=45He35o0n81KBHCZ4N&z=1756355465
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
autotrack.js
dafitistatic.dafiti.com.br/cms/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dafitistatic.dafiti.com.br/cms/autotrack.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
bcc1afc53529416fc5780618306f4e39ed3f38af3ea776aa4282a91878062b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:16 GMT
content-encoding
gzip
via
1.1 49039a44484a184312d8f608c205b640.cloudfront.net (CloudFront)
x-amz-version-id
G1YgCBpozcfqIGIxxPAI4k4UqkC34L4v
last-modified
Tue, 30 Aug 2016 16:04:11 GMT
server
nginx
x-amz-cf-pop
ZRH55-P1
etag
W/"6c409f89b8d33449cc7943c8b7740c89"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
content-length
8360
x-amz-cf-id
ESYZcJ3h2hq8-vlhcxMSRzA9N8RiuJqV5fk9oSW83KL6JnLZwOF2AQ==
expires
Sun, 12 Mar 2023 21:45:26 GMT
b125ee43-f7cb-42ca-a34a-e9903f380a02
https://www.kanui.com.br/ 		163 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/b125ee43-f7cb-42ca-a34a-e9903f380a02
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
163
Content-Type
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-44NBXM9HZG&gtm=45je35o0&_p=1169205849&_gaz=1&cid=61963534.1685051957&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&cu=BRL&sid=1685051956&sct=1&seg=0&dl=https%3A%2F%2Fwww.kanui.com.br%2F&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-44NBXM9HZG&cid=61963534.1685051957&gtm=45je35o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-44NBXM9HZG&cid=61963534.1685051957&gtm=45je35o0&aip=1&z=694597804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-24844488-1&cid=61963534.1685051957&jid=434796901&_u=YEBAAAIIQAAAACAAI~&z=50884861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-24844488-1&cid=61963534.1685051957&jid=434796901&_u=YEBAAAIIQAAAACAAI~&z=50884861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 19:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
10570
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127485
x-xss-protection
0
server
cafe
etag
17275677167730277524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 24 May 2024 19:03:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		71 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kanui.com.br
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4da03326fbdf8a738c8097aebb5f6fb3ccd6f0af79132c02f65452783c6dd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59
x-xss-protection
0
expires
Thu, 25 May 2023 21:59:17 GMT
/
www.google.com/pagead/1p-user-list/1012508079/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1012508079/?random=1685051956738&cv=11&fst=1685048400000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kanui.com.br%2F&label=GNVwCLnZ-gIQr8vm4gM&frm=0&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=1632797189&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1012508079/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1012508079/?random=1685051956738&cv=11&fst=1685048400000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kanui.com.br%2F&label=GNVwCLnZ-gIQr8vm4gM&frm=0&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=1632797189&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DADJEF833JDL.js
wkxppshj-qx.global.ssl.fastly.net/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb5fa52a1e087924c6c850ad29fc22daf238886de8d32af08f7f6474736b1d62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:16 GMT
Age
1868
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
86771
X-Served-By
cache-fra-etou8220090-FRA
Last-Modified
Mon, 22 May 2023 10:05:33 GMT
X-Timer
S1685051957.985572,VS0,VE1
ETag
"49bf29694e1836bf8005286ccdf69664"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
log
pond.datajet.io/1.0/ 		16 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pond.datajet.io/1.0/log?key=tbKXv0Wxvo3gqHPZy1y6yrkM3eUZ5r4&p=%7B%22event%22%3A%22pageview%22%2C%22payload%22%3A%5B%7B%22pageName%22%3A%22Index%22%2C%22ET%22%3A%22cmspage%22%2C%22brandName%22%3A%22%22%2C%22pageCategorySubcategoryBrand%22%3A%22%22%2C%22pageType%22%3A%22%22%2C%22skuTop3%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%2C%22wt_cc1%22%3A%22%22%2C%22wt_cc2%22%3A%22%22%2C%22wt_cc3%22%3A%22%22%2C%22wt_cc4%22%3A%22%22%2C%22wt_cc5%22%3A%22%22%2C%22wt_cc6%22%3A%22%22%2C%22keyword%22%3A%22%22%2C%22googleRemarketingLabel%22%3A%22UWWxCIyIlAIQ5NyG1gM%22%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22Test%20A%2FB%20-%20Best%20Homepage%20-%20Homes%20-%20(15%2F08%2F18)%22%2C%22eventLabel%22%3A%22Home%20Mista%20-%20Desktop%20-%2021%2F11%2F22%20(Homepage)%22%2C%22gtm.uniqueEventId%22%3A1%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Action%22%2C%22eventAction%22%3A%22PCI%20-%20teste%20A%2FB%22%2C%22eventLabel%22%3A%22add%20cookie%20(true)%22%2C%22gtm.uniqueEventId%22%3A4%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22unique-selling-proposition%20(tarja%20usp)%22%2C%22eventLabel%22%3A%22USP%20-%20Desktop%20-%2012%2F04%2F23%20(USP)%22%2C%22gtm.uniqueEventId%22%3A7%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A10%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A13%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A16%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A19%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22after-header-homepages%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Namorados%20-%2015%2F05%20(161003064-NA-BRZ01-NamoradosPresentePerfeitoAte60Off)%22%2C%22gtm.uniqueEventId%22%3A22%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A25%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A28%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A31%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A34%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A37%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A40%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A43%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A46%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A49%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A52%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A55%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A58%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A61%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A64%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A67%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-novidades%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A70%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-novidades%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Outono%20-%2003%2F04%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A73%7D%2C%5B%5D%2C%5B%5D%2C%5B%5D%2C%5B%5D%2C%7B%22gtm.start%22%3A1685051956605%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A76%7D%2C%7B%22event%22%3A%22gtm.dom%22%2C%22gtm.uniqueEventId%22%3A99%7D%2C%7B%22event%22%3A%22gtm.load%22%2C%22gtm.uniqueEventId%22%3A100%7D%2C%7B%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A101%7D%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.kanui.com.br%2F%22%2C%22url_referrer%22%3A%22%22%2C%22local_timestamp%22%3A1685051956917%2C%22client%22%3A%7B%22platform%22%3A%22Win32%22%2C%22agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%7D%2C%22consumer_id%22%3A%22tbKXv0Wxvo3gqHPZy1y6yrkM3eUZ5r4%22%2C%22bid%22%3A%22ef2bb369e49ee2c9060f87d23d566f19%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.189.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-189-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
317d808c8d92f3485f748223ac58434addf9fca51c5e46a7c8960dedec53e96d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://www.kanui.com.br
date
Thu, 25 May 2023 21:59:17 GMT
access-control-allow-credentials
true
content-length
16
content-type
application/javascript
main.MWI2MzlmMWJmMA.js
analytics.tiktok.com/i18n/pixel/static/ 		242 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9UKI83C77UCFR8RC6JG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
d9ac405
date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023050811311529A214C240AF7F893750
vary
Accept-Encoding
x-cache
TCP_HIT from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018b8bdf543b9f1a8625110ba934082da36615720c8bb9b24a12cfe02720e8a1b5ed17f535cf55291a84bf62a6a5efe6f7f8a723f21ad93bad57a95944724be96d595f33aee4782340ed4f9fcfad646c8eb1906c7cc578943a6218fc9cbe3d4da0
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
content-length
68801
modules.fc5042d851617549f5a9.js
script.hotjar.com/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fc5042d851617549f5a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1196013.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-7.muc50.r.cloudfront.net
Software
/
Resource Hash
48453a8b020b102756676dea392a2d99225fd874f315612ce8fe0aece7d6a558
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:15:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
27850
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69550
last-modified
Thu, 25 May 2023 14:14:16 GMT
etag
"9d51d4864f7d99a8fae04b82945d23ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZZ1ZH7oyhM8pMWSpi0o3eDH6CN1aZF7OGG98JdMdQazHI9n4-IyKYQ==
/
eum-orange-saas.instana.io/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:17 GMT
cache-control
no-cache, no-store
via
1.1 google
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
identify_738b3.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id
d9ac409
date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230508113115E55380AB738DC18470C0
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0178724a9630ce257de125c187e81ed16bb365181cb0f518619b832879a5d182163e26c1942214f8bbff51a28cfa89b7dce733aecb7b441b6b573871eb9423f5e61e7a47022fca6d0067139e4a7d0f585b46d337b381e3feb341a45605cb22a9d7
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length
30825
pixel
analytics.tiktok.com/api/v2/ 		0
694 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c68c924.d9ac40a
date
Thu, 25 May 2023 21:59:17 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-62-213-84.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
x-parent-response-time
122,23.62.213.84
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=27, inner; dur=24
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023052521591772CDCF2D867272BF5425
x-cache-remote
TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
27,23.220.104.207
x-tt-trace-host
01798c57de0a0fb91e98df7cf0d23b5bebc6839c3d4c612d57614f351602ae590b47e652f3bb8e6fee4b2eeff4525f20f2b75cc00098b6abcf098ccb665673c2a59e98f2a4c31e5860b2b82b4a3da676522898e4134db3af865a7f5a0fe2c88468c4ac8dd583aee6c94bf3f4c1b7076edd
expires
Thu, 25 May 2023 21:59:17 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1711122434&utmhn=www.kanui.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&utmhid=1169205849&utmr=-&utmp=%2F&utmht=1685051957273&utmac=UA-24844488-4&utmcc=__utma%3D227738178.61963534.1685051957.1685051957.1685051957.1%3B%2B__utmz%3D227738178.1685051957.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=805167751&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAABAAAE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kanui.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kanui.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3231401090492931&correlator=2844862373075087&eid=31074694&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fifs&iu_parts=98468451%2CKANUUI_HOME&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&adks=3254371550%2C2490721833%2C2490721832%2C2490721835&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685051957349&lmt=1685051957&dlt=1685051952986&idt=4338&adxs=206%2C330%2C650%2C970&adys=3541%2C3486%2C3486%2C3486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kanui.com.br%2F&frm=20&vis=1&psz=1188x35%7C320x0%7C320x0%7C300x0&msz=1188x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=61963534.1685051957&ga_sid=1685051957&ga_hid=1169205849&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18dc681cbfe28801aa2688c9900115e6b00d17ac2924b4a2454d51d8f706eab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26294
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3b5ce3b9e71975f5a54af68e5184d9f0ecdeb63b62c225139e5b32c28fd30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11126
x-xss-protection
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DADJEF833.snp
wkxppshj-qx.global.ssl.fastly.net/ 		99 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.snp
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4e35692aefd094976130c06ab5cdf2453d48eb674dacd118fb172a1aedd097f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:17 GMT
Age
0
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
68714
X-Served-By
cache-fra-etou8220112-FRA
Last-Modified
Mon, 22 May 2023 07:32:38 GMT
X-Timer
S1685051957.405583,VS0,VE198
ETag
"8142b3a96239115d77e09d0e335f4b74"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
preact-incoming-feedback.c3bf02bc96a429d14420.js
script.hotjar.com/ 		174 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.c3bf02bc96a429d14420.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fc5042d851617549f5a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-7.muc50.r.cloudfront.net
Software
/
Resource Hash
84624a97231d724ea499ba6b02a31c0aab49f5252750cb25045588c117dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
28870
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
34604
last-modified
Thu, 25 May 2023 13:57:27 GMT
etag
"409ac8492e0d6d16984d2c00ddb8aed0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
KKp7H4uJXrt0Oq1-rP5-a_zTCwiU9q8egwY64lD5BYWowqjU00dd3Q==
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=8&cb=48085990115
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kanui.com.br
date
Thu, 25 May 2023 21:59:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 May 2023 21:59:17 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:13:59 GMT
x-content-type-options
nosniff
age
431118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 22:13:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:13:59 GMT
x-content-type-options
nosniff
age
431118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 22:13:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:13:59 GMT
x-content-type-options
nosniff
age
431118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 22:13:59 GMT
font-hotjar_5.65042d.woff2
script.hotjar.com/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/font-hotjar_5.65042d.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-7.muc50.r.cloudfront.net
Software
/
Resource Hash
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanui.com.br/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
3185511
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Tue, 18 Apr 2023 12:54:49 GMT
etag
"c9fb9163f8b7be37023ebe649688bebf"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Pvlp6gR76Z9EIYJApzwZCKeV9_iGXW82tR-2uybvroKZVBcEqPxmWg==
5488107.js
bat.bing.com/p/action/ 		0
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5488107.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 25 May 2023 21:59:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EEC8E2165A9E4A5AB72D899F03DC59B8 Ref B: FRA31EDGE0206 Ref C: 2023-05-25T21:59:17Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5488107&Ver=2&mid=7ce81786-958d-43fb-8832-1dc78f36b6ba&sid=6510ba80fb4711eda2c2973eef4ec476&vid=6510c5f0fb4711ed8dcbfda4c66aa8c8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis,%20Roupas%20Esportivas,%20Acess%C3%B3rios%20e%20Mais.&p=https%3A%2F%2Fwww.kanui.com.br%2F&r=&lt=4682&evt=pageLoad&sv=1&rn=795995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 May 2023 21:59:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C820FF88612144619B7C9A42D6790897 Ref B: FRA31EDGE0206 Ref C: 2023-05-25T21:59:17Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2169 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 18:22:33 GMT
expires
Fri, 24 May 2024 18:22:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5DE8 		783 B
954 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f95026377161360449c6c55de4d0bc49be7b02fffc054e92c92eb6c3b46e7db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8hzB6xyNHCc0Fb0XIXSs_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8hzB6xyNHCc0Fb0XIXSs_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Thu, 25 May 2023 21:59:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.kanui.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
pagead2.googlesyndication.com/bg/ Frame 2169 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
199218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:38:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=3231401090492931&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
19cdf4f2-918e-4571-a3a3-360cbe0154a4
https://www.kanui.com.br/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/19cdf4f2-918e-4571-a3a3-360cbe0154a4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46882f4bef1b2dc3f1075505e60841ef3113f419096b1ba48aad715fb5b5e087

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
2904
Content-Type
DADJEF833.cjos-module.js
wkxppshj-qx.global.ssl.fastly.net/ 		107 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.cjos-module.js
Requested by
Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d69ceeef402d5481f94eb88ca0daff8268f16c0e72ad300532942cd4fc87f4c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:17 GMT
Age
1868
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
28852
X-Served-By
cache-fra-etou8220090-FRA
Last-Modified
Mon, 22 May 2023 10:18:59 GMT
X-Timer
S1685051958.790205,VS0,VE1
ETag
"92d4802461d3621235893f0c10be8580"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
DADJEF833.chp-module.js
wkxppshj-qx.global.ssl.fastly.net/ 		154 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.chp-module.js
Requested by
Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16fa684a6403bf78dd4031230f13bf8aa73bd5267241a8fc2ef39acd4f77d45f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:17 GMT
Age
1868
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
43047
X-Served-By
cache-fra-etou8220090-FRA
Last-Modified
Mon, 22 May 2023 10:18:58 GMT
X-Timer
S1685051958.846304,VS0,VE1
ETag
"d0851e93ce1e1bf57882682219563148"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
ads.js
cdn.480app.com/ 		21 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.480app.com/ads.js?r=09196318587471741
Requested by
Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.cjos-module.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish
date
Thu, 25 May 2023 21:59:18 GMT
age
100
x-cache
HIT
content-length
41
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 23 Jun 2015 06:50:40 GMT
x-timer
S1685051958.194558,VS0,VE0
etag
"8a68886c66c8ca4dccac563705f5891c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
18
aca0a762-d8d3-4c27-bdc1-73bccf4f8aaa
https://www.kanui.com.br/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/aca0a762-d8d3-4c27-bdc1-73bccf4f8aaa
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c336e611e43128b20c8ad73345bad62a9f39066f2f2ccc3f46c60a13452331c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
3259
Content-Type
generate_204
tpc.googlesyndication.com/ Frame 2169 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Yeimhw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
L3DADJEF833.json
wkxppshj-qx.global.ssl.fastly.net/ 		42 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/L3DADJEF833.json
Requested by
Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.chp-module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
605d9ddd81095e5d63543b4435a16ff1b4ae4da30bb842b582156da601e08880
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 25 May 2023 21:59:18 GMT
Age
0
x-amz-server-side-encryption
AES256
X-Cache
HIT
Connection
keep-alive
Content-Length
24540
X-Served-By
cache-fra-etou8220090-FRA
Last-Modified
Tue, 23 May 2023 09:11:22 GMT
X-Timer
S1685051958.214263,VS0,VE200
ETag
"c3537542e34dbe77f8d3ef9baac86aaa"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
1
nmg_tag.json
colrep.sitelabweb.com/ 		89 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colrep.sitelabweb.com/nmg_tag.json
Requested by
Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.118.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-118-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2054775db25ae9485cbbff01c19b603af007341e7d45138f0a8bef2c8c434524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 21:59:18 GMT
Server
nginx
etag
763-1685051958.274-f3320ff3aff214a4b4318776d0ab09ee-529
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
cache-control
max-age=31536000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type
Content-Length
89
4dbebd7b-3ae9-4b94-b2ab-421f9fa7f430
https://www.kanui.com.br/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/4dbebd7b-3ae9-4b94-b2ab-421f9fa7f430
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca690205f18df47cbd3e34f8cbbd00e7b169d25bd369f7d4664e7189173c76f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
1883
Content-Type
syncframe
gum.criteo.com/ Frame 7405 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kanui.com.br&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
server
Kestrel
server-processing-duration-in-ticks
455649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
session.sitelabweb.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://session.sitelabweb.com/sid?userId=763-1685051958.274-f3320ff3aff214a4b4318776d0ab09ee-529&clientTag=DADJEF833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.79.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-79-42.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.kanui.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Thu, 25 May 2023 21:59:18 GMT
server
nginx
sid
session.sitelabweb.com/ 		197 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://session.sitelabweb.com/sid?userId=763-1685051958.274-f3320ff3aff214a4b4318776d0ab09ee-529&clientTag=DADJEF833
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.79.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-79-42.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
fdb72fac128844fe148d3221c43ae7f9dc65e1937b8297b074fcab9437da46e4

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:18 GMT
server
nginx
x-powered-by
Express
content-length
197
etag
W/"c5-mUaYAR+r5Kn4tZsDp/r80DSAI/A"
content-type
application/json; charset=utf-8
sid
mug.criteo.com/ Frame 7405
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=kanui.com.br&sn=ChromeSyncframe&so=0&topUrl=www.kanui.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=1xIACXxMWDltQlVjSnFPYjJsZlIvZC9aTVNZTW1UN2NIMVN1RUd1V0x1ZE9sNUlSVlJBVmtlTUgwa2d4dTdGb2F2dmlxbmgxUEY0WjBqWXpjQlZVMUxZSmRNWmkrQkNsYjh3MTlyOG5iTzhaT29tdll1TGNiT1JtbG1iMD...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1xIACXxMWDltQlVjSnFPYjJsZlIvZC9aTVNZTW1UN2NIMVN1RUd1V0x1ZE9sNUlSVlJBVmtlTUgwa2d4dTdGb2F2dmlxbmgxUEY0WjBqWXpjQlZVMUxZSmRNWmkrQkNsYjh3MTlyOG5iTzhaT29tdll1TGNiT1JtbG1iMDVVZTN3dE04bWYwMndxSFNKNnE2angzSThNT1BYT1hGM3RjN0lxVnAwdUp5TWhKTWlicVZ2WEZJbXI5TXAxYzJORVliekVDQk1GVEZiTmFSS2JGNmMzMndNRXpJMFpTdGtBMDlGV2J5dW11ZnRGbktYOFdyNi9TaVhrME9FMi9LMlMwMmd0M1g2UXFhT2hEYytCbTZUdFJUcGIxNE9OUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd51b242b4b96a66a061d2de8bd377a637322731863047dc8c7eba42d7ee1926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1309099
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1xIACXxMWDltQlVjSnFPYjJsZlIvZC9aTVNZTW1UN2NIMVN1RUd1V0x1ZE9sNUlSVlJBVmtlTUgwa2d4dTdGb2F2dmlxbmgxUEY0WjBqWXpjQlZVMUxZSmRNWmkrQkNsYjh3MTlyOG5iTzhaT29tdll1TGNiT1JtbG1iMDVVZTN3dE04bWYwMndxSFNKNnE2angzSThNT1BYT1hGM3RjN0lxVnAwdUp5TWhKTWlicVZ2WEZJbXI5TXAxYzJORVliekVDQk1GVEZiTmFSS2JGNmMzMndNRXpJMFpTdGtBMDlGV2J5dW11ZnRGbktYOFdyNi9TaVhrME9FMi9LMlMwMmd0M1g2UXFhT2hEYytCbTZUdFJUcGIxNE9OUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
411108
content-length
0
expires
0
ac32e1ca-772a-43e7-8f93-11a7388bbd6a
https://www.kanui.com.br/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/ac32e1ca-772a-43e7-8f93-11a7388bbd6a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6ab2b7e1cdb49a6e4ca35b738732a3d6c2924b4faaed0249bd15b277b616bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
3107
Content-Type
50b8aaeb-d8ac-4bc5-990c-c2c84c96839b
https://www.kanui.com.br/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/50b8aaeb-d8ac-4bc5-990c-c2c84c96839b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
115a3171db7784e3eb1e6a7590546ca4d32acdde4997c33ed8cab373d815e5ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
2293
Content-Type
ec342f21-a80d-43b1-aed8-77b9d9db9785
https://www.kanui.com.br/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/ec342f21-a80d-43b1-aed8-77b9d9db9785
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fe2a7d0d15b0a3c314df18fc73ffc1a6769e7491d9a2bb13aa8cc9b70f69106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
1167
Content-Type
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOc...
  • https://widget.us.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOc...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMkZwNEpMS3VUSkRWemN1blpsbWQ2QWppTllxajF0cFlkZVdFdnVLTFFoM21yME5INnhhTTF0OFhFOHNEYUYyblA0JTJGYkNQUDhicDFEVXd6dmElMkYwZjdEMk50a21JTlBSZ2tza0YwZkR1M0ElM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&ceid=4cbd45de-d677-464b-9bba-b5221c893916&dtycbr=13266
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ef79135808bf7134120efb4488d60050b5844db1ac968c56a636ff6b4329b93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9394921
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=4236&v=5.16.1&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMkZwNEpMS3VUSkRWemN1blpsbWQ2QWppTllxajF0cFlkZVdFdnVLTFFoM21yME5INnhhTTF0OFhFOHNEYUYyblA0JTJGYkNQUDhicDFEVXd6dmElMkYwZjdEMk50a21JTlBSZ2tza0YwZkR1M0ElM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&ceid=4cbd45de-d677-464b-9bba-b5221c893916&dtycbr=13266
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6284728
timing-allow-origin
*
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=3231401090492931&bg=!Z2SlZDDNAAZu7ficTu07ADkAdvg8WvewPw-wns7_ngFA4-GwLhaB-aujLyOwb4hmZJ5r_fyUxvFGbOKN_HBWYBIv8391TT2kpyUCAAAATFIAAAADaAEHmQKhVmlQ1lBA9wfGuLV3LJD8M1WAcn9sIOZjV0hfLA7050t711paySG3EkkwPMgKuSLwpJ9I80auOVWXaEYK75orpgPQmxzhgg7555Z237UJKiu_32Mho58pFWkwKuCKPQyjwZ8qz5WAB6LVhn82lsMANKkg2oi1d-Khh5wmK5ScecSHbtkQtn9MCkhlWAbhDfHg8QSyF8ZH5hoQgvDn5L9Ws-n52_CHg_qclw9eepGhUaujKXkjqYU-wlgrs_OQaY9CdAAzaJR9X1NL-45kQfCSCOc-_44GqDh6Nnp1gViVNF2HM9p3hUPBw_dWykeTbDgKpaxG6i2uXFUoryplFF6SETb8nixkfCKkZerxXj-3TPOQDZP925xBrfOABz1R_c7vBiiHPoEBSEawLffmJXruLguam9KctOyxpuWwLU8JJmuCBt180jMQcZhePNnxuibl0SWPUfW2sHvpxcKTDte11HUP4dmwVvzvll4232VQ1S_Be_lK4wPCU3nJEVImgggyMzublRc6ENat_GEtt7icGKX-RzJ2RiW1KysVlb_3CK6U-3da5kOJJ9p-GGEIBKYc4qqFYAdaY58fvIF8emYkOcCMM04VnqTCuz_6JFfLOvIXkTx5f2e6GzyebEfkyPsCScgypJrHz17gQ0_s2tARnVTVVkb6wiBSAAH8zlg1TewrtuqAzwj5pnbeRdGLuQWE8vBL6aXXRCzHQ1DcdZPnSHvchR0Mn168b4OvpJlrZ5fKwNszwj3pMIPJBRI-16zQpHn4a4hAVjMBObO-PTmtJ32LXDNtl1TgzgjewRPR0EQULSlPCu17lRPrJNR_Tb9uJSzMxp0fjWYMHjcNA3LViED8LklJt15vUk4NangHFMV5ncp16-PRrT7J-X8YOfvhdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEDD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C876 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F4D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C856 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 92D5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyOv96IR-VCL35AJWgATMYAatXCeO4kFkqgtfzLTAIJLazSgddVbz0iuRDt1ElKI8JmJ6I1wfhtPNHifbkXAuL9nNDs7WfRxdh73NXp5eUy29_nss
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15709399048321060920&x=1&ct=76
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 92D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 92D5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame 92D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrDJnAWOzF8uf8fPDi4XGMi5Kg9euur4guX8eF5Z2NsDe9KmJCbI1ThWpAJyjQ2DyLTvpfVE7r7M-0JrOSNI4a7yk6Wg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92D5 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A2FB 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BEDD 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEDD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGq50OoPk52vz57-IH70Y1ubks_TxgE5pIEoJibZgz9s1y0QV8_-qAxeR7Nf6gqUjZKIc1JPjVl-OF5jctQCK0EWam2ACFLMCrq6FLyqhf4SvrvEM
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEDD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2070092110585360119&x=1&ct=76
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame BEDD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame BEDD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame BEDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_Xm8N7J3bo6OOFOaenunzkqGeeUX9SagZMfK_VTmjBtOUHdxDZAQ-3LIhe3_Mz2n-KsYnQ0MC2U7ViQN6FXoDJW185g
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BEDD 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0D7A 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C876 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C876 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Azg3eObBxGlpPnewAZRcOTvw35ikIlPN5az0sSXStu9QQqzbbwRe8McO1V3a5iVtd-vvUKLaRa-E2UPZE82yD4oDAFAt5Prkod6eszA4AWC3MfAqk
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C876 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17596455383161658456&x=1&ct=76
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame C876 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame C876 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame C876 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTNG2s5_PgHskd-hx6eA8eGpsqvAtEOpXyDzS1hmuipHWBil4WAw0tscJkuFSQqnCs1UFaXG0P3ZqCHlkEZGmKd0VyWg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C876 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FDD3 		466 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNUr7q0sKWNtPEm8wv1nQVow1HELegdLzuLGMEFsMqK_d8AAF7GMgl3sPORhHjAyUh1wcno43Y0aNHYAH8UNmWTocDz5gykXF4VIX_i1Ya6FGHmuaoPHnTMI-zYK8dyEI2AbCHmuhrJ1cIrmykqqwCfV1oTQ7LiTeHgMpiwU_WGVtxLb0t8
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0F4D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaHXX7bNes6It0gAPZ0geftmtRb2DEePNXD3d0DU_b9H7n3-pqoHG6Cc35iotWNLVJkero0KLqACzn-Z8-NI45lUIKAFahWLzNswn3ZvSPE3c8ZRQ
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F4D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=257322779127633117&x=1&ct=76
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0F4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0F4D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame 0F4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0eSxi4ROFTtGxZgZpindyPVARl5k4db2cK7S18ClP2x_Qk6IpKyTGkzxPRZSDOPXPu-bOb6aoIy-cj0POZRYxemOFlA
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F4D 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:18 GMT
rum
dsum-sec.casalemedia.com/ Frame C856
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame C856
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZG-aNnyM0A68dk65JTbT.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJBzj5ollxD2jn8nl4d6lpg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C856
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPu-jsP4PS4I4lLUymg5QV0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPu-jsP4PS4I4lLUymg5QV0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
AN-X-Request-Uuid
9bcbb03e-1d09-4783-8818-0614246b7e15
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPu-jsP4PS4I4lLUymg5QV0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C856
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj2CRCHtHAYvZ2e3wEwAQ&v=APEucNXTq18yAm0t8sYqNFMHP-ZWvxRdvL2NhUXraz3uyk5LQFwg-KhFoTGLwdiKqb0R4Ac_Ka33_wLNIcGN_Nwoye-56A7KPcNM_R23EGH0bDawtJZr7xEBLhWL7mAt6YFB4NiXdaUpHHGYxUy0iiJFtkhLSHObkC84uUDIgoRySdIo5voAG2k
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d6baf602-10d9-4a2b-9426-f736f912e1bf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A2FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A2FB 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A2FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:18 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A2FB 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNV2kegkNtgEf8eo0uOGJ_criUe0AgZHaIGGBTfGUZjxXL044Y3HWX1uJ7LraBK_eNYyMkKHDKT8Eqz9I8MZZ2eojpAagS1UmidMOFyh4ve5PU0npVz_qhdwb4mZ9aIZnqcCR44pBU652BiFYGpIuYoUIKDsTEudZzwvAmh54rKQs_pWtUY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:18 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 0D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1mUfFRPZTbjiBmTExY9kA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0D7A 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 0D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:18 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESELQnXVQ0BPQ7JqbWZvh_Yms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0D7A 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNXojZVxMpl4b78T5CZ_PEr-ZStWr2jrT8xCbpeItJ4fFVtn5wRfQPGuBc28hWP1sMqwR97bkbZBwrgsbcvQs6Gt32upOyx9oKan6yMRjRknSVm6wDHXodDQCZTGcXqiURa4sjDrjQzVv7fh5YABM9fh_0YCKihnlRmEp9s5BEAcEqjg0QE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:18 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2429813278953&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2429813278953&version=m202301230201&ct=76&x=1&cor=15709399048321060000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 92D5 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DenlS5-x4EBTdIVa1Jb4ifYdscFPp9sSOl8hLShkSywTzUdoaRAKdNLxjTa3MDlpZkfklgyACHVKhDxsEuVotXimPVXw&cry=1&dbm_d=AKAmf-BZSydNdzbh2l-h2NBOlHykoKwR9HEqkGD-Zz_Tt_nzxTW2m55pmZwmkwyET4RRyAV93CwfM5wyrywZN5tidceGYzmXvAsBuOmURmxkjjlE0M8f4gsH1jcvlnIErpB4kV4tlJQhR94y0rhYP8rFK2NgfWWF2SpZKeaPRYA0yOB_RcP2fEyd0NPVoJIQueG0mop_FwURC3J3epqQbMO5nfByYWyDB2uL1AqFmYCuRq8Ds9W78jJSZVSoyCc9G77-04SEfhzgleYjDo4H_VKK45ViqG_OFUUcpDH67TbeRZVrDV9wXWFfaUbtEtz_A92bGw6B32y1WutopxZSzCwdGXuXl2E9fhgWlLSnSLgcm3nY1FrrcuAyhASW_aYb0_K-BdX3wkWr_QTzWcp1jatFo72YJc_rHR75rQjV_ICTBc72NoFxs1MygQuEPI1Ty5X4Yh-8Jif7f1irczEo0px_e5YmmakIJJfY4OJf2KUWtCVjiOmryLx2RQIjJ3c4TmfzQiNrqNUo6sU-8o7dyvYF01POU9aGg_6MuxG5Qn5__PV0GoZ7W42njnIBMeDXaaxpdofj21F2csCp-mFF4jZHp2hX6caxOL65Cbadp4h5Sei23b2TYteU37WgAoIGtqTaqvhc-XLUKTekmuvvnuXdJBIcKKIEI9hrZ5ixP5PYN9VGxvVgaQnMvZkSpw1uhfTPRK2VYuikt74KLI8bG7eHHeUSqvRGIRaZo0_6jBKfkObWFKW__J7-AfpxFJW_84pBR2-4TqAwl0H3zKdbqnyeo8NI6sWI5VSbkCpmkIOxeOrs82jme09wNqScw0cSf5V0kTz8O7qgrI6YxQttaPgeCb8Z_eWJaBRlwFpvfnzCu8kL20jlVpztYMSEsf1TTre4J4eSR6zTy2gqJ46ISphAZhLwieB9KBf9iAbs-8VWiQOxTczw4V3Ip-FuCwMGVgY25yfPRZR9kg4cJNu3nTgJC4AiK26puedNrUJj-UlSlQwO8eGrV_lqfWgdzXB5IRiE2U8MJ0O-I8LaSbeUwwldbvZKFCxdMQG50t0DlICTYozX1wqr1pZnMo0Du1h9qBn4aHjaEXHeFLbAkkiIEUfHSxV2jOdbpG-yy6p5dL74cj9C7eQgNaWKGZWAabGmnCd_iYY9q5sFSyuR9I1KA7yW89vlO0K8aNpwDg-qZmpC4vOkFLBx_aFTdCEt2RmZ6_nZGDe7-LiAOt1ccPTO0_hLDMIK1t6SpFISpNDj82UDmfaSIsz8DGMuj6eS2grJsLLs2JlDlfg97O-TXtoiXfELsiZBXoI0mQNMirNh7LcKgrEqO_pIsr54w99FWnKkAHsRvQ8wuUoxD6K0WnhL0NF7eS8BNxgHju0hnbpN55YY_0s8rw91WUeB5_A-k96ERzB2bnjiZNMmtnnbP6cTFMnPTW4GuOmPK6jwinSvOB92rWWhFpsMZSv4jl76NAKfHSkERbm1eCtnSPKuGJ22tEtNKpDvKYCvs1-OnizGJfO4s2GcO9QDqLGWlMHK1aXXf33GzVxvZl4Bnr89h4XJhn3tTws3d0aDGTq118qMJLkaRoOGLn1yjIy_ZZ-4_j1U2tLl1ZPzDDkjgRhI6ykUjwyAYbGub32Qej1oQ4E2pCOLQY7LE6oH519pzjAnVaOKLWNShsdYWXlI9Y1Z0zE9ZLFbnIg5WXu6bSZLlQDGenecHi3Hm5vFWhKFuUtt832JpE32WBSgVxQFR0DzKPP7mIgUHjWUK0cjqWhRsoR_u5IY0E9gu-6q9DqayOXADQY6Ko8sBa1D4pWu0hKtV10iwXkhisnvMfn9MojQ1T-klkddsMfRY4mXxIGQQ1mz-9TR1ZDtNc-AMQsQTY-Q7-en5ZvZ8EoVSBR6TzqvcWb_hvWyBL5nC0xY96ruw7YlXLmevrKsBDF2HodEuHkWA4mfjUdDgno5-nTkk4nwRUuEv_XoiGad4mjcJGuKRYNsHf4s04owxcFiX2xlQZ_La1DPmdSTQlnBzBjPiUwc8FJck-Oid7-wPpr3rQxjVZcSRNsdPVSDmj-QedwT_K0-u-Nr0f7y7_5ZqLo2ZYu5XeLQ6h2e9UEjFF1rXmFjy3fN5J7EY-uIp_yo0ckwqNM2w01aOohNqHMrhlExOuAlxHLX-xqja2jwplSv-_nwlztfzxPyFotNaKv2HzqYFVBDhHNshnIPJKKymU2fMOXWwQBCURgZ6dRP5DycKHxdDGJ-9EaAlSWrikhvg1JtOlVYjmetojP2LyhKT1atzTYMe_s7_VKUH_yM4Htt55FJ0lizwb2-OfnmtSvN0drxqAvy_bEJuPM1jZNX_xnmpNm25-sI8FYe_0FiwauHwwpspduzMKeVcDyx-KObDntQedlV-t3VAaaGn5Kc-WZB4OJaR0YRoZmmWD61_-JPMLvoJ9iUXiScFvfm7sxKNCDzqmoYB8S5eSvSQfNuFeDE105IP514CWMRhN1SZp3g-iH0TElMOKMee3Cjkjj1GzBHjbz3TyS1X4ZhXC628AOWkwl4FSikTrtR7tGYKw9NFzAWDDe-oWdyiqUd7XX2Li0mq-TRZVX_vEdGiQXVc7LbLG4l0M4_5wcbP3NoaIWR16b7_NcQIvlc3VfPry2SoA5eslt6Cbql38zqHdwFWz3e66MpYLKZQeGnCbOqT0qCt54vqopZd-hu3kqu6i97If73ndfHkiwXGyE6FJxvtsS9cLseVft7cD53L2dBNYRz1WC03WK7-x70Ij6WWN9tb6Ox6h9uql1ja2LbruIv2M1FpDq0X1_R4yXkcMZNHq-BSENJzFpYYlXSo-_WrT8xW8Q8kCINORrrLTzbSjXzQklqeJFcIRCK9g89rXASl3b586OOy3NX2i9oeDeG7nlI5hGP89tOkOvoSar3xH9i8LAxM8g6upL_vaK2JofBzaWXjhdV0lFAn1rSupwsjSq2FBM9ckQKILM-XEbu-IK5Ou8z9BkEriLfZ9-u0mK7UIum1Ce8z1O4zWnUDEnu0XlIyqf05FhrtF9C9He5g5V0jlfdZg_KVsPwTeVNrKEfapNaZ1SBO_f6c6j-XTbHCT1rQrMpc-1Pej6fBItpDoyiIJAFJZtA7mqvsmUYJY7GvvzVYODyxrvFH3SCv3mJtuw_OPePwfO5lGVNnwzs9gWfkJO4Dw05l0wA1FU2Gg5S0_iVwg_u-lQmuG-mMnejphMU100pPAbbjyqGbp82LJwnpqoayygvVglQaMHGkWxQRrDCZ97NbVJdYcD-p8rOq5-JQSoHHKTDzQQo5bUaf0lqYhc7DG7liQRiaZO9wShC2rN57WHjUMzPES_IGk8BTUxgTYg908kw-HFJkVZd6IyIaEXAIeQU8qw7uJrfzHkHlYrBS7ajL-H0qq6nKe5H4PRid70GQUcTAXBu7n5ohbN1bMm23hK1X_WTH1zKMRg2Inj0OHs&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=15709399048321060000&adk=943508955&idt=66&cac=0&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bfe2bb34fdfb68ec9df2f523571d13141a7c9716dfc862dc5c5c8739917ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36161
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C876 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2459386240917&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C876 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2459386240917&version=m202301230201&ct=76&x=1&cor=17596455383161660000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C876 		69 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afef8758b4e30f1afda61d12b54869eede96ae24c4f585725cb525592045157f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31827
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEDD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1289308263946&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEDD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1289308263946&version=m202301230201&ct=76&x=1&cor=2070092110585360100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BEDD 		69 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
612cbc8b0ce8646a310bee1b0c51fefe70c6b3066bd91abfc0a4c10e6879882c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F4D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5606780591078&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F4D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5606780591078&version=m202301230201&ct=76&x=1&cor=257322779127633120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0F4D 		69 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa121cf65fbbefdeafd6bf9ee45a15d32b7468abf1ee5be346e4e5da9c6da10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 92D5 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Origin
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 92D5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DenlS5-x4EBTdIVa1Jb4ifYdscFPp9sSOl8hLShkSywTzUdoaRAKdNLxjTa3MDlpZkfklgyACHVKhDxsEuVotXimPVXw&cry=1&dbm_d=AKAmf-BZSydNdzbh2l-h2NBOlHykoKwR9HEqkGD-Zz_Tt_nzxTW2m55pmZwmkwyET4RRyAV93CwfM5wyrywZN5tidceGYzmXvAsBuOmURmxkjjlE0M8f4gsH1jcvlnIErpB4kV4tlJQhR94y0rhYP8rFK2NgfWWF2SpZKeaPRYA0yOB_RcP2fEyd0NPVoJIQueG0mop_FwURC3J3epqQbMO5nfByYWyDB2uL1AqFmYCuRq8Ds9W78jJSZVSoyCc9G77-04SEfhzgleYjDo4H_VKK45ViqG_OFUUcpDH67TbeRZVrDV9wXWFfaUbtEtz_A92bGw6B32y1WutopxZSzCwdGXuXl2E9fhgWlLSnSLgcm3nY1FrrcuAyhASW_aYb0_K-BdX3wkWr_QTzWcp1jatFo72YJc_rHR75rQjV_ICTBc72NoFxs1MygQuEPI1Ty5X4Yh-8Jif7f1irczEo0px_e5YmmakIJJfY4OJf2KUWtCVjiOmryLx2RQIjJ3c4TmfzQiNrqNUo6sU-8o7dyvYF01POU9aGg_6MuxG5Qn5__PV0GoZ7W42njnIBMeDXaaxpdofj21F2csCp-mFF4jZHp2hX6caxOL65Cbadp4h5Sei23b2TYteU37WgAoIGtqTaqvhc-XLUKTekmuvvnuXdJBIcKKIEI9hrZ5ixP5PYN9VGxvVgaQnMvZkSpw1uhfTPRK2VYuikt74KLI8bG7eHHeUSqvRGIRaZo0_6jBKfkObWFKW__J7-AfpxFJW_84pBR2-4TqAwl0H3zKdbqnyeo8NI6sWI5VSbkCpmkIOxeOrs82jme09wNqScw0cSf5V0kTz8O7qgrI6YxQttaPgeCb8Z_eWJaBRlwFpvfnzCu8kL20jlVpztYMSEsf1TTre4J4eSR6zTy2gqJ46ISphAZhLwieB9KBf9iAbs-8VWiQOxTczw4V3Ip-FuCwMGVgY25yfPRZR9kg4cJNu3nTgJC4AiK26puedNrUJj-UlSlQwO8eGrV_lqfWgdzXB5IRiE2U8MJ0O-I8LaSbeUwwldbvZKFCxdMQG50t0DlICTYozX1wqr1pZnMo0Du1h9qBn4aHjaEXHeFLbAkkiIEUfHSxV2jOdbpG-yy6p5dL74cj9C7eQgNaWKGZWAabGmnCd_iYY9q5sFSyuR9I1KA7yW89vlO0K8aNpwDg-qZmpC4vOkFLBx_aFTdCEt2RmZ6_nZGDe7-LiAOt1ccPTO0_hLDMIK1t6SpFISpNDj82UDmfaSIsz8DGMuj6eS2grJsLLs2JlDlfg97O-TXtoiXfELsiZBXoI0mQNMirNh7LcKgrEqO_pIsr54w99FWnKkAHsRvQ8wuUoxD6K0WnhL0NF7eS8BNxgHju0hnbpN55YY_0s8rw91WUeB5_A-k96ERzB2bnjiZNMmtnnbP6cTFMnPTW4GuOmPK6jwinSvOB92rWWhFpsMZSv4jl76NAKfHSkERbm1eCtnSPKuGJ22tEtNKpDvKYCvs1-OnizGJfO4s2GcO9QDqLGWlMHK1aXXf33GzVxvZl4Bnr89h4XJhn3tTws3d0aDGTq118qMJLkaRoOGLn1yjIy_ZZ-4_j1U2tLl1ZPzDDkjgRhI6ykUjwyAYbGub32Qej1oQ4E2pCOLQY7LE6oH519pzjAnVaOKLWNShsdYWXlI9Y1Z0zE9ZLFbnIg5WXu6bSZLlQDGenecHi3Hm5vFWhKFuUtt832JpE32WBSgVxQFR0DzKPP7mIgUHjWUK0cjqWhRsoR_u5IY0E9gu-6q9DqayOXADQY6Ko8sBa1D4pWu0hKtV10iwXkhisnvMfn9MojQ1T-klkddsMfRY4mXxIGQQ1mz-9TR1ZDtNc-AMQsQTY-Q7-en5ZvZ8EoVSBR6TzqvcWb_hvWyBL5nC0xY96ruw7YlXLmevrKsBDF2HodEuHkWA4mfjUdDgno5-nTkk4nwRUuEv_XoiGad4mjcJGuKRYNsHf4s04owxcFiX2xlQZ_La1DPmdSTQlnBzBjPiUwc8FJck-Oid7-wPpr3rQxjVZcSRNsdPVSDmj-QedwT_K0-u-Nr0f7y7_5ZqLo2ZYu5XeLQ6h2e9UEjFF1rXmFjy3fN5J7EY-uIp_yo0ckwqNM2w01aOohNqHMrhlExOuAlxHLX-xqja2jwplSv-_nwlztfzxPyFotNaKv2HzqYFVBDhHNshnIPJKKymU2fMOXWwQBCURgZ6dRP5DycKHxdDGJ-9EaAlSWrikhvg1JtOlVYjmetojP2LyhKT1atzTYMe_s7_VKUH_yM4Htt55FJ0lizwb2-OfnmtSvN0drxqAvy_bEJuPM1jZNX_xnmpNm25-sI8FYe_0FiwauHwwpspduzMKeVcDyx-KObDntQedlV-t3VAaaGn5Kc-WZB4OJaR0YRoZmmWD61_-JPMLvoJ9iUXiScFvfm7sxKNCDzqmoYB8S5eSvSQfNuFeDE105IP514CWMRhN1SZp3g-iH0TElMOKMee3Cjkjj1GzBHjbz3TyS1X4ZhXC628AOWkwl4FSikTrtR7tGYKw9NFzAWDDe-oWdyiqUd7XX2Li0mq-TRZVX_vEdGiQXVc7LbLG4l0M4_5wcbP3NoaIWR16b7_NcQIvlc3VfPry2SoA5eslt6Cbql38zqHdwFWz3e66MpYLKZQeGnCbOqT0qCt54vqopZd-hu3kqu6i97If73ndfHkiwXGyE6FJxvtsS9cLseVft7cD53L2dBNYRz1WC03WK7-x70Ij6WWN9tb6Ox6h9uql1ja2LbruIv2M1FpDq0X1_R4yXkcMZNHq-BSENJzFpYYlXSo-_WrT8xW8Q8kCINORrrLTzbSjXzQklqeJFcIRCK9g89rXASl3b586OOy3NX2i9oeDeG7nlI5hGP89tOkOvoSar3xH9i8LAxM8g6upL_vaK2JofBzaWXjhdV0lFAn1rSupwsjSq2FBM9ckQKILM-XEbu-IK5Ou8z9BkEriLfZ9-u0mK7UIum1Ce8z1O4zWnUDEnu0XlIyqf05FhrtF9C9He5g5V0jlfdZg_KVsPwTeVNrKEfapNaZ1SBO_f6c6j-XTbHCT1rQrMpc-1Pej6fBItpDoyiIJAFJZtA7mqvsmUYJY7GvvzVYODyxrvFH3SCv3mJtuw_OPePwfO5lGVNnwzs9gWfkJO4Dw05l0wA1FU2Gg5S0_iVwg_u-lQmuG-mMnejphMU100pPAbbjyqGbp82LJwnpqoayygvVglQaMHGkWxQRrDCZ97NbVJdYcD-p8rOq5-JQSoHHKTDzQQo5bUaf0lqYhc7DG7liQRiaZO9wShC2rN57WHjUMzPES_IGk8BTUxgTYg908kw-HFJkVZd6IyIaEXAIeQU8qw7uJrfzHkHlYrBS7ajL-H0qq6nKe5H4PRid70GQUcTAXBu7n5ohbN1bMm23hK1X_WTH1zKMRg2Inj0OHs&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=15709399048321060000&adk=943508955&idt=66&cac=0&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
27803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:15:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 92D5 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DenlS5-x4EBTdIVa1Jb4ifYdscFPp9sSOl8hLShkSywTzUdoaRAKdNLxjTa3MDlpZkfklgyACHVKhDxsEuVotXimPVXw&cry=1&dbm_d=AKAmf-BZSydNdzbh2l-h2NBOlHykoKwR9HEqkGD-Zz_Tt_nzxTW2m55pmZwmkwyET4RRyAV93CwfM5wyrywZN5tidceGYzmXvAsBuOmURmxkjjlE0M8f4gsH1jcvlnIErpB4kV4tlJQhR94y0rhYP8rFK2NgfWWF2SpZKeaPRYA0yOB_RcP2fEyd0NPVoJIQueG0mop_FwURC3J3epqQbMO5nfByYWyDB2uL1AqFmYCuRq8Ds9W78jJSZVSoyCc9G77-04SEfhzgleYjDo4H_VKK45ViqG_OFUUcpDH67TbeRZVrDV9wXWFfaUbtEtz_A92bGw6B32y1WutopxZSzCwdGXuXl2E9fhgWlLSnSLgcm3nY1FrrcuAyhASW_aYb0_K-BdX3wkWr_QTzWcp1jatFo72YJc_rHR75rQjV_ICTBc72NoFxs1MygQuEPI1Ty5X4Yh-8Jif7f1irczEo0px_e5YmmakIJJfY4OJf2KUWtCVjiOmryLx2RQIjJ3c4TmfzQiNrqNUo6sU-8o7dyvYF01POU9aGg_6MuxG5Qn5__PV0GoZ7W42njnIBMeDXaaxpdofj21F2csCp-mFF4jZHp2hX6caxOL65Cbadp4h5Sei23b2TYteU37WgAoIGtqTaqvhc-XLUKTekmuvvnuXdJBIcKKIEI9hrZ5ixP5PYN9VGxvVgaQnMvZkSpw1uhfTPRK2VYuikt74KLI8bG7eHHeUSqvRGIRaZo0_6jBKfkObWFKW__J7-AfpxFJW_84pBR2-4TqAwl0H3zKdbqnyeo8NI6sWI5VSbkCpmkIOxeOrs82jme09wNqScw0cSf5V0kTz8O7qgrI6YxQttaPgeCb8Z_eWJaBRlwFpvfnzCu8kL20jlVpztYMSEsf1TTre4J4eSR6zTy2gqJ46ISphAZhLwieB9KBf9iAbs-8VWiQOxTczw4V3Ip-FuCwMGVgY25yfPRZR9kg4cJNu3nTgJC4AiK26puedNrUJj-UlSlQwO8eGrV_lqfWgdzXB5IRiE2U8MJ0O-I8LaSbeUwwldbvZKFCxdMQG50t0DlICTYozX1wqr1pZnMo0Du1h9qBn4aHjaEXHeFLbAkkiIEUfHSxV2jOdbpG-yy6p5dL74cj9C7eQgNaWKGZWAabGmnCd_iYY9q5sFSyuR9I1KA7yW89vlO0K8aNpwDg-qZmpC4vOkFLBx_aFTdCEt2RmZ6_nZGDe7-LiAOt1ccPTO0_hLDMIK1t6SpFISpNDj82UDmfaSIsz8DGMuj6eS2grJsLLs2JlDlfg97O-TXtoiXfELsiZBXoI0mQNMirNh7LcKgrEqO_pIsr54w99FWnKkAHsRvQ8wuUoxD6K0WnhL0NF7eS8BNxgHju0hnbpN55YY_0s8rw91WUeB5_A-k96ERzB2bnjiZNMmtnnbP6cTFMnPTW4GuOmPK6jwinSvOB92rWWhFpsMZSv4jl76NAKfHSkERbm1eCtnSPKuGJ22tEtNKpDvKYCvs1-OnizGJfO4s2GcO9QDqLGWlMHK1aXXf33GzVxvZl4Bnr89h4XJhn3tTws3d0aDGTq118qMJLkaRoOGLn1yjIy_ZZ-4_j1U2tLl1ZPzDDkjgRhI6ykUjwyAYbGub32Qej1oQ4E2pCOLQY7LE6oH519pzjAnVaOKLWNShsdYWXlI9Y1Z0zE9ZLFbnIg5WXu6bSZLlQDGenecHi3Hm5vFWhKFuUtt832JpE32WBSgVxQFR0DzKPP7mIgUHjWUK0cjqWhRsoR_u5IY0E9gu-6q9DqayOXADQY6Ko8sBa1D4pWu0hKtV10iwXkhisnvMfn9MojQ1T-klkddsMfRY4mXxIGQQ1mz-9TR1ZDtNc-AMQsQTY-Q7-en5ZvZ8EoVSBR6TzqvcWb_hvWyBL5nC0xY96ruw7YlXLmevrKsBDF2HodEuHkWA4mfjUdDgno5-nTkk4nwRUuEv_XoiGad4mjcJGuKRYNsHf4s04owxcFiX2xlQZ_La1DPmdSTQlnBzBjPiUwc8FJck-Oid7-wPpr3rQxjVZcSRNsdPVSDmj-QedwT_K0-u-Nr0f7y7_5ZqLo2ZYu5XeLQ6h2e9UEjFF1rXmFjy3fN5J7EY-uIp_yo0ckwqNM2w01aOohNqHMrhlExOuAlxHLX-xqja2jwplSv-_nwlztfzxPyFotNaKv2HzqYFVBDhHNshnIPJKKymU2fMOXWwQBCURgZ6dRP5DycKHxdDGJ-9EaAlSWrikhvg1JtOlVYjmetojP2LyhKT1atzTYMe_s7_VKUH_yM4Htt55FJ0lizwb2-OfnmtSvN0drxqAvy_bEJuPM1jZNX_xnmpNm25-sI8FYe_0FiwauHwwpspduzMKeVcDyx-KObDntQedlV-t3VAaaGn5Kc-WZB4OJaR0YRoZmmWD61_-JPMLvoJ9iUXiScFvfm7sxKNCDzqmoYB8S5eSvSQfNuFeDE105IP514CWMRhN1SZp3g-iH0TElMOKMee3Cjkjj1GzBHjbz3TyS1X4ZhXC628AOWkwl4FSikTrtR7tGYKw9NFzAWDDe-oWdyiqUd7XX2Li0mq-TRZVX_vEdGiQXVc7LbLG4l0M4_5wcbP3NoaIWR16b7_NcQIvlc3VfPry2SoA5eslt6Cbql38zqHdwFWz3e66MpYLKZQeGnCbOqT0qCt54vqopZd-hu3kqu6i97If73ndfHkiwXGyE6FJxvtsS9cLseVft7cD53L2dBNYRz1WC03WK7-x70Ij6WWN9tb6Ox6h9uql1ja2LbruIv2M1FpDq0X1_R4yXkcMZNHq-BSENJzFpYYlXSo-_WrT8xW8Q8kCINORrrLTzbSjXzQklqeJFcIRCK9g89rXASl3b586OOy3NX2i9oeDeG7nlI5hGP89tOkOvoSar3xH9i8LAxM8g6upL_vaK2JofBzaWXjhdV0lFAn1rSupwsjSq2FBM9ckQKILM-XEbu-IK5Ou8z9BkEriLfZ9-u0mK7UIum1Ce8z1O4zWnUDEnu0XlIyqf05FhrtF9C9He5g5V0jlfdZg_KVsPwTeVNrKEfapNaZ1SBO_f6c6j-XTbHCT1rQrMpc-1Pej6fBItpDoyiIJAFJZtA7mqvsmUYJY7GvvzVYODyxrvFH3SCv3mJtuw_OPePwfO5lGVNnwzs9gWfkJO4Dw05l0wA1FU2Gg5S0_iVwg_u-lQmuG-mMnejphMU100pPAbbjyqGbp82LJwnpqoayygvVglQaMHGkWxQRrDCZ97NbVJdYcD-p8rOq5-JQSoHHKTDzQQo5bUaf0lqYhc7DG7liQRiaZO9wShC2rN57WHjUMzPES_IGk8BTUxgTYg908kw-HFJkVZd6IyIaEXAIeQU8qw7uJrfzHkHlYrBS7ajL-H0qq6nKe5H4PRid70GQUcTAXBu7n5ohbN1bMm23hK1X_WTH1zKMRg2Inj0OHs&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=15709399048321060000&adk=943508955&idt=66&cac=0&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 16:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 16:29:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 92D5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27D9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 92D5 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1429d4b9461de2d1a53d6207eb0acb7967da94fbb011c828c40d23667b5dd88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kanui.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kanui.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		169 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3231401090492931&correlator=3894533165292407&eid=31074694&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fifs&iu_parts=98468451%2CKANUUI_HOME&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=5&adks=3254371550%2C2490721833%2C2490721832%2C2490721835&sfv=1-0-40&ris=2~2~2~2&rcs=1%2C1%2C1%2C1&eri=1&sc=1&cookie=ID%3Da66563c3ba364f45%3AT%3D1685051957%3AS%3DALNI_MaJdEQCCGqeb0oOaPh0u5ZM8TT_kA&gpic=UID%3D00000c1c10c1fbd7%3AT%3D1685051957%3ART%3D1685051957%3AS%3DALNI_MYf6RM-THU6R3gAbEo2NOrfGI9QtQ&abxe=1&dt=1685051958987&lmt=1685051958&dlt=1685051952986&idt=4338&adxs=436%2C330%2C650%2C970&adys=3791%2C3486%2C3486%2C3486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kanui.com.br%2F&frm=20&vis=1&psz=1188x125%7C320x250%7C320x250%7C300x250&msz=1188x90%7C300x250%7C300x250%7C300x250&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=61963534.1685051957&ga_sid=1685051957&ga_hid=1169205849&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebca1d660b412e273419a7dfcbe0e51c7bac87dd15e52d593e4a578f92cdaf87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37156
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kanui.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame C876 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 16:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 16:29:29 GMT
8191247109171772899
s0.2mdn.net/simgad/ Frame C876 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8191247109171772899
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f5dd458da68e3ade6a7ee2446fef85d67d7cf6a23ed5d7ecfa05025f33452e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 23:07:18 GMT
x-content-type-options
nosniff
age
427921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212489
x-xss-protection
0
last-modified
Wed, 17 May 2023 13:18:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 23:07:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame C876 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
27804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:15:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C876 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdvJbne5BXrlmYrBz0IfCey08wu5wgn20tuX749mpzxrNE97E_dA7ggCB6w_ioesIA7AFpsbqMd1lryqs1S3xgKET_U01NunvIk9ycEkrbodIKbNb2-8V_ZAc6jKMQ-jZ3N7d1aQ7rF46u8rNULAhsXZH-eLHEIX9M05OyFfi8Tx2nF_BSlv_ZiZAhbxZCiD50Ck_-MZLw9gbKSi8va2xzsJUs-6OME3LMhjE4NsYAVAw9oxUCU5FJ3iPrn-CiM_TKI_XanO4dgHVPfdK-bxaHgFbYgkkFVPAqf9mvQcGrmIyeU_RA4aFSFRanvIkKQGZtH83FEHtrUQbslRE5z7qYbHvXAzzMijLoqIb0ZK4fQ7Jvx35AGYYCQPJxmcrLdEwYbCQOvd_FBSNMBs2yUaICjM3sEcoLgXve3RSQggCO1PSwh0H41fL_JrJqYrjGVqlh7AhqjsuKcncp2yUyySDZZskRue7b4920u9gYicVDumlSX0FbTBo7onSGe96eKdAzd-H6CovtCrW3GDWBfWfwaJ9VgPkjSOzhrKoItVIxwTSrrPeSwWjHzKBfv5DjDOKn9sRQpGN4x-1_KZMrRBmTwCUeP4DL5cdE3gLiqaxi5SIdPmBtMRNriOIwVfe6tnvBytx0RQRZjGuOPgCoqPVilQtheMgmvbLyGgZTUSrXuiEdWcmlEotEXg7Y0K2IlAo5S7FUl-Z-dvWbCPans7ZFxUO0poid6JkXvY1eH7-4RblVWR0-fzwqZznqlR43eCHb4JmEWLY3LuTvTglQ3XaZ5PsCijxQ0k0KRjg2kC8cIAuDOxs8y0bRHxIdJVyX8tUct8WJEGoXuKKxKu6olbvn8PfZQtMqDw099y2eCupNLAC4FYItsjsaRSeQm8BKjLMSt7qCcwGDsnYN7s7h_WrOucDiLjybq4QL1jlwdpPrqh85l9g00HewkmO8R-bitxxIRmifglwJe1npFg_hQm5WyqloBj3csOtIQ8j102hPKKLu8dWZcHLTId1ilRBW56GzTf8oXRJ0B-XgvL8x6f7angXtksbxSWtqsdIrLQoezkdrM5_6CN1mFEIBN-yqOUv9Dg1MmeKi5mNaRySjNAdHnUoAEYsRAlTeOfBpwPnpWAm7eeAezg-mvrChBVhQZWB86px3uBLFD0qhQb1Mq_TehvckHvP5TJ2zy9k1pQG2uCvpGRpU0hPdYeoj82rhtYE1dmloQktuUZiYs1T-7IrRjZKnFKvjZ6A9XD7TzLwbZrMfQMGfGMx0coGxujOyauyBOg&sai=AMfl-YRCk9sglXLUoOcz6L6kKlHa3e-foKNjo5QIN8eJG_3uPG-Xxlq0YU-mhBPJsqm_GoTsVJquuLqn3NwT2rfbDiDjn_hF5wGGjrPCMIdlN6uAK2xBVtfac3_gedoILP3toUVojn7ZoSMc2IMduug6Rof1uxWugzHZ4TgGwax_-qjOXYva4Gnlu-WGEfxJTe-bd5N-eznkKpj_3gXxe3Ptupc2ZOeu2zdUtTetz7c74MKiaNeCuyv2CS_N80e6G2ZqtpShSRiCoFNPEVPtJWp8N6F1WKW7RlDh_A&sig=Cg0ArKJSzKB_mNh8RIJDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230523.09157&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C876 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 0F4D 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 16:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 16:29:29 GMT
11709817394544183696
s0.2mdn.net/simgad/ Frame 0F4D 		948 KB
948 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11709817394544183696
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bafb9a03bdac5fc5a5325ca9d9ef3e7f62708b5efbb63137f35873c4519ed310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:06:09 GMT
x-content-type-options
nosniff
age
222790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970719
x-xss-protection
0
last-modified
Wed, 17 May 2023 13:18:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 May 2024 08:06:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 0F4D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
27804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:15:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0F4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3pY2rmJSzQxFeNH6YlcbHkeCSOZrziDRcBTZig6Qx-CI6iA2p966GFVu8AcZPJbucV7ev8ZCrA8TgKMHI6XEApmj4L5G8cbxaArIrwxsrN-p5byWkxdAvNtYcUM8A17oWvFOpFGzLul4nKnZNEutAA-GlwBhdccIJTM7PzRyE45jIeuNY5EfrlViNBJ_KQ8DMOMdkMVBkoGfpjpC9kQ6yLhMiy5mZ4m-mjIOkg_u7QRUliTPmMrAqL4JfrnMuCeiMIBTpuor1Dh-uvuP-eroGUK7RBYv4LiXyghiMR9ltIHXVQNpS3vpAim-esEySzB4AB0LfF8GbzAcZb-v-msz5DmGe_gad4L2odPLS3adIsYzc4g-5eDz6bg6ScUMASeQTQlq3AT0-7tSM4NQnD6m938Zhl4O0-_XJXYcauI4SmKAyftHqUUwL88_-dSpI8AM9xynhh6QYg8L575DWp5LWD3sVFlP-stbtWxBsNdrWv8T6cnuVlTkkBmGHbhfVNy-L7EoJJ5t-_ySGYEAvxZwvxcdQ1yCvbhPrzQARtOrRT_VTLlcv2oTBKJ6Ax0nuSe-U9GeC9vP24vyqnEJSBc8F6QYH6jXW2WmXGp0Z6fuk9LOO0GNb6PpZZlXIUrQtchVWjpRCG6AUsQ9GuKAI0IyVl8ZgaOj-ALGyiLrJQI_uBeaFrw-h3QcIUKJJe8vwrn3fLhRUaLWUh4sAwMa_WzyjQKtbY9lp8XqncH05MEHfq7UgX7DsDr0wfxLGG61j8JZfdlQ76Vr2Rzu0cj2Rz1mCnv38MGb1HPOGQVQeW0UtuD5sNxfc0r0dQepCZ0yFftdVxitd-C-OH0DJZIWCNEC7j3Lu31Ly0Y2gFcJCLQ142mI0DVxiYpafAbz63t50KhMjdLynKt-FiCeROeQ5rCuHGAWstTJ20i9jDpH_NGuqSQcMh2RbS0rvaVzk9kFK2Rj0I9US6Mk1WS6deYo13a227ag9WEFQlOssBnLJ7tA5fb2z4WBPyVvYGfkg86xRosl8uQJyGUGfk6Az1q-Sj5n0Mnp-pc9GRCA14nR5eqbQYPicIEYfm3tSeTYBS461J1k94WjTkcqX0NBufqoe3x4Jok49CQIg6ggVFyTWlWI8lxen4NKxijmwNrrXgCymtgZYV_xUCv2NHN-L_hBT9bJ-rCYfu1hppU5rPULKTFh9Ise8GpGLeUgsN4-IlY1qsMJXTlgmY5XE9vfVFrg7T_LY5DTtTxpUmC71YoNMlzXPgcKueYFHlBmMSlv_5G9XYnRAvA&sai=AMfl-YQxZ-FPFQE94y_ftwJ02c1xEcbs1bjXWjGmibfR86YEAFr0RdBb-KCa7KT7U23q2gTedPjFVE0M8g6RtkAif1MPVbY0WFQbgFNQVDOLeCwyyhXxrb73h3WqvHL49ecJWgjptuzpTSiix1vQde3kcugkL4h-A9bV-YmrYOleFdjqxSE5YL7AvdV5m-qVffNyfwCQbKNdY9lJlfEr31fADxNXhuI9LOnzWx2m8asFX42FgQQ3ewJeDAKK1D3pQRKi9MeN2PK33c-6XOkWSoykO3yy8jAVVcmOpA&sig=Cg0ArKJSzOmYEQjruXHqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230523.29361&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0F4D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
11709817394544183696
s0.2mdn.net/simgad/ Frame BEDD 		948 KB
948 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11709817394544183696
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bafb9a03bdac5fc5a5325ca9d9ef3e7f62708b5efbb63137f35873c4519ed310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:06:09 GMT
x-content-type-options
nosniff
age
222790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970719
x-xss-protection
0
last-modified
Wed, 17 May 2023 13:18:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 May 2024 08:06:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame BEDD 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 16:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 16:29:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame BEDD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
27804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:15:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BEDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNwDcV1TxwkiPPQu_0fHYqaZ5bDY-f0At3oD_Im-V_Z0uxsleVV15dDn2j7FD0ARVBrJ6kpedBWl4n9cuJ71hoHhIq17saC1g5wfLrP0W-0jVSzCrUecRezMYe6Zpow-3oGpvvWDP9KF8JDpvEtcJFOaXju-gVGYHD2di99F9IvJbP4lPaOII4voDNZMBj63CDvekXMiuA_AgcxXcKo_HGEdxsv1QkiQS_C6AD7JZqw7RbjH4alCtKfuZz4FCwPmV9MxWR9pHvalg1vwL7mjxmkzjoJuLh0FgRCYCkLdVQLDmnEPHq26jScgt_p8O9W7gz36ykGx8Y8LpDS9PC1oyPFP2C6QL0HwrTePSSVv9LTzSyTiywdl9U-Bxv5IY_yo63j6k2Cd2Pg3DqKFY4E_StevCLewqpjYb8NftqItESzx9WFf6RTO8f37baYQc9IStbUsM0Lbl0dwWS-AcIMuOBwfBs89q1YVajqt4penCh1RHDsZZ9EstHp5HE2Q0TK9Y87c9GSboJPpfnIUaGkfxGFohkXuvn_3rv9PTPqpfEcWWnH6n0gdpCpQlOKKLANI1_N7SgBTNGaYIDCJIWEyegvzrkASiCOOeCtQxWGqBZJzfJTe3H4jBOk6M7bvD02CCFmCJ-yHnF4Fxoy4RGOR22dke8IW_ex81dIAbR7tFPoPcku6238fUfdEHQzDlv9LZZ9pI2gke7eKigt70quWUgPfPUWHRINBT_mZlFlJEEdVBhBUzXuoHE55TaysgP7ab9RwP3GTMCeKBDsOOgehK0wM6bPipQjgDSaqJj7oWcCY7H58ukDAx-2ST3oh5qC_XNtkvOpzqQv9gZNmChfisMDpb1oR2-qU-Vymwt9YcFdRo7_EcWzSGrGnq31c9_FDF0Jd2Oi5039GkhUoYcnw2WW_ll7uvtjl90KEJQuca0Sp6Dl2_vUk4Dcxp5_ztwssuiHlD6V9XjeQGjyJwg6wRCHiS9DD3qzqO_o7Zd58fWckS9AL27s5b2pee-YHMcq9hquNJqgS-rV6BBSDIr1VrWnSLyawIcIQ8TjXVOdj58emDGBwnw0vOgcLdca-wlCFxFUveqArRQbbzaSkTgtwFrW4yEgUI-miJlUbfsTjtSI33vO3x8R6eCNwGMtbFoJtM9IYOxruOOjIJ9MWmPOExajiCbhcIA7Y4mjL3QYfNv-OROsM8kgvCIYdD3QfGeN5UnOqHzVh9ChsziNmPv-K8D8M5eLItavEiuep2ENDR_ogt3o25617SHKklFzeqpB_spNA&sai=AMfl-YQCktLQGe0j6Nw86KLSrIVl9PfPU1lpW23W9GGcBGDBaOr9mpv_QkEhlzTwguY2RhVO7dtb1JJCX_t56Jlysnsna_pk3P_6XJPd9ibvznAuT6oUExQby61eX3NKIsjxWUpng0avOv1MJ_HuaNiuxLa0PTG_o9Fz_nzZZp6aHAJQoD-hEmGq05gB4PTgVqljG5Yah03tYaJ5VFqszTb-uOEE0FAw1V-DARJ3aekX8WBRviIFcDN3GaXmzofX55hf_lUNlG4hIgkezrY1n4hoe577EvGTebYQ6w&sig=Cg0ArKJSzHFfYbrgysBBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230523.83527&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BEDD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8735 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
136836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 07:58:43 GMT
expires
Thu, 23 May 2024 07:58:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pvs.gif
ssl.hurra.com/ Frame 92D5
Redirect Chain
  • https://ssl.hurra.com/pvs.gif?cid=397&tid=37148
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=397&tid=37148
43 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=397&tid=37148
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
62.144.160.15 Düsseldorf, Germany, ASN12312 (ECOTEL, DE),
Reverse DNS
Software
/
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
private, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000
content-type
image/gif
expires
Fri, 10 Apr 1973 05:00:00 GMT

Redirect headers

location
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=397&tid=37148
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
content-length
0
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
index.html
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		88 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc29daa67f3830d0f03767227558474c4144a5ce22f9ba6ffc77b05e523f516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
200234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20042
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 14:22:05 GMT
expires
Wed, 22 May 2024 14:22:05 GMT
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 92D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMLOgOW-HkcORnBcqzTwdYEjGOLTtdcAjvbTiIrkuz1lU2xO6lgCM9aNVJU18mplUjgIHHNknVyCjuo3hTzxhbjouMtyxa1KJZl7X0fyA3IM1LLrBPMA2wceNIB_ZDWaZaAhFqBI3Rr4KupjU3JBwc5y2c214b5Wvyxx6RY9Wzcj4CxGT7_kFcrXnhCif1Js9esBDN_U4gETlc9BvyPc6v4Ff-VwYbpiBr5dgfzd1m60TXgFiXyOeFSF_U2pbKIZRayWFSyQ1na2XndY6xJJHW3tqMM1mwlw3iNL-n3-DM1Hycm7b1ZB7W0l5Bo9SwuhQKE1z5ii3FioqlnYwGuDFzSYii4ddmOvTyPj9bh57c0XwzL3drNy0c8Qn9UWiGwKJDu5PzrbKasvXGSLzVYEfccx5mmw3vsLPg2r2eXxg-RfJFFco8vuA8k4cE8IohxScfqi0LIKcCzHMgEYLkaL5tn31xYFP8Ct9Bq6iWouhmnZ5XA9i5G12JtfDnCWjucQSTOckZdZaXCyOt0QWRTKqsKbw3A7jskDQ968oPo4jE0rrhxXGCu0o5eV9GXUJnjUpVNil9MGQaKHKGN72-tCnKzhGoevyITAlXC4y7DSmO2w2UTE4g7-5XFx8VZ8VL70JrpFax-8_p7LwSDdyqVHW4tWXh3QxZKCofzDST-znVUBErvbyQYymnze67rC-yLlpr319SSoNIz3jI5aQ9AX7caAqiT1sPoa3-PxlTUM5UDSRfy8iNIRdIzz916HTQIcPGiQ_1f6rV16DITh4C5LdTdtf17wJ1xxCSNQaPtSnGu4rnr1seOUnO7y6BrMNl8U4vrekvxZDgvXUWbMuA9X464XS11YbUWLlQ7_-jSqgxbt-P7nXS6wPagyvrPZr9H6OU4lkuVUl6ZePxpeIvqUuMKF5zXbJYZVjfP2tidH4WYI61xXSECWBF6v3A2iO05m1eejcELNvGXPsPmDANz11oG3WkXhGu3j1tIFFbRpyeuDRjhqNu_jBb3CG0SqEuRPKFNqcEXvEBexGuYINV0AlaElOD4-hlDOFnd0KsOX0aQMYf7cGogGVMlFChyJIB3zFB3NJe6-_rPOmTOWtQAVzA0NijBszVXKdpptoHb-Cv-eVJQAuxaRkPaEIJPCtwETTUexx-6O_flCCgevE5ZbUQ8E0XcglwIcTDT27-FEx5BtaZeH9ReDlcRkSkL3f1K2_dPhY_nyL8B_xY_XY4C4jqeYEP2uLc1l-r2kchYgmr7Q&sai=AMfl-YQ7GeTwimg2-t8qPztH3YM07MmDDW9WKEbNHLWt5HDH3gmtdq1r7Lm8kDdsHujiiNWqZsuzOPQp1rMyZJS1h7RRzYF_Q_uHNYSaHAoRgY1I2HRVodMbyxGy_cScb0ffoXuO7OU_-znsFuEbFdZzXGSn3e9dENgKDif_V0jjk5UraE-UQeUgUWy5V0c47EX4Sgp0rV5uTfoA0LS5aZT0vfyO111N1ic8X8QL-FYIIicwHKXSXtVdLDgknufohsEv4_WbmOw&sig=Cg0ArKJSzIt_hMAdpqKgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=128&cbvp=1&cstd=125&cisv=r20230523.15072&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:19 GMT
pixel
cm.g.doubleclick.net/ Frame 27D9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-sM-1rInw7OrW3nPYTEB58CPSmDiL5-bCc30mgdoAVjSYDON7tqxsO
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPfmtm1LZ9U4xmBemOgpPxdtvInGiAAF5QySiaHus-sM-1rInw7OrW3nPYTEB58CPSmDiL5-bCc30mgdoAVjSYDON7tqxsO
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 27D9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEdp63Qg750sokbwlDDAL6c&google_cver=1&google_push=ATf1kGONXjcGYKwQwV-JfThs0xl8BJfvRBCnjGT9lqSU-Uu868Am6-IW1jDW-iJoW5nNn7AGMuyxKhNatjKJle2u5uD36KI_WN27
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 27D9 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELmcjfRZYjn1VVNuzxFoZFI&google_cver=1&google_push=ATf1kGPUiTDIvpKn1wJeOrlfswdxvJsC8O2u3xvNjH2ZJDiT1gCpP0X37e9OIHiT2tA8xJBBN6QUZtnoYjEgBw6qNZN3lKmXoe8
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 27D9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEONUw5YsPPx6cEb5QG-VHSs&google_cver=1&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4ZzWNF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4ZzWNFJsvu965ZK0
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGN2N_z_blEuUi8BsHS-nRRgOxXXklAPMN0yeAo3wTwZOOX0rP-l6XznjStePOlxP1VcAdXkD5dOSefX4ZzWNFJsvu965ZK0
Date
Thu, 25 May 2023 21:59:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 27D9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGNt8cnshYVylW4Zn2M5gzfCqK-u0PkFipUlLm6R7LgoI_8NXP0Ijbt7PA_5L3hgRVM58VC7aoDbrATknvpSDfCd...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGNt8cnshYVylW4Zn2M5gzfCqK-u0PkFipUlLm6R7LgoI_8NXP0Ijbt7PA_5L3hgRVM58VC7aoDbrATknv...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7c4039ce-9a2f-46c6-bcb1-76c57765fcdd&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 27D9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHui...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHuie7ciyvJhmxsR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHuie7ciyvJhmxsR
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:19 GMT
via
1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO7zfxzVVuHnkH-fQo0mrvvTH2EE9jeft7Sel739IFGBcDhPYreZF0rc-Ra7em01VbSgmNvUylrLIt4sHuie7ciyvJhmxsR
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_wrcea9TYeDoFOwrcljFcGD-CauWUZZmdNgOEEqXCuoES3qRJgSVfA==
/
onetag-sys.com/match/ Frame 27D9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENd7xgTJ0IRACYO78rCVfaw&google_cver=1&google_push=ATf1kGMC-P6g0W9I1U5Zc_wzgO2BROJSVPJ31xqv0u9vHA95vm_QpUJOvLpRt2OQB3Y5nhJP9oo_u00urOH...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMC-P6g0W9I1U5Zc_wzgO2BROJSVPJ31xqv0u9vHA95vm_QpUJOvLpRt2OQB3Y5nhJP9oo_u00urOHVdYypxvLjLA0iAuaHZg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 27D9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1R_Vf8YJ-wpAit1XeTXWuWUo0IiTrl9ZavyeK2PTIw662-924-XmQv0KJK45IibmCn4KE7g
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2578 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 36A2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C9C3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BEDD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd09c8dee63de746c2a41929ca8044bb99dc0bec8feee8dc04ecca1b4a0fc97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C876 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1786bdf581df461324dc6e67bd57a2a292cec76cf1c00e070f4f99d66cafaabb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0F4D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2557e5144de3a7aad8b04c7336d8b78a346e0460f7bfdf927e22fa4c8e46cc38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0D3A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/795616883461662477/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 03:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 03:05:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB7D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
136836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 07:58:43 GMT
expires
Thu, 23 May 2024 07:58:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C7BA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
136836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 07:58:43 GMT
expires
Thu, 23 May 2024 07:58:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6F81 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
136836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 07:58:43 GMT
expires
Thu, 23 May 2024 07:58:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
eum-orange-saas.instana.io/ 		0
41 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
no-cache, no-store
via
1.1 google
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2578
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1&google_push=ATf1kGNRUruIfP0bsy4RMN2mJdhnCDhKvD4G-v2JfsBqZxpmH4z23IEyeQlNWdxUSUUKEC4h6USIDethQEcITLOnXb5vZrMORr1R
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMDM1ODc5ODcxMzIyMDQwNA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2578
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFd6Cua9mxWNl-sUdA0348A&google_cver=1&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yhUN_rNC3KpG8qj
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yhUN_rNC3KpG8qj
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGNjITz-oveuXRa82pNCgQlfY1O01q5Bn0PfPaTmvbFVLbPLulgfzNyjOB62sir9yJ2LR4HM63dKuA5m5yhUN_rNC3KpG8qj
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 May 2023 21:59:19 GMT
pixel
cm.g.doubleclick.net/ Frame 2578
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGM6BHORYJRPCX-svC4mCJfT_bAwKEioxnV8DsRMXhS3X5XDz3GA39zihCF9rnEROySsg7g_7_yxIvNc-757F3I-pt8tTTc0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2578
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN0kt8tD0BlGpfbvyItC878&google_cver=1&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHU...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN0kt8tD0BlGpfbvyItC878&google_cver=1&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk4NzU3NzQ5Mzc5NDI2MDUyOQ&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk4NzU3NzQ5Mzc5NDI2MDUyOQ&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHUacdnA_6uPwCqFRV0-nku
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk4NzU3NzQ5Mzc5NDI2MDUyOQ&google_push=ATf1kGPr6-_zAvLA2GLRAYdsjP4RR36LItyiCP9xd3WL2by44DYDuDE5ntfJD3LlrVaSVKDFLTbgbYHUacdnA_6uPwCqFRV0-nku
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2578
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
109686
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2578
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q4EsL34TTIqwQ2PJ4k87KQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q4EsL34TTIqwQ2PJ4k87KQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOFEwCBXMPWRbCQfi8WyHo3NeC9aganC79ru6HDCHEwR5KQfEoBGz0pjVcHlLH7sQ3V392BV_vq2nl5E5VF1w_jx3tBMymB
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q4EsL34TTIqwQ2PJ4k87KQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOFEwCBXMPWRbCQfi8WyHo3NeC9aganC79ru6HDCHEwR5KQfEoBGz0pjVcHlLH7sQ3V392BV_vq2nl5E5VF1w_jx3tBMymB
date
Thu, 25 May 2023 21:59:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2578
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNmuRqhK5hPHVltUm1lYuj6T217joOdkCrx5Ac415EQgCrfiQ4aqbEgMMbO9yevljDDb7_rpKaZlecjS-zZ6LPJrNIH5O_a&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2578 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRwxFXehNRDLqJXpW4gabFm6bqjPt4r7rH-rUm96JNaMlOr-NudPu6mJXr2XoiIjlkBv4K
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 36A2 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPeoaCbIH8oZchvbuv1800Q&google_cver=1&google_push=ATf1kGNGQt_hACkYRsfSjdHi-nUe4N4PMITaFo1gcFesYvDZfgyNpvDw2A4CR4PKTZO2kI3KvKQaXK9JL-ZWMwACDA-kxvoo7xs
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 36A2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM8GqwkiLiwHaFduxfIpsao&google_cver=1&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj8sthpiJy_eg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj8sthpiJy_eg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:19 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMY40lo2TQDEAGvRRFrQgfUAyeO0AG_6KfGBxcSoV2XDozMslAuM1b5_56wbsehXe4dc6Pp-83WcQujqELj8sthpiJy_eg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 May 2023 21:59:18 GMT
pixel
cm.g.doubleclick.net/ Frame 36A2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEONUw5YsPPx6cEb5QG-VHSs&google_cver=1&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uV...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uVDwBd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uVDwBdT5nBxKaCo
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzI0MzA1NTk2ODU0OTAxNg%3D%3D&google_push=ATf1kGPEUr8t0rOerkpTn0y6REf3M3QVBeFQ2DXi6tMjTB52Et9nP8NZtPz8BC_HC0pLlPbKze5aFMN2KmX9uVDwBdT5nBxKaCo
Date
Thu, 25 May 2023 21:59:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 36A2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
95078
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 36A2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECTVIHFF1BtfZHgmNWVQfB4&google_cver=1&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaL...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIMFItMVktQkxOSA==&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaLce7Xd5PCrrQgTyC5zLuqfhGs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIMFItMVktQkxOSA==&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaLce7Xd5PCrrQgTyC5zLuqfhGs
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIMFItMVktQkxOSA==&google_push=ATf1kGP-_JtoebnPalzF7HdSOprzFVWpJoaqNlUpcydiNcWULYvT3MSb4LAvrUEco6aoSTqfNaLce7Xd5PCrrQgTyC5zLuqfhGs
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame 36A2
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOckTN-MLYcRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOckTN-MLYcRw
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:19 GMT
via
1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMimLmvvsTHH-jR3GeRZMrXuprLPQDPncKFmvs-o2My-KRq5kOOUP3DP12CzotCEZkKr9n6smqFh0x5OZOckTN-MLYcRw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
j387Roj_Wqy_bqC1X25z7uyR52N0_MkEF-bZDRRmlSWA_psFJMkI6A==
pixel
cm.g.doubleclick.net/ Frame 36A2
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGwgomYJaVKvqfG09Qspi9I&google_cver=1&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_Xs...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGwgomYJaVKvqfG09Qspi9I&google_cver=1&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPT...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6cS6z1OKS_SxPyC_xEGgMw&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6cS6z1OKS_SxPyC_xEGgMw&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_XsccVjk
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6cS6z1OKS_SxPyC_xEGgMw&google_push=ATf1kGOQs2m94-bHic6C3gpjB-nMWiLANPrtL2wFS1GQIHnx3cU4J0dQ5SWKUWcMCX06wzokuXCsVbyc6XNd6mPTr5I_XsccVjk
access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 36A2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGNiuFLI9yvgAdR0G6shO5VBgusJerupmDQ2hjf6UjoFP3vjQHxQvz1waNGe-f4X7yRRqG
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame C876 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdvJbne5BXrlmYrBz0IfCey08wu5wgn20tuX749mpzxrNE97E_dA7ggCB6w_ioesIA7AFpsbqMd1lryqs1S3xgKET_U01NunvIk9ycEkrbodIKbNb2-8V_ZAc6jKMQ-jZ3N7d1aQ7rF46u8rNULAhsXZH-eLHEIX9M05OyFfi8Tx2nF_BSlv_ZiZAhbxZCiD50Ck_-MZLw9gbKSi8va2xzsJUs-6OME3LMhjE4NsYAVAw9oxUCU5FJ3iPrn-CiM_TKI_XanO4dgHVPfdK-bxaHgFbYgkkFVPAqf9mvQcGrmIyeU_RA4aFSFRanvIkKQGZtH83FEHtrUQbslRE5z7qYbHvXAzzMijLoqIb0ZK4fQ7Jvx35AGYYCQPJxmcrLdEwYbCQOvd_FBSNMBs2yUaICjM3sEcoLgXve3RSQggCO1PSwh0H41fL_JrJqYrjGVqlh7AhqjsuKcncp2yUyySDZZskRue7b4920u9gYicVDumlSX0FbTBo7onSGe96eKdAzd-H6CovtCrW3GDWBfWfwaJ9VgPkjSOzhrKoItVIxwTSrrPeSwWjHzKBfv5DjDOKn9sRQpGN4x-1_KZMrRBmTwCUeP4DL5cdE3gLiqaxi5SIdPmBtMRNriOIwVfe6tnvBytx0RQRZjGuOPgCoqPVilQtheMgmvbLyGgZTUSrXuiEdWcmlEotEXg7Y0K2IlAo5S7FUl-Z-dvWbCPans7ZFxUO0poid6JkXvY1eH7-4RblVWR0-fzwqZznqlR43eCHb4JmEWLY3LuTvTglQ3XaZ5PsCijxQ0k0KRjg2kC8cIAuDOxs8y0bRHxIdJVyX8tUct8WJEGoXuKKxKu6olbvn8PfZQtMqDw099y2eCupNLAC4FYItsjsaRSeQm8BKjLMSt7qCcwGDsnYN7s7h_WrOucDiLjybq4QL1jlwdpPrqh85l9g00HewkmO8R-bitxxIRmifglwJe1npFg_hQm5WyqloBj3csOtIQ8j102hPKKLu8dWZcHLTId1ilRBW56GzTf8oXRJ0B-XgvL8x6f7angXtksbxSWtqsdIrLQoezkdrM5_6CN1mFEIBN-yqOUv9Dg1MmeKi5mNaRySjNAdHnUoAEYsRAlTeOfBpwPnpWAm7eeAezg-mvrChBVhQZWB86px3uBLFD0qhQb1Mq_TehvckHvP5TJ2zy9k1pQG2uCvpGRpU0hPdYeoj82rhtYE1dmloQktuUZiYs1T-7IrRjZKnFKvjZ6A9XD7TzLwbZrMfQMGfGMx0coGxujOyauyBOg&sai=AMfl-YRCk9sglXLUoOcz6L6kKlHa3e-foKNjo5QIN8eJG_3uPG-Xxlq0YU-mhBPJsqm_GoTsVJquuLqn3NwT2rfbDiDjn_hF5wGGjrPCMIdlN6uAK2xBVtfac3_gedoILP3toUVojn7ZoSMc2IMduug6Rof1uxWugzHZ4TgGwax_-qjOXYva4Gnlu-WGEfxJTe-bd5N-eznkKpj_3gXxe3Ptupc2ZOeu2zdUtTetz7c74MKiaNeCuyv2CS_N80e6G2ZqtpShSRiCoFNPEVPtJWp8N6F1WKW7RlDh_A&sig=Cg0ArKJSzKB_mNh8RIJDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20230523.09157&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AupfEfcORxLOvhrMjm8hoBsiKLcIPAqLbYtTKdraHpdgda-TonFr0LlFAfifPQderg0t9UiX7XDyg9blvH8T2A2Gy7WA&cry=1&dbm_d=AKAmf-D9qzLbOA8B2hGLLiT256suz8FV_SDeGn4dYJaRDm1rMw2Ch_0Kuopf1Cr_f2mQGH7eRxa3Tifi1EYTSOcefnfCAzvfCg1WNCLnJ1jK8Jf-Ww4I_aIux0dAHFP1TY5dN7G1YO0UnAwth4EPDrAIfjx9QwdoOLkYDejEIOVWT5UcvUww-6QLjDKL5xvAwCZNxVg7V8OZPsRuZMHVe0kVy_tz_3XyUkUqKfPeEOh-RVPoURY7RlHzmefYR0GKj1tVdN-wA68kkK3ks78xeLN4JWWdCSCO7_USfEUEJ53IdREvZwHhn1ZtNVLB9yjA8oblY7opzk3jQBn5E-iRka9vEnTDgdnW41l3pacWEWyK-mzFJ509ued8sr_tfVllcn4D5iytLiRzPWM6W4Ly0GWKEKAXo4RYDexDIBdR1Zipf1ZLByhJlemjhjGUbH-PpwZD7kTTyXClgoFVYpPdP3w1T3QH1MD_7MmnJlAWehGJ_BGvxfmdIO5ULkqHlKgfqCMAgackJpwj9468hQ6uo-xVOvfA38sZqfPbC8_E2BfhGrABLf6BHS1S40LhR2KC7VUnJbUTZ6_W4BBQT65EThbzneadwrDQYIvcba1qzUvQF6yBJ3hh2ZFMGfY3t18AQBEB8kH7hoUbbB3VkYtVd0bcOBgUqWOOQlpPdkkTkwyR8FIVy7YW8S0xBNgz3Z_wKdVd94D1mzyPkAu5eyRbowBCBmdKUCLNDuZMd53PVYBpBcOwOHjIlnCQidA3rELHVnk8X5HvNy-c8fGP6G0F-_PUYf1PoKnJ_JmuJxAWcEbRPJTpDb9rupPszugQtigi0MjMPBX2ULLvkr4Thkmbk1t3RBHpnAyBziRSI0nacabDdrcPaowmleM1Bt98Z_d9DIHoYPgMLVndUF-MwoWQL34ExLpXgww2MGX5kHS5KBRobMrhU-esI9aJHTJ1h39q1-fNtyy3R5FwvqWci0T0YRKEFdHtuAVx1Y4h59XiXi7fwtmQ8ZdsEDnq-06KkJpMItW7olwcFlwb8G52mcGe5RythGd356nm8pv_wVf3p40D1PitElQAQWfsEaRPujfsZJxE3Vd1su8gYzya6nH3-aFLlTxsIFfbEkD4sK-DS5wTQas0rxYgywdC5_FmVCtt0G87_n7Gj1p2DZRW1Nm0UA8fCd0QJWzs7CpY_CplPu7_vyrVs4VumW0lgnHh8N8dujbd5YFhck7YoQgw7J137vpVqbCkGb_F44qhJR8YrSKmTwRwlXJt4EzdY1PKAtHCVuaDEmc8hVFKOKjxhOMlB4lWJano9QlXCKY4r9t3W3liE_AIMzhNZ5Ce_a3VlUAQ8t0o0xtzMguuQ08oekformVSxZon3jJkek9vOHc9dRS9clcMVKzaCLW1nCQufN16yL2Qek9OopheeSJlhOwm_jX6ml-LUNWmKGA9YBMBV0hpPWOuJgOkG8bwOsf2Gj8WCCJeQYCbzoM5DcDE9yDVFmIv9Zrt4r-WkdLbvMpS8MRTyqeKH5Y_SpTfb-HNti_FGIseshkEJ0OpXG9S2RKkw25gZveOEb-UidFAirCO2wbSPOVakSFEdwrCaKj644FbuOQGxwlsiJpMwLNLvtQiSt14VEDUcXxWyK-QgZ_hfIFbhAMD2qZh86VUjHdECJ-L30fNTI9QNfTFlgd4ddCHPP10OQD_eKe6WWrEDmZNxo5NP40WwolMQdKKQOwv16qTg4aZ5KiHQj1YswXFnYTyXn8Fzuty6E-s5cZl0CP7mr9deXBOWIOK-T3zInPbJF_Utcy4DI3l6Ls0AuDKk6fG6YgfR74Y70Qu8TCtemZA0eAbRaghkurspn5inmTWj83MBg_4sOwGDyGCteQ4aD6UD4gJhZFh8X4nuHE_vHtDhbEX22-qaLlpyaA2nGHOjQbOJDYcuAiqYpukkoUTshasTRgI5dDtj6ho706kgBRif2_u_KHNYh3ygADY27ozbBNtI5sUCIMff_AojX3phk9uadcMyFmmF62ewouY4eXQGA5eXeoaTu7NUirMW3SyjB4fMWPYuu8L_e233CLQhCuwSMeP-SJ3Ywh9Aa73o0BG72GPmeYnFBHNOCODAsBViza7LXYTWX53TROyaASjoBsfqbs8kKkXvujeGXhqQmX52r8xGm01AuiVlGlrQwPVkf6121w6fR4qJgSmPNUmYJUwmGbykFapeVKx4QYt65Q6pfpEh25RDhJLzO18lbRJg_53RI1XKEuqYgOgTIExw19DpAqfFqLR7nFVMPf-7XvUdcWf9X1HF156KL8aG4YZhEq4JBqWF1IFpSN2ywgWet1v4Z2ohJf06xljaNJLS2NNH_0AVuhM_rfqSoArvNdcIYO1f7LKD5JrL0F_e5gYvJrwtiIQnYqMN9JFIh704jrXYiJva0hB4T2wsdkGNkD8peR52vJcE9oaaVuOHUiuITgaYDTOMOAeYOPO8BJCQubunqrLBBJy5-8NBoWivM5danocvIdWTATjiB7lf5q99nOEnMDYqsTCjpZYQr2G3pP3y5MXfdrBfG-it9TTkP8lmyHrS5VXNEW2rrmTMoQgu_g2yhZZqIRZeM1tx5E7fMJQEAI14YLJRjuOF1HoAaaEjc7pO0e4UPqG34hHKo0yp6M-KfQLzYYgUPdQoRMdcsyCzlqHiRdDc9OcsocnGyfFf9frghy0wbYLg9ex1l4nnMeVfDmjsfYNeeiD_bJRlCI-LJc5Q4zIRWBMnHpmLOaWQ-pKlw_ez8CyjZsTstmyIHUFHWawspoFvnCaPARMwYBrbe6EdDksFISe44WSyrH_cu8vzBhhb9YQEhikK0pSOgrt57JXWFEJiG6x1KLasIPGYUlzr0pojhC3oM57gNL2-VIPiHyiM1FgTvwIyicv8nD-TOE8aUpxXEbtL_TgjQs_H3qn_XwbGCJK8GS3SuhQSjCEzFkO3pZ9Mt336MTh2og9QsHMKSNGdbmvM2lRmgFjdI48h8FYhtzc-b6bZFe45gvsW9WIxI47I85KoKzrTSw7o4uTS4GdAYFQ51PwDJgDzdn71FS8bFMSnnaRXImgdfJMCSArzG55Sy4Q3lkXAPXTMDdJhfHpK3nxh4XektRYTTZFlSVBJ_mSW7mUQfnHvpx_PCCanQ1xZTzpZc1rHBbOpDSHTrA5W_4OI3PZSt9EHmKtEQVYh7Er_lyEwbpXoomfVlu1twyyIQG6vlzPGzkrX4CNVBYQtoU4uLs-LAFocfv8e4FY4WpUYooCjXhDmbIl8rgM1H-uG08Bseul2YaGnxala1NQBaj_WYCNoUYYt0yEPrx-AxMmbi2KrA3PowiJpiPFp1vXtD67&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17596455383161660000&adk=1033480531&idt=83&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 21:59:19 GMT
pixel
cm.g.doubleclick.net/ Frame C9C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIQ6d8qkz42bta60mbBkpmg&google_push=ATf1kGM7NojlavCV9QKEMO5doR3DpFM1NKS6Z4nvoSxkVp8TedOjVC6hGQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIQ6d8qkz42bta60mbBkpmg&google_push=ATf1kGM7NojlavCV9QKEMO5doR3DpFM1NKS6Z4nvoSxkVp8TedOjVC6hGQt6n34cneqVPX9X7PsFufVyYsuf2MgYVABh9RtDp1TI
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230093-FRA
pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1685051959.256929,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIQ6d8qkz42bta60mbBkpmg&google_push=ATf1kGM7NojlavCV9QKEMO5doR3DpFM1NKS6Z4nvoSxkVp8TedOjVC6hGQt6n34cneqVPX9X7PsFufVyYsuf2MgYVABh9RtDp1TI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame C9C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEdp63Qg750sokbwlDDAL6c&google_cver=1&google_push=ATf1kGO-7bBrDVGVSq_GO_j-HI-FTFfdGCQRAnId6ef7da3dXm4x2Im-f8_KgQSuD4oBQzjZHGY59KBuYnd-SPZxk3_Nt8wkhP8L
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C9C3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OOy96hfSMmejI20dTE1kw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OOy96hfSMmejI20dTE1kw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOCmadrPCikJaMdz2Tqq_wDBvT7zyAqT2RZ26nSR7YdB7PwTpJFtrQeE2VOTkUd73EWV93h8Yuo1nYeNtyqaUUC4TTo27Id
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OOy96hfSMmejI20dTE1kw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOCmadrPCikJaMdz2Tqq_wDBvT7zyAqT2RZ26nSR7YdB7PwTpJFtrQeE2VOTkUd73EWV93h8Yuo1nYeNtyqaUUC4TTo27Id
date
Thu, 25 May 2023 21:59:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C9C3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIU...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIQfTcXFxuG9WC08Lr-p1WQ&google_cver=1&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIU...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM8CQt1IUmQrJBaMlkIVwi3XCP3WtAivFBkBxr0UcSQumMn3fqCpnFRnQLxz7jF9FcNIAHvb5mkqXam03OIUPvkmQfsARZo&google_hm=GtOnqGZH27RhKKG1RTCM7bOZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C9C3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAb5pln1Az6cGBZNXIuek4&google_cver=1&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOW...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOWK7LLmkc5dNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOWK7LLmkc5dNw
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:19 GMT
via
1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNmSJTyQtTQm6Jjo6JgxC6Qc0-SS-zZOwQ8klOXuvwCY5QJRwlrjoyGCkzVan1o_V-8eCiKfKOfoKiyQsOWK7LLmkc5dNw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
upz_9oav-XflgmW35To36TcPeLS_KxCnuOqdYj73VVoAZjSb4msMfg==
sync
ssbsync.smartadserver.com/api/ Frame C9C3 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEK348qPcRej-AvJaCoaBUYs&google_cver=1&google_push=ATf1kGM2GRA8SBcWWoP3AsgN6vQYFeeNDPQbl_3pfVBwziFtrTXqiAqfJUaA0eICv6Kv_fQ8nQoBJIcEk2Bvhdv3mYlCjxPdO2pI
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:18 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame C9C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2G...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2G...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2GdCYlUWXvmz3do72SMFhyeITNGh
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGMFIS1VQ2UhHgjU3SS82UX2kR0YKbne93gHaDrVtDKJcTh4lykWc6L2kBAiu28c3xYh2GdCYlUWXvmz3do72SMFhyeITNGh
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame C9C3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KllKCqOK-bwzDJquo1Xj0ij4R5aFi-b0hH0nDmRdt2HTGZ-_6JyRtV4HIhrk-Ss2AaUMzBjw
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame 8735 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 12:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
119262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 12:51:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 92D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMLOgOW-HkcORnBcqzTwdYEjGOLTtdcAjvbTiIrkuz1lU2xO6lgCM9aNVJU18mplUjgIHHNknVyCjuo3hTzxhbjouMtyxa1KJZl7X0fyA3IM1LLrBPMA2wceNIB_ZDWaZaAhFqBI3Rr4KupjU3JBwc5y2c214b5Wvyxx6RY9Wzcj4CxGT7_kFcrXnhCif1Js9esBDN_U4gETlc9BvyPc6v4Ff-VwYbpiBr5dgfzd1m60TXgFiXyOeFSF_U2pbKIZRayWFSyQ1na2XndY6xJJHW3tqMM1mwlw3iNL-n3-DM1Hycm7b1ZB7W0l5Bo9SwuhQKE1z5ii3FioqlnYwGuDFzSYii4ddmOvTyPj9bh57c0XwzL3drNy0c8Qn9UWiGwKJDu5PzrbKasvXGSLzVYEfccx5mmw3vsLPg2r2eXxg-RfJFFco8vuA8k4cE8IohxScfqi0LIKcCzHMgEYLkaL5tn31xYFP8Ct9Bq6iWouhmnZ5XA9i5G12JtfDnCWjucQSTOckZdZaXCyOt0QWRTKqsKbw3A7jskDQ968oPo4jE0rrhxXGCu0o5eV9GXUJnjUpVNil9MGQaKHKGN72-tCnKzhGoevyITAlXC4y7DSmO2w2UTE4g7-5XFx8VZ8VL70JrpFax-8_p7LwSDdyqVHW4tWXh3QxZKCofzDST-znVUBErvbyQYymnze67rC-yLlpr319SSoNIz3jI5aQ9AX7caAqiT1sPoa3-PxlTUM5UDSRfy8iNIRdIzz916HTQIcPGiQ_1f6rV16DITh4C5LdTdtf17wJ1xxCSNQaPtSnGu4rnr1seOUnO7y6BrMNl8U4vrekvxZDgvXUWbMuA9X464XS11YbUWLlQ7_-jSqgxbt-P7nXS6wPagyvrPZr9H6OU4lkuVUl6ZePxpeIvqUuMKF5zXbJYZVjfP2tidH4WYI61xXSECWBF6v3A2iO05m1eejcELNvGXPsPmDANz11oG3WkXhGu3j1tIFFbRpyeuDRjhqNu_jBb3CG0SqEuRPKFNqcEXvEBexGuYINV0AlaElOD4-hlDOFnd0KsOX0aQMYf7cGogGVMlFChyJIB3zFB3NJe6-_rPOmTOWtQAVzA0NijBszVXKdpptoHb-Cv-eVJQAuxaRkPaEIJPCtwETTUexx-6O_flCCgevE5ZbUQ8E0XcglwIcTDT27-FEx5BtaZeH9ReDlcRkSkL3f1K2_dPhY_nyL8B_xY_XY4C4jqeYEP2uLc1l-r2kchYgmr7Q&sai=AMfl-YQ7GeTwimg2-t8qPztH3YM07MmDDW9WKEbNHLWt5HDH3gmtdq1r7Lm8kDdsHujiiNWqZsuzOPQp1rMyZJS1h7RRzYF_Q_uHNYSaHAoRgY1I2HRVodMbyxGy_cScb0ffoXuO7OU_-znsFuEbFdZzXGSn3e9dENgKDif_V0jjk5UraE-UQeUgUWy5V0c47EX4Sgp0rV5uTfoA0LS5aZT0vfyO111N1ic8X8QL-FYIIicwHKXSXtVdLDgknufohsEv4_WbmOw&sig=Cg0ArKJSzIt_hMAdpqKgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&vt=11&dtpt=188&dett=3&cstd=125&cisv=r20230523.15072&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 21:59:19 GMT
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame EB7D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 12:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
119262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 12:51:37 GMT
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame C7BA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 12:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
119262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 12:51:37 GMT
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame 6F81 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 12:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
119262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 12:51:37 GMT
logo.svg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/logo.svg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f03509718beb4070d2850b743d60a459a91d5c2510a0698675f1f2132e55468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1469
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 11:21:05 GMT
cta-text.svg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/cta-text.svg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b824042a7108079234121c8a6e471f11b166bd4bacf85fb9cab29a9341eb647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 18:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2257
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 May 2024 18:06:18 GMT
cta-text2.svg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/cta-text2.svg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fea843a3f457beefda91acccf6e72825c204589b59d2cc93a63d778a8208447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2261
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 11:21:05 GMT
text2.svg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/text2.svg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72def4e68fd499ad2d5345f3c286c6d1d88bc598a3b45b4455391cd7b1592134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429296
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2612
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 22:44:23 GMT
text1.svg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/text1.svg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5902ea668c562d9b87129182849179f77967f4210bd2dbd0077e9debc853365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2649
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 11:21:05 GMT
img.jpg
s0.2mdn.net/sadbundle/795616883461662477/ Frame 0D3A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/795616883461662477/img.jpg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b668790fb4a78e37c82b8fa599fb7e8a0dc59ce0b2b9d420c32f6d9dc6f62c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/795616883461662477/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 19:02:13 GMT
x-content-type-options
nosniff
age
442626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42037
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:13:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 19:02:13 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BEDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNwDcV1TxwkiPPQu_0fHYqaZ5bDY-f0At3oD_Im-V_Z0uxsleVV15dDn2j7FD0ARVBrJ6kpedBWl4n9cuJ71hoHhIq17saC1g5wfLrP0W-0jVSzCrUecRezMYe6Zpow-3oGpvvWDP9KF8JDpvEtcJFOaXju-gVGYHD2di99F9IvJbP4lPaOII4voDNZMBj63CDvekXMiuA_AgcxXcKo_HGEdxsv1QkiQS_C6AD7JZqw7RbjH4alCtKfuZz4FCwPmV9MxWR9pHvalg1vwL7mjxmkzjoJuLh0FgRCYCkLdVQLDmnEPHq26jScgt_p8O9W7gz36ykGx8Y8LpDS9PC1oyPFP2C6QL0HwrTePSSVv9LTzSyTiywdl9U-Bxv5IY_yo63j6k2Cd2Pg3DqKFY4E_StevCLewqpjYb8NftqItESzx9WFf6RTO8f37baYQc9IStbUsM0Lbl0dwWS-AcIMuOBwfBs89q1YVajqt4penCh1RHDsZZ9EstHp5HE2Q0TK9Y87c9GSboJPpfnIUaGkfxGFohkXuvn_3rv9PTPqpfEcWWnH6n0gdpCpQlOKKLANI1_N7SgBTNGaYIDCJIWEyegvzrkASiCOOeCtQxWGqBZJzfJTe3H4jBOk6M7bvD02CCFmCJ-yHnF4Fxoy4RGOR22dke8IW_ex81dIAbR7tFPoPcku6238fUfdEHQzDlv9LZZ9pI2gke7eKigt70quWUgPfPUWHRINBT_mZlFlJEEdVBhBUzXuoHE55TaysgP7ab9RwP3GTMCeKBDsOOgehK0wM6bPipQjgDSaqJj7oWcCY7H58ukDAx-2ST3oh5qC_XNtkvOpzqQv9gZNmChfisMDpb1oR2-qU-Vymwt9YcFdRo7_EcWzSGrGnq31c9_FDF0Jd2Oi5039GkhUoYcnw2WW_ll7uvtjl90KEJQuca0Sp6Dl2_vUk4Dcxp5_ztwssuiHlD6V9XjeQGjyJwg6wRCHiS9DD3qzqO_o7Zd58fWckS9AL27s5b2pee-YHMcq9hquNJqgS-rV6BBSDIr1VrWnSLyawIcIQ8TjXVOdj58emDGBwnw0vOgcLdca-wlCFxFUveqArRQbbzaSkTgtwFrW4yEgUI-miJlUbfsTjtSI33vO3x8R6eCNwGMtbFoJtM9IYOxruOOjIJ9MWmPOExajiCbhcIA7Y4mjL3QYfNv-OROsM8kgvCIYdD3QfGeN5UnOqHzVh9ChsziNmPv-K8D8M5eLItavEiuep2ENDR_ogt3o25617SHKklFzeqpB_spNA&sai=AMfl-YQCktLQGe0j6Nw86KLSrIVl9PfPU1lpW23W9GGcBGDBaOr9mpv_QkEhlzTwguY2RhVO7dtb1JJCX_t56Jlysnsna_pk3P_6XJPd9ibvznAuT6oUExQby61eX3NKIsjxWUpng0avOv1MJ_HuaNiuxLa0PTG_o9Fz_nzZZp6aHAJQoD-hEmGq05gB4PTgVqljG5Yah03tYaJ5VFqszTb-uOEE0FAw1V-DARJ3aekX8WBRviIFcDN3GaXmzofX55hf_lUNlG4hIgkezrY1n4hoe577EvGTebYQ6w&sig=Cg0ArKJSzHFfYbrgysBBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&vt=11&dtpt=345&dett=2&cstd=0&cisv=r20230523.83527&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9FIjEjZFRsperZ36J_UJV-jcXzo2CEQlkhe2MFW4BTe5K5v5WI37FZc8n7k73DozIAlqrdDf9py-2a0VWF4g9W-nZQ&cry=1&dbm_d=AKAmf-AyL8Ie-0EzN6uThYtkI3W6y684zjhy9fNElfvVEzmgCCtkKE9Tmu22aMT74xUeq-j8KIjIt5NHHRbH5c_d4wwNZVGXc_kAMfW1v5udwMX-BjPx3ZxlJUeBPH2TQsUNMkz4rxlrAzANo96JmWsOXoX0Br6HNojYM0fk6YJbDKGeLKfzdPjOv3R9Pqu2U0vIOacMJXHr1S6jt428rWQJNZd5sStJQAv3N0Av5CuZGOo6IvtILoQvMDiubqlL35hBYU3Xr5DSwK6T8F7vFqILoYpRsrLPzTMKgjOcKUCZhi4Ntsjps7WMJmC2_oOCt5tjbxd97M15H5PrGgRKmBGmE0HDIHnqPa2whd95cCrn9HjDM-Z2I9mNtQhvMhRVKY-RxR7RDycBZTTduQCmgUlohtwGdD4CMBizJFypvPAHOvYHCqI5z5qKy_A_HSl_eTDtw6buACfkpXWoKR4sVw1MLMkW63HvKVa0pZGoCCi9DdC_0xKCJ0DIjet-6Je4NULa2U4MX5pkIrEF3AuIVOFWpyzWuPESZfvX66nUd2Tk8NlPXJGOR0nZ5ZPwd0vbAAwWTpAqc2oLIlh7_31F5bX1XeJFnLEUhvYrnTyA2FtAgcAtJ6xqj5bDOQAhwfExN_WFIiyBnrNj5AZiN4cosrIlA4QOkDkm1VwzDMvuurbs4HW_wM9kQkbQwu1mdU4me6patmPxZdfoWRnpbVX2mM0KpxPiKZfR_-yDAMgimdwBpdW6TfxZK1WCuH-xnsRkgrQr_EWMw_fiCc1SerHLO3Zq_QzoU1aAUN--Zmry9UUHo_vQ3zPlGM2-dEgF1oYqh77kx7pW54fRNRVN6JwJEQn2BmLtcGTgJ6DdHvfCd_k-OvfD8tl0RUpVG9hZT1eISMGVc2N-PxiEZ2WxP4OTA0777I1_WhfX9PIyEc38FqxXPLsk-qeHSLbbKfNXijpc3lhp9TVZKtwQthzDSLmmTEAtpKtZRBJnQUzD0ZMs8JJsuH8rkhAZOJfLbxM3rw13twHWBnCkq_zo6OjNrSu8ng-vNAe14JiNGGgrMuGl9b99iCLXwm4_kJ7vvri8XstWgwfbMOREJ8SsF4QG7PfHmEpgawSh1mBkQaGHfhcdiKnThKA3rVuslz7E-oLPWmbtLAwFcL5taKV1aMsZKQ2HADLq1GlpOkVWFuOc83DseNi-mJr7Jlc6I4IAAtQSYbyeOOaWP8trojjAz7gHwANPOi-tS-rPRrEEBmeQhG46xPQGanC870RrNRTwap-G-3XS9n80vNsXPHprD46rTKIrImWGo5iyhEiPGvOoHcJ8EVc_j_m8AgDO6U1u9Cu_hiIfUyJ32E4m3qwvi6hvvUQuImgcIpGOm6rSnkY_6BPl04FB3_A-_Ogm_-JRK383L61Vy8zU85bnD4khQqO224kAO_S4iFZ9KY6FUuJ5uKUdTENJEt95meaGQk09uOxxrdt2H9qbqCZ3-hgrXXKBIoCLqgY9QhZmJ1Gng1oD6xyiYxiaqlDs8WCsRhIlbmiYoOKbltK8m4N-aey4rPQ7DO7GQQ7oOxokwjb9Us6jb9-s9NkfnDrFvzDw52nKQKvdBBIuWxOwkS5b5G_GZl_ZVmbJWNAp692YUr2Q1c4vaXmO0XKQ-KZPwtYEqbG8_adHlGFsQrQNh0LBQZgXKVB6aAsxnmRFLzzgfwkHtHDcVqh1Tl5nJvekE06VqUJA1tmj8D_6qF6a5DlHLlZ4RrON5amdK7EC2Nqcvo1WfFtissBvxiwaUc8Z7qQgB_QU5VMShgfcAWTRtk2HqlFonHB0nITeJruJ5FB5rraWH4FhhFgWxd3OmRcywZi8AR351rhDMoOL9I9ghLG5HH48r7wMKtJqghYnomj3v7ZbGiN2lgHRkJjfLRoRnkKxmEL4T-MnF3xdFoIN-qI6Wc9GD3-ThIbnALtbZhac2lawIa1RFAYEdVaYsI4AZsPmxplTjR_MkigT5dd8hjwOxgQYDAnNk2sjXcs3bqNGFtPAYLJmbwuTRoM9WugmpM-eWfTD5EMhSSm7aMrcaJZzDRfXuD1QSnd1rB8D_ZeK8paRxKKJf349JzDhB3sUrl7QA5zPC61kZWARfwdFWi1OOgkRAFafCiNcuqRPjQC0y0ZsJt9peJsjylyY_6ObDDSyDygn31KFS2Zjrgo3718yoBZApLI_ymnyJE9i84mecD6RPaAxEq2JqYQSBwsLmCFDGc3WamdxuKdCPV0aQLbWMCXUjIucpFp4EKGDRj_MFn5VzbJvkX5rNKj7Rx0LuE49qPMq-Rfs9hfUYvVnzBTkpZdFXzFYDzbtFotezTNlU4aThgnPkrRs4yadq8PqBlrJLU6GbBhjg-ASsy5pWXuIt9cmJ1vnI_zF1_qV70-YkZNk6es2Gqa9SwG4ybhQuebyo53VYgkX6BuqQvkBasXkJlE7m1uA7KIgU6P-HYxKOAGzXOM0_S95ox3Z3JlUjxPSxxMhT6lBMElILJSsDDcQ5g5elUH1YFwA9U-Rddc2IudlxKoeeYtBQtF05GHjmrnF0FhLOHcsst9RVE6avi5V9nXExTVNc7BjdoG37sEvA_bQT7qSvoeYscbxSrXkFsi_KMyli5QG9_gE9fe0H366nSoze5VI0B3C94KNpTTCvKCQlADbnnPMDxnRMt3uE3BeHaLqJ8mt2Pr_OxUs2Hml2S4Z7PAGxxavj4DHR6QxVvwbMSLt8_amyu8I9cZiq8hEPEyJmsqOPsflakf592rtQGQXClHSo8NTIObzdR5Psj4bJaOl4Gnct7TWWoVF4HHzm8XZvNC1Pv4i4x_KUc1wzX1OtLuZRFVbcNv2bLPH6icSTWN_soybrT8XqtRQVRQiA7RdsTpVxhkUu8YUEqk3hOoekaXrb1TuxnDOARmiOQTHvSZDrgirWjNk29Inu1tjMl8FPMA44dDyoStrfYKKtYVEyAWl91bQFtt9bQiwnpARWTk82Pa04WtmK0sbuHgpWzjvlBgrvxxFjqOv9eXrnXAktjsBDFgSK5VNumaw11n2J30O4tjqf-5GX8LyRpdBnE6onnDq2DpGLB_urddxivlMjZwZ_JiJdGn4O7YemKG2OK2fH-zRRjleFespv2IqGYKarwXIa9COrYvkiqReoiGsyxAnGREYiU7QZHQjXR9IYHzLiPmHV2fYU_SX2xHttFjFcxLSgJhCnPrK0zqQOEUhYkM-r5h6GCAqwXri9KAZVcpdrrcGkTPU_3l0hxW4nLQG4NKj4wlP2D_ShfXHraTCiKA8b1Z3umca5u8ZDkQEbb36tVk4BNom2LzWgdgzbW_athkbMYCwCTBC4bbkZiacRnUP4Z7Kv_01dbVp96PxPtPLVj7B-eqxBVyW29NUsGwviMfUxdedXJO5y3Y3PqHf492RTlutxpuMG18jCJc5IKKmNWbHHANUW7U7tyqbh8g&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=2070092110585360100&adk=3690638929&idt=91&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 21:59:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0F4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3pY2rmJSzQxFeNH6YlcbHkeCSOZrziDRcBTZig6Qx-CI6iA2p966GFVu8AcZPJbucV7ev8ZCrA8TgKMHI6XEApmj4L5G8cbxaArIrwxsrN-p5byWkxdAvNtYcUM8A17oWvFOpFGzLul4nKnZNEutAA-GlwBhdccIJTM7PzRyE45jIeuNY5EfrlViNBJ_KQ8DMOMdkMVBkoGfpjpC9kQ6yLhMiy5mZ4m-mjIOkg_u7QRUliTPmMrAqL4JfrnMuCeiMIBTpuor1Dh-uvuP-eroGUK7RBYv4LiXyghiMR9ltIHXVQNpS3vpAim-esEySzB4AB0LfF8GbzAcZb-v-msz5DmGe_gad4L2odPLS3adIsYzc4g-5eDz6bg6ScUMASeQTQlq3AT0-7tSM4NQnD6m938Zhl4O0-_XJXYcauI4SmKAyftHqUUwL88_-dSpI8AM9xynhh6QYg8L575DWp5LWD3sVFlP-stbtWxBsNdrWv8T6cnuVlTkkBmGHbhfVNy-L7EoJJ5t-_ySGYEAvxZwvxcdQ1yCvbhPrzQARtOrRT_VTLlcv2oTBKJ6Ax0nuSe-U9GeC9vP24vyqnEJSBc8F6QYH6jXW2WmXGp0Z6fuk9LOO0GNb6PpZZlXIUrQtchVWjpRCG6AUsQ9GuKAI0IyVl8ZgaOj-ALGyiLrJQI_uBeaFrw-h3QcIUKJJe8vwrn3fLhRUaLWUh4sAwMa_WzyjQKtbY9lp8XqncH05MEHfq7UgX7DsDr0wfxLGG61j8JZfdlQ76Vr2Rzu0cj2Rz1mCnv38MGb1HPOGQVQeW0UtuD5sNxfc0r0dQepCZ0yFftdVxitd-C-OH0DJZIWCNEC7j3Lu31Ly0Y2gFcJCLQ142mI0DVxiYpafAbz63t50KhMjdLynKt-FiCeROeQ5rCuHGAWstTJ20i9jDpH_NGuqSQcMh2RbS0rvaVzk9kFK2Rj0I9US6Mk1WS6deYo13a227ag9WEFQlOssBnLJ7tA5fb2z4WBPyVvYGfkg86xRosl8uQJyGUGfk6Az1q-Sj5n0Mnp-pc9GRCA14nR5eqbQYPicIEYfm3tSeTYBS461J1k94WjTkcqX0NBufqoe3x4Jok49CQIg6ggVFyTWlWI8lxen4NKxijmwNrrXgCymtgZYV_xUCv2NHN-L_hBT9bJ-rCYfu1hppU5rPULKTFh9Ise8GpGLeUgsN4-IlY1qsMJXTlgmY5XE9vfVFrg7T_LY5DTtTxpUmC71YoNMlzXPgcKueYFHlBmMSlv_5G9XYnRAvA&sai=AMfl-YQxZ-FPFQE94y_ftwJ02c1xEcbs1bjXWjGmibfR86YEAFr0RdBb-KCa7KT7U23q2gTedPjFVE0M8g6RtkAif1MPVbY0WFQbgFNQVDOLeCwyyhXxrb73h3WqvHL49ecJWgjptuzpTSiix1vQde3kcugkL4h-A9bV-YmrYOleFdjqxSE5YL7AvdV5m-qVffNyfwCQbKNdY9lJlfEr31fADxNXhuI9LOnzWx2m8asFX42FgQQ3ewJeDAKK1D3pQRKi9MeN2PK33c-6XOkWSoykO3yy8jAVVcmOpA&sig=Cg0ArKJSzOmYEQjruXHqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=353&vt=11&dtpt=352&dett=2&cstd=0&cisv=r20230523.29361&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5eUMFJ0slCescNbPH9tzhorU_DuuQNw3Ldjs1SS_CdftD9r9c7uWkvBRQ5LP2iAugT49lHInViWBk7of9mJgUDU4hrA&cry=1&dbm_d=AKAmf-BzhlUV1QxDUXPzX4zd27JjaoGQTznE18ZidJuHst7mTiY8tTbdZej2Q5n1ejB-ldjhJC8hkvEdu_rf3hiH9ffCivMgKxe3nBAnREwOqhetPUZdGoGGoA3f5EDFX-x-SNNANB5sd3qUdm_z3xCYQ0gswu_cqu7t6bjx0RtOoBhC9E7bj_AiYwePdPdBAoGRQU7kE-6zBkwZFQACHgFRzKhKGHy0N0dK-fxXV5czenExJkibXuFKe1SEW_D3DLx6s-wpCNTBKLwmJ5mhbZ42MuXQpRDuskLNOThzi6Q1qoQVjqTOTe4WlwHDli_CFIVPkjEbA7LOUJaGw3uNz_juAjJJ6rgiYPBRCGlokEJEQnf_u84Qvney8EuvQZOvg2k14hikYbzZK9geXUeHG7gwEKxyN-rDJqsUvAtGcBn-A6QZ7SkSwxa6xnRScz-aLtKIXgRYK-leuoOU0HqlUvUGWtp2FVwKFr89SpyFdHb4Y8iL5BM5KO0LDFCoP6hOKmwZBkrSUxGkDFkuuttE6Us8DmvG1Ma9rgFAymgxKWiI9MUTJM5a4go_OiNrPvlBTJFAS-wAr6s4VWXOewx-yvirEcbSMkMn_Kp0RFLZRKIYOxxKcFKpvDGyDGQNJlEollZC03BwrK-t3w-JtgQLHJ4y4Zl6qOHQ8Tc6n3pJU0xVBUcS16KH60x9tinwP8fCsYy3QdX4YqYDMezAiGjI6a4gzkHGBVQLIzyIaSyyuUozWg7mZuJspPC_QzbO4B9fEdofGa1-fX7_5lqFjaSq5iXDUcTwbmVZUhRT16eOlrBxVov-ftyUvdemM7SE0i2HXh2a7LtfRjLvtCUFdhk5CUc-HMkp4pMWJanmkghBsY4uLTl-woTg3C_9kAyZsY3YAEekO4GVdJRMlZHFb7PTehzpb-o_cYOQ4eof4BUHdukSDNhUmu0FKDFo4Liv0kb_CUlOOXyUDwZ_P8wdPTCeEenKzAA9ZfsOY_b8s98Vwx-IoL4fd3e7bfzEeU8zG7xIvyB347IOfHTpM_WRuGBrvFMq9P83rbKB-6CxS12Zws1-8sdEGnRrsfAZO7OWxCaqUcK2B6-8ivu7YZaT1Z7FpetZ1x22JgLkd3MQP6pGYLyH4DiYHJ8_s4PqqoUalKsCXzP36MiflgeFVhV8omtF590mYzvTo-ytIeLJii8c5t83JkeiKPNpLlDgkjhKRyPVE4AKOszgKUfAB4v08fbWuwcErmOrMLMxXR--RZBC2j_sZvJYUO5ZpsELQ3NZ8amxlAnYsg7VO5p53tDkniZqPxDH6RG0y0pbqslYeGNdx0SM-I-j8q8qZFI5ugWLj0DGCZYd6n9y5il1ZIkYLx2WYWYBaq4kGz5-CodEVF-17NXpapSpRfTR9rLUpgsiNZwuILd1sgFo8HIbbBq0IWDFQOKvtx6tf-4sTZwZ_kwNyEtbg7iAfd43Ih120uDgs4izCnLXGDWVPbNvzFHPeKJ8LGP_3dqOKSrVoUk08H1khos3MuuEccu8CXddHtk7HyPT550xU2-hLlAdwrkx9rk0SAjZE1siOc-qOiy1H4w3GNUHJWB_RZsXQPNtP-NVyF9Xsy4nR3uP8cKF1_nXjL1O43FlqFTMbWqQ0gb0zTQ7t_Kjq-SIZ9JMhBmnJjsC5MqJ5cQxTAfPgEG9mi6tyxthnm9qyrHuh4A7yZ2bXu1-CcxqiuxCqRtDTQG-u6t5lolD6hTJfDfWnba1eDdRG2yCO47DK7UT0koaR0Wi-jLR5PZ67sXOCMSuD4k51gfCM8K3o2yplsStor9oqMBjHl5uHJ4HfRfwCa0j0VVhsxV6hIRU-LYDmQcrPgcnOLB-Pbuqf_XryCq0n6bepjDLPavQNrPFiX2gjy12DqMAAEbblh5d_MwQDaxfSom-3KaC4Cb9tIgfjntUVzExxGZ9gcyB9UcuFmo18mI1U-CZBBpSfRnG-YosTVzNwtM9xAQtPwJ-tVO0u8QQeNDGjw-tdy7BuabDmMsGsiXzDg2MB0Ltni-VyUKPJlZtYGwPCdB4OFDEKFmFi43uWmoP6dDZIIsZP87y6uzh4vSG0vXhgORg1-mWIShxW0fsYMgu-0DZ4iibY2xnG3aVkuxKUc7dGh7A3Koqa9ZZCAyumkoZurvnQXDOypLDVi00cSx4_0FVHqJfuy2sVdxBa5lEb8gaoifT3BwoHQYF420f0jXYGZUgJJGOZvT_5_kv6nCwffC-Bq7NQI4Zli56_hwHlqMDOAHbfcvFiTbaz_boMhBdPY5lPHGryHRZwPxQdewc8fZ5UTJwysIOnWj8pYBovjYsuZc9FHA4QNctrkslkDygUDDdSiSCE2OXDETrzxS39CXB-zmQS9b2iq_bxcMN5HEbjRI9esXL1UurdW0T5sfBTFhCK-vfryrXRdNLdHwJlLJ6fpmieHzJEgHYrotiGL_uvSeK5oVFY5kbDok3-obt9KYB4oDBkfW_fodnA4BVUHG3KaD5RtPyrKC6AW3W8ZPhYvQlrsX_GWvrVN_lZu-_dEcon1LK1BqdsrLkuQ1f_Y0pjSHk_DQoyHBhsNp5yqQ9SOnU4ylITm7GHe-9Yl6-zV1XhbzLrVoGxGaevDfmZeag8lK4REOIop23iaCYv_VJ1eXv4pSVjuVL-s9lxSIRTFemIvRXJ0Gz-DwPo9_b_GNgYC52fG8YSJJIR2I7kaLbJUWq0dj69p9ElkZX1nqrTnJhKlpuRj_LKGA-rMncW-9GZDRXt4Md3dbdA_w-jGx8GNFiDa4zJjzS-F0-kuX7e-Nbu_ivQ7Gh0Y9xD3DWkKZ7ou4rkjOpVs8jQN6qP5S4XmwlEsMhSsfxqRGJYj0LSitAPveAB-3gwNyPQVIZp1o78CAN8uku0G_DmK2OdiK5_g9-EGEp4qMPX-razZ5P3Z89AZc1FyET2tPCoFqt6luKpP8OkejozsuQy89_shF8BGPalk27HITu5x1vzn67OfwuKqHdcXMz-X3BkmO_AKVx_EOdP2rwnrLzsy6XRdbT8aKo34w-eNn3GqViSulU_MFCfCNR8vOJjrarJjsTXd-gLUui0eLeVQhjqXkPa2F8Dps6toqAJiQ2pnt8Ul9inUT3N29Xkn9TNDTSsiPH9RhNJeBx5fNfEevEoMNG8CqYFexIeuwtQZgrD-HOi3WXk9wmTQmfYRPCgVtEAP4_S2oUQ7bhSxtuOOTKBzMjTp_rwNf0Dj7q5P0T3cywM_Bjq3-2xY_vYMrgAfFLwT4V9wzXfjKfJYy7lboBCdv5UW0Xx1aZ9WxaSfPY-6p9vkYCdkyYZJpRv4D_AvduULTMahw3U8Jvu4zyep03y29a-Zc9XmBNDUyoN0mH9xf5fnor21dAKQyUKrh3DTM_KV5i-AiWz0hMGUANP86bjbKNS9ZNrci05m25m1GzBPYVyg7bFPQcuhZkkmAa576BcO8&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=257322779127633120&adk=4188270525&idt=83&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 21:59:19 GMT
truncated
/ Frame 0D3A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
partner
sync.search.spotxchange.com/ Frame FDD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDNgJvJ4aClw0XbU47u7K0M&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDNgJvJ4aClw0XbU47u7K0M&google_cver=1&__user_check__=1&sync_id=6652f1ea-fb47-11ed-afdf-1a377c5d0406
0
0
pixel
cm.g.doubleclick.net/ Frame FDD3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjY1MGIyOTAtZmI0Ny0xMWVkLWExZmYtMWVkZGIwYzUwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjY1MGIyOTAtZmI0Ny0xMWVkLWExZmYtMWVkZGIwYzUwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNUr7q0sKWNtPEm8wv1nQVow1HELegdLzuLGMEFsMqK_d8AAF7GMgl3sPORhHjAyUh1wcno43Y0aNHYAH8UNmWTocDz5gykXF4VIX_i1Ya6FGHmuaoPHnTMI-zYK8dyEI2AbCHmuhrJ1cIrmykqqwCfV1oTQ7LiTeHgMpiwU_WGVtxLb0t8
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjY1MGIyOTAtZmI0Ny0xMWVkLWExZmYtMWVkZGIwYzUwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
86
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FDD3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rb1JKc3VWRTJ1RTM4OTJRUFpHRUpQb3lIdTQ3bzNER35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rb1JKc3VWRTJ1RTM4OTJRUFpHRUpQb3lIdTQ3bzNER35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNUr7q0sKWNtPEm8wv1nQVow1HELegdLzuLGMEFsMqK_d8AAF7GMgl3sPORhHjAyUh1wcno43Y0aNHYAH8UNmWTocDz5gykXF4VIX_i1Ya6FGHmuaoPHnTMI-zYK8dyEI2AbCHmuhrJ1cIrmykqqwCfV1oTQ7LiTeHgMpiwU_WGVtxLb0t8
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rb1JKc3VWRTJ1RTM4OTJRUFpHRUpQb3lIdTQ3bzNER35B
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8735 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bd0Q_NtpvZOiYNYepgAeL1J2ABgAAAAA4AeAEAg&bg=!MDOlM2fNAAZ8_aWmXP07ADkAdvg8Wqaewl7Z2hpxs6DYOdmtd5QYIBD-uHkOx8o13pfUXyd0Bdws5W0oDGC0qqrtWxGcAFTxn2sCAAABCVIAAAACaAEHCgAviL4ClW5zXTsNxdTtPkqD3eHLqIb43r5Ocw7pFQDhHtUvGnkz7KOjkDgUD-zRD1yZAu0qNIZlpXyI27gbngM-PuAsNe8u_TnlIttT1-JTK9m4Wezx568OjmwUhbTi_Ohfc4yTDfFAESQYDEvBxcXTzCCawL5255vy9FH19X1dpvD3kORCKoboYlIU19yIPW3uznGfbEv1ukWqZFiizG--fAdJj2fe_WSsZcFbRPocYysCz812BL2sSfbJPP6KX1MKR5as_l6oZuG1rAqdWRKbxt4E5Jj1bS-agWAQtsKgvYOiYbbZrZxjND123fwJZRmcytpiFkBC6zuxMxqK2IAaRhJtSm6DWS6fGndbQGbduLZatvxo78TWUP-UZgK-87-Po5C9MIgD0DbQgZJHUnxa4dJPqAFfz1K0BI9L9FQ16NtJYbFWpWYC8MmGO79pbgKFrtbydNoRDWjj7jYMwCgJ_c5aMHhvslQa_Ib5A7aFyzxoIGo4EeeP_dgeIlZS006eZnVZT-kr76Gc4e_M6fVcMXlVmsWR0odT7CwiTbAz6EO6daQiOET1vBLiPadM-XMOSFYagbostJ0kTkBDKOuQL1dcY4ag3fGpVh1PXK5PoIrt_PKrEGEcNmoRZH50t95t8SE7YIMs_6038lobWCLiEwO-8Aa5NDzjl-29bmYcZMp8sTVVDlfIfL7GtsXOxbAfQD4_LfjQWp_mnKKTepsRwJJqeisovfatWWJ-Ot9DXdqHhGrhoiFIYHfTpeV9raeHjUkGbHnkvPDrptKMZIr2nZ3i1LIiF19Nlznk_1YgIJsmXE4N09v5LOg6KX6tlIRlHJBGFxRUgDHFiR84SwJzmtcfhDeTQm-NnG_fsCHcOKdM2MoJeXRCOO8o2o7N5Dvk3ViP7wlokVJPokcjGir166O5dRJSkNjBERQVeyPqeA6G_sPILGY6VyjFGHKuL27tkgqlModbxGUAzZ7KDwRKjqyBM_dBMt_FIy8pWzIkjO8Oqn9rsqpw4w9iqAHdqNzCibcmOSc2iFEZfEGGDJnw_eD3mIR2RUi65bZxngM9fg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuJrcNtpvZKCoOMXmx_APorKdgAIAAAAAOAHgBAI&bg=!trWlteHNAAZ8_aWmXP07ADkAdvg8Wo2M6UK59k4AOp7OFb0nyAFbOzRgLILiJ_R3404GDkWUXLC0H4CuHNc-YoVSuGI7UHCOWeUCAAABC1IAAAADaAEHCgCXO3oThbN_AgndVSkgqklXq7NmCI3UCJvQEeDyE-HXaoKhAWXLTC2RYooShElKJiOtF0HTvno25UKLpa1NBgbIk_xI9u8b9-BI-Ap6PKSlrXAfbNfTRZrnfFYO51-eCXtWB0hyizYoBftGonyFWK0CTCrlbr2vShQLLxCncGB5dInhlbLSu6MjWSnGEwF-oA3BOgJjfbInopkC672nsk7UnxMYNxIw-aLr5ceOUVutdJwVxBUmo8iH2pHuM6g3oYwoKXf0T7Y0q1jZEFPmU9N3hfUU5JYAPHCwKYbkwCKSX9MOTmxgS5fF-NCvWTUNKUwcQKEnMB7n-Oy5Wk3Uh5trqPDlzNe_zFqPWibedqSlfDCysRmtRFKGmEV8UKqb2EOZ1uYXrPRkXh0_MLnS04uldmSzwK_2oyrlUslhKjwUmf9DVeg-y7nOiz5fd9nGAL5nGhUhU9JS-gFMU3sayD7fFv33ztJ66oB76gV5yJFzbQuFpdsblnGCuxSna-K3b-tdibiP0Nef_Q5j5fXVCnmiwZQDZZQFYvf_WOlcODymOkcF2xLQa2oiz78bXP3WR8FI71Fkh7xpf3zZfswI3JOjezF9tQm97pO41x3_RexZTdgTDfaxCEyXi4Hza2Pbu3kin0dq8WL0Hcas40rwTICmKawBfUbDqE4Bg6Rxd0WOw8VTfIkt8X5GHk5gGxPVW03m56LGlPIAeJAB5wwPnSdQoT5-R3FApzyAD2wIoogxLePVkbnJIJEJuk14rpJpZz-kjqcTl9zOlqI6UclR1kV3KXKwL9YSxefSG8VL_l4UThh9szIQ6yh5aQbMNp_ldb9x_ipc9n4ltkuDUVAKzsnafpeXirIP9UxK3Wb75sJCdPHD-ky4AzzEekuzdEVwmBvCte7gRg7v9M8aCxl1Zf0Y51l1gsOYt69ARqeujEiyuRXQI4QmcjHp1vTPqmuPITUuMpA9p1QqtYS5TQZmH3dNtrLenygALDy8lUBy06fmSrorUZAQGkRYSV2v18L47NB0m5sQfk2g43E2uJ21NJYorMRDj6usxfsABxCk_TCaPRLBLz7QinfTkUc2m7WS0QAhiZNg5pjFsOw-JzxW0b_L5CwUiewxzVhy7pBL7TcM5Xr-ALT1Jt47nSlpaVXNIQnwYDIee7s5ZOsbZFuOHs8SvfHTgOiICcm5280var2tRQxP-wk2uQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7BA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqt1LNtpvZMaYN4epgAeL1J2ABgAAAAA4AeAEAg&bg=!z8ylzJjNAAZ8_aWmXP07ADkAdvg8WnhiJTbHK94JRrSGWarMhNNJhixQoULV_cPcfeguExBLra1IOGcVa8RMJf674YxSxPMKZYwCAAABIlIAAAABaAEHCgBff2c2wIwOlngHgnTDd0Yj7ZsF6-5MWdt9qXwL5VbvnloloGWTejgIjcZ788oEC_W5l8co5vXtkoll33wkKzNMqT5eCezaTX9aeGRhMuWl2c-i4w5Acx43D_lAUIuPWECZAvFQrd9E_7UUupPLOga4619rMMplSMVJ5epOuPq_lJaHYcp69YSGUefl3aHS-dqgYTWOtUE8tzfQtz2GPyUlhh2oQqVH_ae-BwdLryOnCpSco9qAavE0xSqVdQnHcO7AGsLnAwjSccEpTk1hJbIG2yHA31gc1JTK4ozsaj9mkLbP52Ukl32H9aGIEEh2tjHsUJn3UjykeaPUzwtOlcxb9GNKtPBFOgDMwmFIKsXISFGCgbUih1nHiEqCJcDaU-kFf_j3EPKYZ-VFLKoY-ygTf34-RgRzH314fSfCTK9YFK6uXkVHRZ_5-15UuDnMgxdbJZDlP8hxvLerUvkT7yiI5c2wNiBc9PyuFvoQQPC1Q5QvPO7W7LN4EcKnKUvbklwXto5tVnicPvlhuuIHyNJ-vpve6mdVVCH8fzb0Yvud-jkQFvBa0wOreyaCf4JRJOvGk9GM7zXu1VYn37g0fvMwiFSgApT2JAadOmEYPdpVqGBC_YFeVM4qvuqMgjZcqLy6OHjygP28b9YnJ2KE-R6jvOl6K5J8N9iMfo2e8ty9kNU0SeZU-uj1_S_hwj7ywkdiV4sbyTNvFsDJns5BxngguEUaGEbP9WvbY8nR84A4IRzl8e06zJwU6_gG1ZjJ2GITR3xJtbQAD8pCdx0706p5F1ZhJfkRYe9MUWQjxdtkSGqLGFEr0II-VOGLwzw5RvqgcY4W3cZzIGb9UsGTreoq5Wh3HWomVC2YmmhOcZSHH3aGr7hZlS4iV0Nzg0344iXUBVTj47vfDoVlDzUKFAPxpqletcvA_z5v8SS_8kTrUBrglM9aPp9IDlmseKuGCR2Jlxwi3wKBHk9aq1xvNHKheaTNqbc_Im7PymugtyshJ6XNm7NdvnCERGAjjP0kSF66mB2SfR2HugnJDzb1HVKP-jSE-yBF8bJ3FgmmP6fB3tDpIZ4dKbEvj6unMvhdH49Sv720ojSL7iOktxilF5MST3s1YvxTC8UPDd89L5bXqp2HDV8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F81 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjbe2NtpvZOKuOKzHx_APorKFYAAAAAA4AeAEAg&bg=!8_Cl8KTNAAZ8_aWmXP07ADkAdvg8WmQcGAnMSSQwB9bg1s1qQ0ua6-l-mYfNWVfdwPNbatd45NMr0VNTZJnYqjFfVIO6BuUU510CAAABF1IAAAACaAEHmQLkGQwK7pF3FWpdly8YG8qwpt_04vl0YwlmNngLCzsLvk6psykUOYO-yMiBdTiyGjyTkEtt-FY_sHtWpgCMfz0S1rzGoT4O3NcebP19oshY9G1boVrgtfLl3Ga5Qh4_WYyzT1necce7vZIWm8jN0S9xeMjT55hS6O6lrpqtxTkjpWOLHyRnSTKF7ecjWtIKT7S7fCiaOEW7z2p_M1wuY55JC__1jxfkFf3KEJGXhIbiMAoRdy1IFuqsLbI72w-YDIcydUEr8u9s9MmPrliw86qfVEUuP-t3wVXUcOoHxjJS4ainzrATrp9aPXe-PdGFD8cj1jRZsdxdl49ooicIw1cq76IZd8ONTSEa9QaQjJADZ3CtLcuJxCxxLJmwk_RGK9mzFUcsRzkL4N6YAsc6cSWAUCubUHXLUY8VoLTWUC-fBIXDjh_00Jnxy-C1dSoWk-p7x_9Gcc7NvOsGH6PLn1OsQ3hP_O6YAFCI_eEiqCP_uHVUxoZqzs1Mbkhbdee2IhoW3QVuSPYpDQ5vKm-QRxRrsH5yhgjx4VKD1_lv2v90v8y1cxZCjmTcrdxGQDRK_lEx_qIM_DIFEMD1exsFl4eW9M4XJWuUrRSNVcrA3N49eLYIUQpBn2vJeKvMlnzzfmZWHC5OLOQB1O9rq6kwJkJ54ng-ZVR2uP3lG2jjn3_0yZzdj_heWUhuLrnPHpp4l7xVBeL7a7syo0c44_beX53kGsyBk4JGpb32_-SwDM5_r1iFvn0C5M3qdiNOcUHbLLs8-rHK6xCpwVLO2gQimTE3p7_zRbdLNiT68NFa3DzTvZy-igpcpH09opVoL9vw90YwYVPxWE4SP5Ls-rmvKu3T3kADEwbP7Ta-s4Asp7zX08IXzwVhF3kDSA21A6N87CMYWgU9R--DGFo5is5frq5PwKmBCycjamSaWsg4x0kA1Rn-SCh1e_WY0M_iYJYjeirctCu-Kre4kcCCwehYhGZM0EWb-XQ
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 92D5 		0
0
dc_oe=ChMI6Iu_27uR_wIVhxTgCh0LagdgEAAYACDngMBYQhMIvIrn2ruR_wIVwhTgCh0MJQ5Z;met=1;&timestamp=1685051960025;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
ade.googlesyndication.com/ddm/activity/ Frame 92D5 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BEDD 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C876 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F4D 		0
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DB58 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F27B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305152039000/ Frame CFB8 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 17:00:47 GMT
age
190713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"c5e753c238beacad"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 17:00:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame CFB8 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
274169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5257
x-xss-protection
0
server
sffe
etag
"6147d0c60b11b4b1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame CFB8 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
274169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28959
x-xss-protection
0
server
sffe
etag
"e8b37e49415a2d9f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame CFB8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
274169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1899
x-xss-protection
0
server
sffe
etag
"de1853be803cb92a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame CFB8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
274169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12945
x-xss-protection
0
server
sffe
etag
"6b8dcbc7470d864f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
css
fonts.googleapis.com/ Frame CFB8 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 21:51:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 21:59:20 GMT
container.html
38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FF3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:17 GMT
expires
Fri, 24 May 2024 21:59:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CFB8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:09:49 GMT
x-content-type-options
nosniff
server
cafe
age
17371
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Fri, 26 May 2023 17:09:49 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CFB8 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
30250
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 26 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame CFB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpkrjn_qLelVHE37MqAt_1BMjeV1G9bc0w2Us18q1lGCHLkAjgAk3TKSZ7lTAi2NYx-W0bFWMdRac5Fh3Nxq7nt6Rvew
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CFB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDDgFN9pvZJaSA5vogAfVhLXIBY3tuuVwv8-z7KUR5IK7-5oCEAEgw4KfQ2CVgoCAlAegAaHAmPEoyAEJ4AIAqAMByAMKqgTuAU_Q8UMKYYvGDuMMmuJzpiuceWQAej0_cBrPaAf1GGfp00DH--2Fe9f4XnwDjrdWKkc392ss2DV9NAm0Ck52SrzbbnpkvjPSezYkHLipyf4WoTj_K4FSECxSsMX8lT0kap6t3tLaUlufIAAummkwdGRxHMsXhMKyFJ3nstPihK9f5oi2m0luK2zJp4UJeOjddjPzx_NdPblT3-8i1E5Sj4YFbw47APFrtYX7Loh_HJtbjj8K0SOYBEecZUkv_cCmdYECIJDy59TmbtRQPaHYLbLXxnwJOlnCJ6rfRCISaT6gjwjJLR0WYoCF1XG9wVnABP2K4sWmBOAEAZIFBAgEGAGSBQQIBRgEoAYugAed_KSjBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJP2AtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgPICwG4E-QD2BML0BUBgBcBshceChwIABIUcHViLTgwNTY1MjQ5MzMyODM2MzQYi9wp&sigh=u2ieMLqLZa0&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB&template_id=484
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/18434376349637310248/ Frame CFB8 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18434376349637310248/2076313506083323656
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2f1e5b3d6a5516bae096cb2f4d28d01968ff7866b65c3528e602fb473c20d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 22:50:21 GMT
x-content-type-options
nosniff
age
169739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39769
x-xss-protection
0
last-modified
Sun, 21 May 2023 08:33:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 May 2024 22:50:21 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3995853839924061625/ Frame CFB8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3995853839924061625/14763004658117789537?w=100&h=100
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ed0f134474fba6bff3ebfcf124a879a3baad6a9b482f8fe52222da8a4282d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 05:09:59 GMT
x-content-type-options
nosniff
age
319761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4100
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 17:17:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 May 2024 05:09:59 GMT
truncated
/ Frame CFB8 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CFB8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd1a3d3e456380e27163075b96a7d7c5c75324f00bec26d9cfef3ebbdf40280

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CFB8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 16:10:14 GMT
x-content-type-options
nosniff
age
193746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 16:10:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CFB8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kanui.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 23:14:12 GMT
x-content-type-options
nosniff
age
513908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 23:14:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DB58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBSTqN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTmAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkmP688VvuCymk8Jd_25wci6ALGhtT_Yu0pCI1xbFRd4TzFVkNM6l4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDMxNjcwMzMwMTY4NDMxGIvcKQ&sigh=Mq1HtXdDXWs&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame DB58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hnx0jg6b4rh0hw0espxq2awnyvgs58e7qs0tkd8h92h7fw2kq8kry3yp4crtjzvdyctnd78y5azdndz132fyrh9fpdahdhkb5r1bas0hxf9pgm4r7ccxz6t48z55qh60v9vbs2t9e0n1pf4paezbdxvsppc21wqsfpqzzrgqd7x0v7efakgh7kstnb28rtxymxzmmwmck1apngvrfx2txv2p5q98v4qemjr01pv833q906p0gz04a3d3k4a2v98azwpbg5mq85a6dmnvs1bxmxfgcxchdcx6bkm1sj0nrq11mbatz4d5c8fkx1v9b36w5vsj10w2c9tqrzazz7bgkw3xztthq9nqz1x70m168mh59fkyjktjvpck3j1mfbv6rnbq2161sbp248&b=ZG_aNwAAyRQK4DQbAA1CVfy7_uXPoILRtatRyA
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D90D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd8dfbe8a3c88cbf1413b90d7f684a474311a657b5266e7a6f33fca0a0bc669
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b7f5a2a699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame DB58 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FCCE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame DB58 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame DB58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTn3E386Adl3gHUlLVzfQFmj0Sl76N6OuteciSlACvnqAgRqEkkp5iGmXr6ofoBy-85pr8wfpNm1duCLwb5BjhZoLSstg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DB58 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
544025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB58 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 21D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrYN9N9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTqAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdCMAsEWxDO2R7IaevMrJ3Wtpg2aatYi5f20MpDXW1vzh4YgeDV2aOAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDMxNjcwMzMwMTY4NDMxGIvcKQ&sigh=qehzd28wWcc&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 21D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hs59q2y69jwjkresrn65tnar3xgq76mh0m85ssgg8hty8z8m06rw7h2vmvvsgddpt1v4vjv7pa8p9srexb6g5bknf923ntkzs2zx7v1xq14vy8y7hgtjtsm90n1knnvh83cffemg77d9mwarjrsg42m7rbt3vq7aet2zkb06ffst8b3g431bxx2bbh53yheyyxea3a8dvs8kndt9qrh2xe7rey3t639he1he15s80mywv5y3w1y2m5c7tx8fz9e1xe1zp5fed0sth7nqgh40qhqg7vq3hzhx1fwr9s1fvnz9b3sbznsycqkddvcbzrrc37h0kvxetd1sjyke1xckkhvvq6d8bjvxt95p0zscx1cja7pnd6k069j355fspt18b58c02t2h938dv3&b=ZG_aNwAAyRUK4DQbAA1CVb_AKCgetqsrY10amQ
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3B65 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0caac607e282cfad3d7ccc678ffb212d0ec78e88ddbbc7dd65b0a53dd8f2f3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b7f5a2d699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 21D7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE35 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 21D7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame 21D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToOlehRtLUh6b3pAA6r7QDSk72THfL5iphY-3V2l_DlC53Nk_R8UfbXs1W2-PbA4rNOL-zHL_Nq5RcT7UqGdoM2z2s9Q
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 21D7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
544025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 21D7 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0DB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce_buN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTqAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXxD-0V0kH_vGwDDFlhO5I6yrYjhyh2N3_ygE7vbmCQhbOnvAUuvKOAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDMxNjcwMzMwMTY4NDMxGIvcKQ&sigh=O5khwPf3AHo&uach_m=[UACH]&cid=CAQSPABygQiD82Nz8ldV9IVOKvhxTUnl51aoSr8CoVpWJSFtNdDYHaVKk3FfZJb8j-Zjp5rZOXunBZRQhGPbeRgB
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 0DB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ghptdpzztn83m29e8ma3apj7qr9fdmcv781rvvxcy2v7826443w2sxq0t28h35d53cs8dbmf8gdv2qn0jhhx6a6dj4z9d3gscchfgc1gkcmm71ahjet2xwvn0s5y2hxsnbkg3rqb6qs8baz07p0tc4dt8w6vafs8gqeqswktcbxv7pjw2y1xap0w1y1v004n55terkp0cfqpgypymwcs6q139tewb61fr8yx398g01ec59qfb9a2sq6df2qmnp84m0gyytsgjke61e58k5yma6nky3t9a8xvv8j24vva9dgf3nw58fmbmvetmkcxkv2ah08bhz2daw60gpwsf5bjzf1gtn96v1tq3z5zbq2wdraywgq337y7tzy83n0ezsq1tybk0yb5bv4azy9&b=ZG_aNwAAyRcK4DQbAA1CVQH_KMIaNMiBiGVZaw
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 6218 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4575591366d227da49a6d786f99d71b4a58e2e13bc869b9c75e1617163f686ed
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b7f5a2b699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0DB9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 17:46:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0D90 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0DB9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame 0DB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaScIV5JGgd6menBJ-dfsjorN8h5qoqhZjY9iXB0_Iy4dDnJ3ZMRm0rjeOqKN2fccn6A821CrO5nad7wQGNNkYw5mABRJA
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0DB9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
544025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0DB9 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:59:20 GMT
sync
x.bidswitch.net/ Frame BFCC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vn365pUuDIvj1rJgGNe3Ji3-78Gq_pn8YJ7BwA&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.232.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-232-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BFCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_cm&google_hm=ay1HYlFtbEpVdURJdmoxckpnR05lM0ppMy03OEVoZEIzS...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
685157
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GbQmlJUuDIvj1rJgGNe3Ji3-78EhdB3Hx1tygA&google_gid=CAESEJ5moQJvzDTpBwfJWiGfMrM&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BFCC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7569285522747727775
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7569285522747727775
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1082539
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87f248d8-a215-4d84-8d22-550d0f85af56
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7569285522747727775
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame BFCC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-lqWqlpUuDIvj1rJgGNe3Ji3-78Ec6yckai1Euw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:20 GMT
AN-X-Request-Uuid
5c35f85a-f0b2-4d73-8740-6387860972c9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame BFCC 		61 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Eh5ZEZUuDIvj1rJgGNe3Ji3-78FGOG5JhXeVDA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 21:59:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 25 May 2023 21:59:20 GMT
tap.php
pixel.rubiconproject.com/ Frame BFCC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-P6rJ2JUuDIvj1rJgGNe3Ji3-78H8YilFD1tVYA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame BFCC 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-y8m645UuDIvj1rJgGNe3Ji3-78ErczKxNx3z4Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.45.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-45-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BFCC 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ZNlSLpUuDIvj1rJgGNe3Ji3-78E2_Id4O4e17g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BFCC 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ukCe-5UuDIvj1rJgGNe3Ji3-78EnQ2qcv5AE5w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14535
um
criteo-sync.teads.tv/ Frame BFCC 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-pzLXbJUuDIvj1rJgGNe3Ji3-78E-wsLuYejkHg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:20 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame BFCC 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-tQ6AmpUuDIvj1rJgGNe3Ji3-78Em9KX0AwQ4pw&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame BFCC 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9GHh65UuDIvj1rJgGNe3Ji3-78EzMcjgLYUDJw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame BFCC 		43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Z1aGaJUuDIvj1rJgGNe3Ji3-78FEN2Ydohc3bQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
last-modified
Thu, 11 May 2023 07:59:59 GMT
server
nginx
accept-ranges
bytes
etag
"645ca07f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame BFCC 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-vIUo7pUuDIvj1rJgGNe3Ji3-78Et6mBOZhaLpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
rum
r.casalemedia.com/ Frame BFCC 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-73F10JUuDIvj1rJgGNe3Ji3-78EuU-6L7Dt1vQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
demconf.jpg
dpm.demdex.net/ Frame BFCC
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8
Protocol
HTTP/1.1
Server
54.229.40.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-40-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0d6340410.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7u1p7RLdR3E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v048-0c10a81bc.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
l435MubwS8o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GeyWMBS9XUW-LyHiZqqnokEapsgYKJd8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ Frame BFCC 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ALPxMZUuDIvj1rJgGNe3Ji3-78EiYd48fO2huw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.172.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-172-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:20 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame BFCC 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-R_42EZUuDIvj1rJgGNe3Ji3-78FWklRSDTVbYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame BFCC 		0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-B_oGGZUuDIvj1rJgGNe3Ji3-78FrABP0J3qzvw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.141.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-141-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame BFCC 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-OwwcjJUuDIvj1rJgGNe3Ji3-78HCqk0-YJEPzA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 21:59:20 GMT
Cache-Control
no-cache
X-TraceId
a7a9be4432b316c7be43cfffeccc4dc8
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame BFCC 		42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-d44wGJUuDIvj1rJgGNe3Ji3-78E0CUkSVamPJg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame BFCC 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-s4SkmJUuDIvj1rJgGNe3Ji3-78H4Ry82dc7w3A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:92b3:de3:12af:b1c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 25 May 2023 21:59:21 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame BFCC 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-B5eiU5UuDIvj1rJgGNe3Ji3-78H-rsOrmxQhBQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:20 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame BFCC 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-LdYX-pUuDIvj1rJgGNe3Ji3-78FZSr1_PRiv1A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:20 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 24 May 2023 21:59:20 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame BFCC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-snlIr5UuDIvj1rJgGNe3Ji3-78Ft9Dj4EyBz6Q&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.50.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-50-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FCCE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1&google_push=ATf1kGN1F_BGfxAVHvOjNg-R6p5knTfkz29mk-JsJaKG3UhZEo9YtUev6wagupobIrdYPK9X7I2Yo7GeDl-rd7lkI9uYskxraFnI
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMDM1ODc5ODcxMzIyMDQwNA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMFhUEDsUWZwlUcJRwiaf3s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCCE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPTU1je-c_z036ec7uAysri68PXsMaQVEWGZmZaXGT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPTU1je-c_z036ec7uAysri68PXsMaQVEWGZmZaXGTHa8CLnV8Kc960D4rQCSOevZMBbbzfX8i9QIUhL1apwryR5u2tzgfz
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWJmS3ZDN1kxUTJpWnA1&google_gid=CAESEAlzdcUljjY_V6OQsOGOppo&google_cver=1&google_push=ATf1kGPTU1je-c_z036ec7uAysri68PXsMaQVEWGZmZaXGTHa8CLnV8Kc960D4rQCSOevZMBbbzfX8i9QIUhL1apwryR5u2tzgfz
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame FCCE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lR...
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd10b810e872bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
194
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNxD62H2CYfhwWPHz6eZ4rCKZmhyTD9xod93J9jzZM83VnZISgygRvjlKL8eS5eAjg9KUAVViZUatpDLDrJcy_HZBUQ8lRv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd10b7fcd6d2bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCCE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFd6Cua9mxWNl-sUdA0348A&google_cver=1&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaaUFWjAu9B9SRt8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaaUFWjAu9B9SRt8
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 May 2023 21:59:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF4D73B2B10460682956713A50E86B9&google_push=ATf1kGPNxkDrR3EIJLtyXXXuF7syXEc-EKWNP8rYWO0TNKQAFjhSJsRFz6CXMGKjNI7VbLZ1To_-68e6C3v1yaaUFWjAu9B9SRt8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 May 2023 21:59:20 GMT
google
match.adsrvr.org/track/cmf/ Frame FCCE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEdp63Qg750sokbwlDDAL6c&google_cver=1&google_push=ATf1kGORSERj3g6DzD22zSTOqQdIzXpPVZsr1kN0mdyH0w49-0tSRMVgm-ZiSWMz8G1jMO5uUCpEYfmu7CeqbAR5Fr9SOZYWU1KE
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FCCE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGOrwO2f9jjl4zhS4ZpK9qMvJ01ME6jMYjX14S32uHVjJPmcgTIlmCbR--bIZ9m5M5gH5RBpwf0YHqa6TYcMVnZa...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1353dea7-8c1b-4151-98b4-2a13c53fee88
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1353dea7-8c1b-4151-98b4-2a13c53fee88
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3f498af8-6378-4cfa-8e4d-200a7ce996ae&user_group=1&ssp=google&bsw_param=1353dea7-8c1b-4151-98b4-2a13c53fee88
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
report
sync.teads.tv/um/ Frame FCCE
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEXKmEXvdUwT96LxqHsMN34&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNMHz6O9ZuWhjE--QtVQM9-p8gcEaKR4dJ3rerZKAniewSkGqEdYSX01giF2P3aeIM3OMfVnRQ5qam-_ZaGUi86GEdfSrKXQg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Thu, 25 May 2023 21:59:20 GMT
pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FCCE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUS2IiV-fXPUl4jVJkWu5AytYEooOtGLDGVUs2BfNKPkon3jFIHkVnXXMJOMzs8oCF37yYiA
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame DE35 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGfPHxAG2xInZ4U98seS0is&google_cver=1&google_push=ATf1kGMX3qBzQIMdjFscQ2P0jCMkKVnYJq1ETpBbRZDA5fS0e2lEzph_a01czX4aIJeSkELRjjgmqHZQF9x8q3wuSgl8XOGdBjBn
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame DE35
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOU...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd10b810e882bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1106
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKqRSq-4kUAHhbnAbIrqes8&google_cver=1&google_push=ATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNKTmtHrTeFr8EF-Lfs8hamH_LDZ5ywv64c9Ru9hC7iB2t1e37_NTvvYIX6vjyD9wcFlYvjJTGYSLmnI1a2KxSq16tVgOUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd10b7fcd6e2bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame DE35 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEdp63Qg750sokbwlDDAL6c&google_cver=1&google_push=ATf1kGNrltH1rvQlIWS85yTaFQ2nI3iGkwS5M_RjrSPFMhpcxkbEj0ejqRY1c8UuMk4gFDDCK2GYXBfLejORISICJPzvtB8FZuT6
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DE35
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHbtteUZo67nYYnMx0eObgg&google_cver=1&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMsQ3L6LLL3hjhIB5oRg2lthNQfRnJQz6LbDWwUVK7hlxO56Km6FchX8zyILHyirHLQOF13TSIw-3gmWP9IYBL3jxZVns0&google_hm=E1Pep4wbQVGYtCoTxT_uiA==
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE35
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECTVIHFF1BtfZHgmNWVQfB4&google_cver=1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2b...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIUzctUC1HSVE1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2bIgB3NdZdqgPkNDORQNyKeHwE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIUzctUC1HSVE1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2bIgB3NdZdqgPkNDORQNyKeHwE
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkzT0ZIUzctUC1HSVE1&google_push=ATf1kGPXaJJJc7Ezw7Mw5fviWvTQtl2qWE50YzavNnicSOy8ULI3wSO_xZ6O4UofyuPPjMWJh2bIgB3NdZdqgPkNDORQNyKeHwE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame DE35 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEK348qPcRej-AvJaCoaBUYs&google_cver=1&google_push=ATf1kGPUjDXwo6JhBPHHxv7aqWLh0eUIRuKgOdOa6nPIrx7mPpG5AKygHiHerxOv5TnhIDbNR5F-cP_qe2LkYX33Ffd8jsVwCMND
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:19 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE35
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn2ksDjGjIGS2s3jQkD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn2ksDjGjIGS2s3jQkDBgZfpThQCmSS9-12TMAv4Y5ftqY0-d64y9pgpTyvmPFQ-rc6MBBl6V3xnL52iDukutLg
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 May 2023 21:59:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.40; 81.95.5.40; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9781cc17-14bc-4335-89ba-77f9da49ffa2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU2OTI4NTUyMjc0NzcyNzc3NQ%3D%3D&google_gid=CAESEMlQyZNcIHD3PZr14c2a8Kc&google_cver=1&google_push=ATf1kGOcz2he2tlAn2ksDjGjIGS2s3jQkDBgZfpThQCmSS9-12TMAv4Y5ftqY0-d64y9pgpTyvmPFQ-rc6MBBl6V3xnL52iDukutLg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DE35 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKtvwZgKE4rs_-cfvNv5Ioth_aWIbBP22zoi9GACxlOiXIJAtOomfAJY-lWdrjQxDon1DUUw
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 21D7 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e56aa5dc8361558e56e2fbc4686388a6ae524c470d459c555b3159126cd3bffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame 0D90 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEdp63Qg750sokbwlDDAL6c&google_cver=1&google_push=ATf1kGPSgCiAxHEmWCX4aHMGD7jhUEaIZwQyHpSLSZElaoaewZ2mii2Zlld7FeZZ5CMZ0c97MRg8hlOfBms4-aLJmVIuN4zR3AJb
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0D90
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBN0N05MiH0EiTlr8Zekf-k&google_cver=1&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5NSEUtbvcqpa5XBdK_&google_hm=VZmDpI7rSH6_C4hVn-8yqig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5NSEUtbvcqpa5XBdK_&google_hm=VZmDpI7rSH6_C4hVn-8yqig
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPHoPrlyoMxrJ2wap5G0BR7L1Hjwe396XoCF9ovHMndUTNCvU_R3fJ77gtjpFTmFDTD_D2sUq3rwm5NSEUtbvcqpa5XBdK_&google_hm=VZmDpI7rSH6_C4hVn-8yqig
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D90
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_hm=ZG_aNnyM0A68dk65JTbT-QAAFLAAAAIB&google_nid=index&google_push=ATf1kGMkY4xqEAF7h-Bj303RR3OV8QgMMbAlN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_hm=ZG_aNnyM0A68dk65JTbT-QAAFLAAAAIB&google_nid=index&google_push=ATf1kGMkY4xqEAF7h-Bj303RR3OV8QgMMbAlNgI1-sTTGMei-_ncmywCz1eU63SXnwxRzRsOtE0uje6DHWnZKDYvmCD0ebIMbZY
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzh8V7ZxW-KMsX1n_3iFlw&google_hm=ZG_aNnyM0A68dk65JTbT-QAAFLAAAAIB&google_nid=index&google_push=ATf1kGMkY4xqEAF7h-Bj303RR3OV8QgMMbAlNgI1-sTTGMei-_ncmywCz1eU63SXnwxRzRsOtE0uje6DHWnZKDYvmCD0ebIMbZY
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0D90
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-db9aaaef-acd7-4a32-bd28-01267cab7894-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPSFjM4KFSDyn7AWI2Xi...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&google_hm=A9uaqu-s10oyvSgBJnyreJQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&google_hm=A9uaqu-s10oyvSgBJnyreJQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPSFjM4KFSDyn7AWI2XisD93enUB_Po38hlpB0kzucvXN_9Nfaqsq_H6KhRsEbDwTdh9N95Y5VhLl8gfehBBsbZj0DOht2R&google_hm=A9uaqu-s10oyvSgBJnyreJQ
date
Thu, 25 May 2023 21:59:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdb9aaaefacd74a32bd2801267cab7894003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 0D90 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEK348qPcRej-AvJaCoaBUYs&google_cver=1&google_push=ATf1kGMwxn6kKYh8HhbO7K4v1gL4ltmPUI5V0qLMvo2DLj9_sBcWOfBoRKOj2TZGnuiPpyW2fBy81FEv6hLhTRR7zNSiB6BDiBvk
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0D90
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZ1En7RgYWTmkPFpI7E3hs&google_cver=1&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Nio7dobVtQEcsWP7Pcy...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Ni...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Nio7dobVtQEcsWP7PcysxwSnPIQnoJ2nC1ghPKGKze8rm
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15RWplRFpSRTJ1SGVqeGV2dG4wTm1HYVdXUVFxOU5RMn5B&google_push=ATf1kGPPdXlEhMrgkfemIPBDvWc_PwdooVv5QSjNhPHm6WviFuXHGl_Nio7dobVtQEcsWP7PcysxwSnPIQnoJ2nC1ghPKGKze8rm
date
Thu, 25 May 2023 21:59:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0D90
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENd7xgTJ0IRACYO78rCVfaw&google_cver=1&google_push=ATf1kGNNRDXFj4BGHh1XcpTIjGg3Ja1hzqStty3dfUWl_0IUvJIcUUqQnvChilXQSsIJavHHzIv58Ft5-94...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNNRDXFj4BGHh1XcpTIjGg3Ja1hzqStty3dfUWl_0IUvJIcUUqQnvChilXQSsIJavHHzIv58Ft5-943qbv8CQ4jq-DGgd4h
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0D90 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNvQOqdsHWCvlvodI6aaeyfQPLN71rIT2ndsI9WnughmbMfMhrv91oXeEMuvBHCgXeSajekFI
Requested by
Host: 38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 3B65 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKjipSIPULd8qhI3VOft46LbEbNGFMFmDuWwGODJYJUAo%2Fv7zh6zelKAcnTOR%2Fs%2BrwTJZSdMrQ1klJCnkqFFNRPe42Mr8Lyngo9wpsFIRYJsR3xwPFx2nav6gQL6%2BcvNaNd8F9bSN%2FQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b800ab3699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
r62eglto.js
ad4m.at/ Frame 3B65 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
202406
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6Y7nRSgYPJEUmIc73KLt5KCt%2BQ%2F7pqd8ePn9%2BM1u8hpnn30dcTOPc9H%2FjGIucMAw1s4MeRmVDcazU1UeGbRAd1N53UPmjzM5ue5xOUFzoICZAHh9sCDVimbPj%2BDIHS2uZ3cydw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cd10b801ac0699b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
truncated
/ Frame 0DB9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aeece7eb8c03a34af223b36a7b24d66ef97e5f9ebeb97650d86dfdef82b4a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 6218 		103 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEadlrhTyIL4sfrbAAnj3TRq4Bz%2BrSISpF3au7THGJpGu4x9gfmh5s2UfGvMUVwPRp7JqvBIS5EiD1mnjzrz9I6blQWiKDvV3vrxGovUX%2BChMHF9qV2SbgHIOFJMgBXZwwai6uH%2BTVw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b802ac8699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
r62eglto.js
ad4m.at/ Frame 6218 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
202406
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoVoarReaelaiRjQDTTQN%2BfUc8qtRw1v3LjDEUNOK0LFvjjZQI1BpPCUOZzi9mYPIvMwQ10t1KouwXTzNZSw88eBCnhkJXiI8BnPDQTdYnC7TivaPhC4ZmzhcL7Wj5XO8pqpo4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cd10b802ac9699b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame D90D 		103 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvAMsPy55%2BgZ4wLZ0Iw4jonznc2jKfaOId5maEvAJIgyXbKPEjsepzk8PUUUjmhBitomMLoq43TLLrP78j451U0YSv67KjrZGMHaJWqx9yLnVf7apmjqZAwhgOHP1cNOVXg4HWU6BhQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b802acb699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
r62eglto.js
ad4m.at/ Frame D90D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
202406
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdghkxYMMxp5liURMPDq3OrkwTb%2F98DJaIZ6ReR9RHdC0UlOmG%2BuQjwCQGQvIsN7GwBdLOhcj22qA1CxF84%2FnsGiRhXGjFDdEWhfddKRdMWoo%2FiMwbmQnEQS8rzzLECOveVDGWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cd10b802acc699b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
truncated
/ Frame DB58 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fce58a506394d5b4a0a5f8ba580904de18efb690c9744df4c7e76682c5b62a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: dafitistatic.dafiti.com.br
URL: https://dafitistatic.dafiti.com.br/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 May 2023 21:59:20 GMT
169f67dd-6038-4192-a0f6-170d9fdd81c0
https://www.kanui.com.br/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef6258f845774c76d5d05f26c052ed90480d17b55996a6f85cac9e745442a25b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
10481
Content-Type
application/javascript
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3B65 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1241
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4tOZq6EIrRCpEnpG8odTTbzjfVNW7%2FOis8lcQY6UDNoSbmXDuvlV3rPbc5CItBTqjuunRAXpzUtZchXghDtNiB3u3Wnl0oqGmcEr5%2FJcWQIDG1d56qIRt6zuP00r5wD5nb3xoCV%2FCHLHgbv9pOHJh2R"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cd10b815bb41e4a-FRA
expires
Thu, 25 May 2023 21:55:26 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D90D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1241
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvsem9vQ9%2BgteaBC%2FRWX7LqxgcSDjWctasUP%2BTCJ31mj36SshqjbGgJjBQtmhLrDv0JFV8V2ykDY0QgPH6cOECWjhMnyflB%2F2RodOUlkL9U9WQLgrOC5VBrkExiIVNgI8iUahVCNGN1j%2BVD5qcYxQpxD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cd10b815bb81e4a-FRA
expires
Thu, 25 May 2023 21:55:26 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6218 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1241
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNu%2FDYFoZn%2FyBNaW7TZjyFCkwaKpD%2FKMxAoDnFFUbZ6ww4guU8z8vO8GUs4RPp0XkVAS%2FeejrWlvfsefsTHM6JyBFA3EaZiUDrWIXARVVOp9Dm182O3gqwlI8zV0AdhFxdPHoW3qv6V%2Bq2gyGFxDBv6z"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cd10b815bb71e4a-FRA
expires
Thu, 25 May 2023 21:55:26 GMT
frame.html
ad4m.at/ Frame 5B9E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1278182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cd10b812b9e699b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 21:59:20 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sai%2FBMFT0s06PXs1FopY6i6yaNMS5OnWagZufvQt%2BBLWveCqyCNayjwBpUhmwxWVUE9nN4h9B2NN5G4XL8tl20bN%2B7bR5Y0icCOzHJNwxcS3qZnvAeOueGH4BasfPLA5IBoOCY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 4BD4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1278182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cd10b812b9f699b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 21:59:20 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYarslUVSXKyrlioYg%2BJnRANjwJ6ZkytF%2BbiH0%2FmHRXo%2F2gY%2FN4ShTXDPRTmdDuWko9%2Fg042iKUb3e2QZwXqV2BEmFQ5p1zjdCoS%2BolRMtdTebJdaABNFReT2s8driSbC7EOdc0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 0C23 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1278182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cd10b812ba0699b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 21:59:20 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIHLoNy8vH2qKP%2FKBphvyi9Rc3v40kf1zrsfM%2B9rSL7K9YQnCf98uQM7j7UKDTpBgWlW%2B1D%2FukqmFjcTx74to3gCwFhFqVEcRfl4defCSuXY%2BdCNjdY3NFB5Uj5zN0hMRZqtqmM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 08F2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kanui.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.kanui.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:19 GMT
server
Kestrel
server-processing-duration-in-ticks
712339
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 May 2023 21:59:20 GMT
rs
ad4m.at/ Frame D90D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e164d75a762646af6c378dfc910eb1ade9b52ec39ac0e957d126e24187bd0a04

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2ACT5%2FrJKtr86BfnmWUJdM8do4K5S7g1Pr8I9RSxvqa7nv5OpGwr4SxlJ7SIHY4ECRJSwBXfqv3Zt22eUUfkEqvrbO8nGnUTp02NTSSdOXR8%2FZqQFuswpaCKl7JXF1Xt70Somo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cd10b820b6192b7-FRA
x-backend-server
aa-reachservice-group-europe-west1-22mg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd10b81bb2792b7-FRA
content-length
24
content-type
text/plain
date
Thu, 25 May 2023 21:59:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abn4G1MVTg94MU%2B2sfMSvrHBlAm3pfT3z0JxJpqyRgFuYaBW2AXCqVmF3bSdcwy8H%2BFxWImP2dtlF0mcOwrgFczP8IgPV4FRCY5s8314nk4lU0Gnymw7C03NDXNUtHyn6H%2FX%2Fp8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-22mg
rs
ad4m.at/ Frame 6218 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58cc4710abdb905df22405105eec976595d70bcf0776278fbc3f812b164729e7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z0mZM5iIitun8bHd%2BzMc0PW4CE%2FfC16gCeVKZzDAKOUxnY2cI2f0gtnIcbIDMzKDySz1o5JUl5igkQ3HcOJxF3AHtCSCJDt2s1c3X9J3Lgvm4d9qXsJ2%2F9J9ggKfdviVTw3VFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cd10b81fb4f92b7-FRA
x-backend-server
aa-reachservice-group-europe-west1-22mg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd10b81bb2892b7-FRA
content-length
24
content-type
text/plain
date
Thu, 25 May 2023 21:59:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytjzYY%2BA6N4FnngkEBnSbo24aazGopu0qsP8ryZx6qAl4%2FZu8T85OsWLtJJEXkVHGE8qn2D%2BEx1R6Y017%2FrdXWzu4FS7vtZ%2Bsmy3mBLT%2FzmvKiB2HOj%2BHudg1iLaxRvYrDypavA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-22mg
rs
ad4m.at/ Frame 3B65 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc15c9a762a2ef4fa9f61301249d1dfc04a42b78dfaec450ab4f75af3652f140

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veSctZ9d7EHxWmgFp8YHVtuh2W9HSXqGPdEn9FqMaU2k0kUH%2Bswd%2B6js79DKHw%2Fz%2F%2F0LpUPUQ9OQ3HCwljbg8Wvo%2BGWqU3iOLsVp0g36ZRPdH3S2aerf2pD7GweBARogsjFY7q0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cd10b81fb4892b7-FRA
x-backend-server
aa-reachservice-group-europe-west1-22mg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd10b81bb2692b7-FRA
content-length
24
content-type
text/plain
date
Thu, 25 May 2023 21:59:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kk4VTdvQQMHDN7q67lN1mT9icdDqyv1fIZlhvmtMA3rtXMkFh0RRAm3ImbECy%2B6i1QMZj7jeEJtzycxpSeScIZOQEqsxt%2FtlFVoeWU%2BXNj6bY1XzxX%2BFhpAzJ12scHCH%2FL5mjWk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-22mg
rar
as.ad4m.at/ad/ Frame A7A7 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e58c9ed4e7476689303e4169c343f18b277902a363dad3f39d0591f59fcf6c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b823c61699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 7E3F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f07df032188087dcee6c22910ac7f794ed057176fff027789790e540038eae52
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b823c62699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame A7A7 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q2li9iO41bqvDKEF4uibytKh6P6U0Iuim9xbjvJ1tnOCMFYezQ2rPgRwOoa8Sk7sBlnQOdcuR0lwIa01c1EuLfIYhAbIaRMf%2F3IAxTgt8npaXrHj80JOAiZ9ObEmnsDntkCxQ9dIHw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b827c86699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 7E3F 		103 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44t5niiLwSDhaYtPxT8MmLYNswCXYAzpdqFk0D%2FjaQf0hFJY2RyQMeWSif3QCqH1uo0oFvuvYPuGEU7LjBz9b%2FmPxFX6Zx3ZuiWQimLOqgSRTD9d5bm%2F4vDNLHH23X6d%2FxvvfUOgJRg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b827c88699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame A7A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18950
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VTdN98HLCj5ChWI1rm3dHk9JJ5tq7zyWdAwwAPO1G30e4QSj9xbxuCsleQqMRIIctzmHawTqJdl%2FJmTM4x%2FwYUBSzLL%2B5JaVXOUwrOYKZEJEN3DuA0UyO46N2%2Bzuy2xgZyQXbf9MfUZHFqO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b828c94699b-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame A7A7 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174477
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GS3czvtYO7xS8VMueMc4DzDKZsvxskndA4CwSf21dZtcTRDh4p6LQN3J%2B3jTExiq1zB3kOlL0q9FiJ1Dh%2BoxMm%2FE8BLLbzyVpfQJkBgXROy6xSoTjoLmFbCYnBch2RqKxOiMGeu40wq2EOnN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b828c93699b-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 7E3F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18950
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEj87NLItcncPFc15UZcW4IzKf3JzInrKPGPiZDQbclyrrkPIpOsTu7OSDjjLtibZCV1fF25DjPIY6USh%2BUs2dOb1t%2BrUCH7bvxzOzAmBOTt2vUkP2UBImZJiXUYkZ2CWDrYFo6jqnbi3yoj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b828c92699b-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 7E3F 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174477
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd94cBDM0A2c97MArqSS997T6R1sl7PkfwA%2BqVYQ3fFHxPcGo4pqd3VNAx%2BEjUT7Ema7r%2BqSWFl5bnhys6VbMaBmcFFWJ0FEwaWlQM6SifAOM%2F%2FOh9bzHWok4sm%2BTg2i%2BfgEe5TTDU8Px3RQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b828c90699b-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
link.html
track.webgains.com/ Frame A7A7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jt7b5qewjpmamwfszvgpxbq15dsreb91pg1f4pc0tj4mg3ewprpg2kbk6br9tah6kd3tptvqekj24zmsb4azqm9ed9fdbxzn60qmw41mjaeay18w46sv118vp62hnsxjam3e9j9vz752qtyjmktbzsafj2y6pzcda9cz6fy0m4g4p9cpwz8ty1gk4mw56x1rxskm4q8ss0aws1xnkgvnwsmapgc90yt5yskk31dssj88jpn94q9dpk7q7eeb7yd45tbc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%252526client%25253Dca-pub-1031670330168431%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
8801dbd26dec1d5fc66d380cb2ce8cd3672c0e4c42061f821c259297fcc8a2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
last-modified
Thu, 25 May 2023 21:59:20 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 25 May 2023 22:00:20 GMT
link.html
track.webgains.com/ Frame 7E3F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpevknv5zn06qs3tp8wwc9h1jkh7dse328sq20g06c4z7snkgqs7knw8hpy2hbv6xr7asas1gvj575rz9m92z62v0rzqy2m5cafrp5bvwnjm8fqbv50542heck8fgc46na3mq3e5n4fbvhnxbaxsc8semfqm417e18wxpx6dpyn33f4kjgnvw2ppnbj8jey13jrnfw3fqjvvchrbzv2dq8sv4mgd2jcrb6nng4ewrgr797zcw74t084b7k77jnp4280%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%252526client%25253Dca-pub-1031670330168431%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
edeb9a11459312fd6e13d3e6906ab4cf5dfee3f66d4dbea92c141019ab1316ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
last-modified
Thu, 25 May 2023 21:59:20 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 25 May 2023 22:00:20 GMT
rar
as.ad4m.at/ad/ Frame 3BEC 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1d8e548b410ce60c5d804b555b6fe8e8a6a92dd6a22c503f82d39d3048cc22
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd10b82ccbe699b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 21:59:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
usermatch.gif
beacon.krxd.net/ Frame BFCC
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ujj0S0rpsxExmiLebZWo5wKGSOxow3Uq
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ujj0S0rpsxExmiLebZWo5wKGSOxow3Uq
Protocol
H2
Server
54.154.227.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-227-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1685051960
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ujj0S0rpsxExmiLebZWo5wKGSOxow3Uq
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
744354
content-length
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 3BEC 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
21611
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmLqTVUz%2FjPVPUWzQUQ62%2B04tRAC7AUNi23BglftD6MMDQ%2FaBtkrB6bvniCBtHBC%2Fl0cqcIp3ZwNjw8nsEXjvW8vQbgzzPBHL9gRMgVAs2z5MsOhtU31xaFua2S5QynlMb%2FbmSlvACk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd10b831cec699b-FRA
expires
Thu, 25 May 2023 22:59:20 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 3BEC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74379
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc4rReH5MAd%2BHE%2BPlSHaIyhKLFjV2WLlec7FwNVisXH%2Fvu%2Bm4CSVYoZg%2Fyhk7WD0cVQWFNRM3iTaZs3OM9jTAPcENRZyTJ3qC13vvvufP86lHS8Ijzei8kd2omRs4mDPnWKPSw2wfC%2F4Jiwn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bcb9c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 3BEC 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2332659
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qs605IBSBHHrskOYbSWf5eNm%2FgGAgpKxEhHgHa2rcdp51VmFSZNDSkqTqmuwxF8SQCipcVfWxLNp1D12ZnUhPcgHtNwVUzQ4vobJxPKr7pix%2Fgw8rgtCkOgQHmcXYnp3pQjkuYYpRZbZitFY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bce9c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
cshow.php
www.awin1.com/ Frame 3BEC 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 May 2023 21:59:20 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 3BEC 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622120
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mAXP1w47Pz8Vz8xkmjazDpB88oVXatBEFpZeMjIX7sZkcOSuWicCu%2FY3GSPwEx%2FsbDFkjVcKFB2%2BA%2FyE%2F7lcOklThDxqOWB%2FVo3nQmzYfIGb9ZssPLJJSkTLEDvV6tVo2FPpc8sxqrJl%2Fz7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bcf9c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 3BEC 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272372
cf-polished
qual=85, origFmt=jpeg, origSize=156576
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34068
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD3UwPuau%2B3JU1gmimHTpJV%2FQQj%2BVI8p39P6rAvR7bety%2BIWJTv0Q8T1G5lTk2jChIOaCmBUZGVrlnXFkJvowlxIdyc9KYgPN6oVycSWg7oe9bFoTQ3bRS2PFQFggTj7xDkinQJ6lwPLdS%2By"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bd09c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
/
partner.o2online.de/a/ Frame 3BEC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COnsuNy7kf8CFZ6g_QcdHoIAtg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 21:59:21 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date
Thu, 25 May 2023 21:59:21 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 3BEC 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16302
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9782
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3evAgO8IwvdAmBPhVhgJ2PiCeBssnwx%2BzwLfJlxh5KVOdFStu%2B8wjoCzkVkbm%2FDQ1ncdoBEupRieppY5n7gXPexcABdkibjRpIOmX1T61F4yiH7DIqqHqG43%2FPLM2ZBwSSMy4eVGld0ejvO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bd39c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
C46FAB7ECBBEB9AAC44CC71AD6D73CAC7BE343C5E224C9E3454D3D3D1BF3239A1C8269B1A97849DDA7E0429B748D23A640B3D869F5A030B6819B51CC06E2E6BC
assets.ad4m.at/ Frame 3BEC 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C46FAB7ECBBEB9AAC44CC71AD6D73CAC7BE343C5E224C9E3454D3D3D1BF3239A1C8269B1A97849DDA7E0429B748D23A640B3D869F5A030B6819B51CC06E2E6BC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c422b7669dd5905e74935e23ef2939d5667dd9620422cc1867151b98012228

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 21:59:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1208286
cf-polished
qual=85, origFmt=jpeg, origSize=121526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42378
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 May 2023 13:30:32 GMT
server
cloudflare
etag
"d6eb2414790136755d161d009263f217"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4a3sgxZX5zV2iCzTZB3Ze0EZ%2B5CpJ8lfXTtzjlrMDt9g7nI4Osb1JRSbrjEKVzIiVuBuqrseB2BdhhXIIy0U9mkAzQgQfe6ttyOo7kxDWsUUUolv0LXS7VxZFgB1BZQ5xIgH0K%2FsIQGI3Fb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd10b831bd69c0a-FRA
expires
Fri, 26 May 2023 21:59:20 GMT
2aed39855b5f46b73641100396ef4a14
pv.medialead.de/trck/epv/ Frame 3BEC 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b73641100396ef4a14?t=htlp&subid=oneid816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 21:59:21 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
515F0528:C8DA_91EFC182:01BB_646FDA38_E7D0C68:6DD7
X-IPLB-Instance
40027
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
sid
mug.criteo.com/ Frame 08F2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kanui.com.br&sn=ChromeSyncframe&so=3&topUrl=www.kanui.com.br&bundle=mGPHG19sOTRnQU5ORk5yeFRqUkVRM1owZHhjRWphemlHaEhOcEZtVkp1U3ZTTGo0QnklMk...
  • https://mug.criteo.com/sid?cpp=RRSz4Xx3YnlEaWtORFBDb3h3WWhpOEZQdUJKbytjdGlVeEx6MzNiNFA3OHhLMDFuR1VCTVkrbGZia01WTmlwSVFUc01QS1FMR2JOMXJWOHNkWjRiUjdQMWFBMjhET2hHazR0WmdyM2pFWVBJRGpOb0s4K0hjTFRhc21RZU...
419 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RRSz4Xx3YnlEaWtORFBDb3h3WWhpOEZQdUJKbytjdGlVeEx6MzNiNFA3OHhLMDFuR1VCTVkrbGZia01WTmlwSVFUc01QS1FMR2JOMXJWOHNkWjRiUjdQMWFBMjhET2hHazR0WmdyM2pFWVBJRGpOb0s4K0hjTFRhc21RZUtDTzhNc3duK2pSdi9rU0h5ZVEzWGFBSWZ3bWcya0JOSDRLcG1vdVgvSTV5ekJUMktKWUNkUFVqeml0V2pRc0FhUXJPN0w1M2xjMkx5ZTg1ZlFTT1VwbkhPQ3JyS2Z1dXlxcTNLNFgrcDRRSkFYRDZHT3doMjFEakRaRXF4YWlHRTZNSWp2dmhEOTkwMmpPTzVReUw4TGRhdmNreTB0UT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f23a2098f84a1ee0a70e453f2c5a3449ed079f5e0515e6c882590ff92b40cfba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
811388
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=RRSz4Xx3YnlEaWtORFBDb3h3WWhpOEZQdUJKbytjdGlVeEx6MzNiNFA3OHhLMDFuR1VCTVkrbGZia01WTmlwSVFUc01QS1FMR2JOMXJWOHNkWjRiUjdQMWFBMjhET2hHazR0WmdyM2pFWVBJRGpOb0s4K0hjTFRhc21RZUtDTzhNc3duK2pSdi9rU0h5ZVEzWGFBSWZ3bWcya0JOSDRLcG1vdVgvSTV5ekJUMktKWUNkUFVqeml0V2pRc0FhUXJPN0w1M2xjMkx5ZTg1ZlFTT1VwbkhPQ3JyS2Z1dXlxcTNLNFgrcDRRSkFYRDZHT3doMjFEakRaRXF4YWlHRTZNSWp2dmhEOTkwMmpPTzVReUw4TGRhdmNreTB0UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
358340
content-length
0
expires
0
pvClk.min.js
analytics.webgains.io/ Frame A7A7 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jt7b5qewjpmamwfszvgpxbq15dsreb91pg1f4pc0tj4mg3ewprpg2kbk6br9tah6kd3tptvqekj24zmsb4azqm9ed9fdbxzn60qmw41mjaeay18w46sv118vp62hnsxjam3e9j9vz752qtyjmktbzsafj2y6pzcda9cz6fy0m4g4p9cpwz8ty1gk4mw56x1rxskm4q8ss0aws1xnkgvnwsmapgc90yt5yskk31dssj88jpn94q9dpk7q7eeb7yd45tbc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%252526client%25253Dca-pub-1031670330168431%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-89.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 07:31:17 GMT
content-encoding
gzip
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
52083
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
hsbsFhpl1vUeyAYz3rb__1cki-Gsr0oUxa3QcMBO3j5Py8cZPDickQ==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame A7A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685052260&Signature=okXDqlIcitNdEnWjdvY7Dq4hMijugbYiP0z1hX~tvAgwK4H1EAYjS8oTJKlH1P0-TA3Cx2oKORL6oM4h3a6gLSDlVSi7ebR9Jk4Zod9K9VtmJdBWkz-kE752TAfpHCpv~SdYbGAijrLx35c5FMXIXh6bzQLJjMuq-ci8mQS2rzi3nzb889XdhR3kgpK26cb2kjYfBpw5s17URZ5-K-Hs6h~ULnWVIPI3Z~BJ79beRCXaBp0kC9qpwaYcKKIxNg0t3eUlQlvH0mhhHYnCM7Yb8dbVlTiDWquLpuKvOis9v-X-dM5WqyFuYUxM5Q6BSiqEGYb3TqisHOmBVE7~U7TWrw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-28.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 25 May 2023 06:14:32 GMT
via
1.1 c812f87630e842766e842cb048d8c94e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
56691
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
ebguBfWD6yMjh_ki6CeKtSwMbT3893NZ2oJaJQZk9-fmBbFSgSlrRg==
pvClk.min.js
analytics.webgains.io/ Frame 7E3F 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpevknv5zn06qs3tp8wwc9h1jkh7dse328sq20g06c4z7snkgqs7knw8hpy2hbv6xr7asas1gvj575rz9m92z62v0rzqy2m5cafrp5bvwnjm8fqbv50542heck8fgc46na3mq3e5n4fbvhnxbaxsc8semfqm417e18wxpx6dpyn33f4kjgnvw2ppnbj8jey13jrnfw3fqjvvchrbzv2dq8sv4mgd2jcrb6nng4ewrgr797zcw74t084b7k77jnp4280%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%252526client%25253Dca-pub-1031670330168431%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-89.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 07:31:17 GMT
content-encoding
gzip
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
52083
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lRDntm55wBE-JMHtM9fqDoL26fwq9On4mm57h-KaWpZqSV6iw7EEOw==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 7E3F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685052260&Signature=okXDqlIcitNdEnWjdvY7Dq4hMijugbYiP0z1hX~tvAgwK4H1EAYjS8oTJKlH1P0-TA3Cx2oKORL6oM4h3a6gLSDlVSi7ebR9Jk4Zod9K9VtmJdBWkz-kE752TAfpHCpv~SdYbGAijrLx35c5FMXIXh6bzQLJjMuq-ci8mQS2rzi3nzb889XdhR3kgpK26cb2kjYfBpw5s17URZ5-K-Hs6h~ULnWVIPI3Z~BJ79beRCXaBp0kC9qpwaYcKKIxNg0t3eUlQlvH0mhhHYnCM7Yb8dbVlTiDWquLpuKvOis9v-X-dM5WqyFuYUxM5Q6BSiqEGYb3TqisHOmBVE7~U7TWrw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpevknv5zn06qs3tp8wwc9h1jkh7dse328sq20g06c4z7snkgqs7knw8hpy2hbv6xr7asas1gvj575rz9m92z62v0rzqy2m5cafrp5bvwnjm8fqbv50542heck8fgc46na3mq3e5n4fbvhnxbaxsc8semfqm417e18wxpx6dpyn33f4kjgnvw2ppnbj8jey13jrnfw3fqjvvchrbzv2dq8sv4mgd2jcrb6nng4ewrgr797zcw74t084b7k77jnp4280%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%252526client%25253Dca-pub-1031670330168431%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-28.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 25 May 2023 06:14:32 GMT
via
1.1 c812f87630e842766e842cb048d8c94e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
56691
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
_EJ4fCjDpqixJCTGoa6FQUqNp5d-s_tdcpoalHnSHHEkN4-kOVAwig==
cs
s.thebrighttag.com/ Frame BFCC
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8I6pri-sHlHlyGCQzNsP1jaaYVQvySbk
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8I6pri-sHlHlyGCQzNsP1jaaYVQvySbk
Protocol
H2
Server
3.13.159.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-159-91.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:21 GMT
x-bt-requestid
674b6ec0-fb47-11ed-9f6f-0000ac170089
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8I6pri-sHlHlyGCQzNsP1jaaYVQvySbk
date
Thu, 25 May 2023 21:59:20 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
689284
content-length
0
tracking-event
api.webgains.io/ Frame A7A7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 May 2023 21:59:21 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:21 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 7E3F 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 May 2023 21:59:21 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:21 GMT
server
nginx
4e0ec075-d6cb-46ad-88ce-7971e5a9cae0
https://www.kanui.com.br/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kanui.com.br/4e0ec075-d6cb-46ad-88ce-7971e5a9cae0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e2c93ef4550c84e1700dc4596b4c8afd970b14f2d1878c7edc1d6f08c8e16d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
4521
Content-Type
/
eum-orange-saas.instana.io/ 		0
13 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:22 GMT
cache-control
no-cache, no-store
via
1.1 google
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=912173&uid=6552737712912194098&sec=8767638&t=ri&e=1468433&p=1&ve=12236802&va=%5B%7B%22id%22%3A27855831%2C%22idx%22%3A1%7D%5D&ses=77639a1d65770733c932aba285af4dba&expSes=41238&aud=299323.299350.327524.327526&expVisitId=-3479621129720812003&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1685051965552&rri=9480749
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kanui.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 21:59:25 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
5c4QWSlwxrxN9dXOkmGuolwrB4mI-GKRYloxo2ajUp-S4E7fDqxVIA==
expires
0
/
eum-orange-saas.instana.io/ 		0
13 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanui.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 May 2023 21:59:27 GMT
cache-control
no-cache, no-store
via
1.1 google
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics-stamp.confi.com.vc
URL
https://analytics-stamp.confi.com.vc/api/v1/stamp/102462
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDNgJvJ4aClw0XbU47u7K0M&google_cver=1&__user_check__=1&sync_id=6652f1ea-fb47-11ed-afdf-1a377c5d0406
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCqShjvkURmG95BThm4ix0YAwU5fvKc9WHlK4FXkTLmfaTc5p_dJAsah4QRU0WL_m7sMhDK3R5Thwpb2_yQzY9fdqeXCq8-Ov9nNBCZNNi5e4i7xNJdnXzr1umufLn1YRjH2e6iA&sai=AMfl-YTXqJ13GkBs6tFvNN6OhIDMv7QTpx_xv7beyurx-4nHTY3H1YlDxCB-gxwkZYas6XKI22TVdT2Ct_juw_5QHkFLLiTwVUTRjFNP5gziedpQkLU1nAKnc0V1Dk9j&sig=Cg0ArKJSzCAEkB-FWZGpEAE&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&id=lidartos&mcvt=0&p=3791,436,3881,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=3254371550&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1685051958698&rpt=267&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6Iu_27uR_wIVhxTgCh0LagdgEAAYACDngMBYQhMIvIrn2ruR_wIVwhTgCh0MJQ5Z;met=1;&timestamp=1685051960025;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY1tXPpGS7kCguq2Pse5ylLIJoMXN0Uu_T6aPCwUHZE6FlMUcHy69UTBEH3AUNUM6VzQw9e2LjFUYi-iZ9rx5iBXg32CKT_CNDnm7lCxWuQA37l2ZeChZmeSxmddacZHgxuOZd8A&sai=AMfl-YT3IMWgYg-f6NTTxOu4JmM7t1Su7NGlFhv03igkjGdWKuXZokRj58q7jvhvFv7vdt0yySSVHL7xYTrkiTtXximAyi2z1XFFi1qa1e9CMNsG5VTPB2sx6gf4Cvo5&sig=Cg0ArKJSzGGrBhKznYikEAE&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&id=lidartos&mcvt=0&p=3486,330,3736,630&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721833&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1685051958703&rpt=390&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRSSNuKQvZq1mrj11C_fSUU-xstdZMWXi5Mv9kr6Cc-CfKNe9j5vT9z07dErfgiFUza0Q6zrhMeMmGbtQfl0mJOSy92uBEK2jj_4RqIgnwEfca3WILDHaCkT6mtu7AloCP-MwIcQ&sai=AMfl-YSq1JrU-SrZolFWkiG6X6Q0DXPuVUaQNQP0BPrbolNyok1gqIESeYPQFwKtktloX7cnkwCHxUsAYZtrDGHzYGyePyxFS2j6l2oDlAQ4CzrnOSmgfLRzZ-13Htsh&sig=Cg0ArKJSzFpoqyRttK98EAE&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&id=lidartos&mcvt=0&p=3486,650,3736,950&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721832&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1685051958712&rpt=485&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva8Xm1C3P9zYHAXnBZthFy81L1u9iR-ldOGFH2_0Pm_58CDubxspz_qPSM2pvMaM1zMEKRMP_JPuUBcROqAeUM_JANhOdcZC_A_bNLQbttywYogLyz3-HeJHXij6KBTy29QqgzDQ&sai=AMfl-YSSAn0ZLWXBPbSt6duTa1rV-HAa8caksczriveWMa4uA3R_ztGpIIfVGrO6InFnUN5eA2MpSSsmV0giuy1uRKSzDVnmakspaqPzPUQMN7IPnzCv7fwZzL2JwBC0&sig=Cg0ArKJSzBmnTXPBBWZ8EAE&cid=CAQSPABygQiDuNJqV_UCTgstUyfnCU3QUtbpD4YaeTfdFPeJCLsnsCJzNGUT3Tb_gMUREjg-zpo6B3J-2G_KkRgB&id=lidartos&mcvt=0&p=3486,970,3736,1270&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1685051958717&rpt=405&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Verdicts & Comments Add Verdict or Comment

372 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless string| InstanaEumObject function| ineum function| callGa string| et object| apiOutput undefined| oKeys object| DY object| DYExps object| DYO object| _dy_memStore object| DYJSON number| PREBID_TIMEOUT function| dataLayer_pagetype object| adUnits object| pbjs function| setupPrebid boolean| prebidReady function| waitGPT object| UA string| href string| domain object| subDomains string| separator string| mainDomain string| mobileDomain string| tabletDomain object| CJS string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault object| gaCustomVar object| cookieControl function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth object| dft object| socialConfig string| placeHolderImage string| baseUrl string| secureUrl string| csrfToken string| cookieDomain object| dataLayer function| init function| sendCompra function| queryStringToJSON function| getLightBoxElement function| getSeloScriptElement function| hideTagEconfyValue function| getSurveyLink function| encode function| getCookie object| viewport function| pbjsChunk object| __core-js_shared__ object| DYWork function| $dy function| dcf876 function| blockOrExecuteCookiesInit function| blockOrExecuteCookies function| blockOrExecuteCookiesGeneric function| handleExecuteScript51 function| sendTransaction43875 function| disableAllCookies string| gtmEnabled function| enableAllCookies function| changeStatus_7859 function| closeConsent function| replaceAllPv function| acceptedAllPreferences string| pvtReloadPage function| overlayT2345Save function| overlayT2345 function| overlayT2345Preference function| overlayT2345SaveMobile boolean| blockGroupAccept function| acceptOrRejectGroup function| acceptOrRejectCookie function| doNotSell function| removeClassByGroup function| clearSelection function| isSelectedItem function| readGroupContent function| maZeckTheKing function| checkAllChildzz78 function| fetchHtmlAsText function| z400lp function| deleteAllCookies function| insertCustomStyle function| exec_gtm boolean| _isAutoblock function| lpf234 function| checkedDomain function| resetCookiesPreference function| clsBnnerAll function| clsBnner function| checkExpiredTimePrv function| clsBnnerPref number| verifyCloseConsent function| doReloadAutoBlockPTS function| shmTCdPrvTzu function| createCookiePrvt object| pToolsCookieManager object| ElementBanner object| cookieconsent function| portalBanner function| createSlider function| getCarousel function| KeenSlider function| openNewTab function| addDays function| removeCheckedElements function| checkPhone function| openPopupDevolution function| appendElement function| appendElementMobile function| mtel function| maskTel function| showConfirm function| selectDevolution function| unselectDevolution function| handleDevolutionClick function| showModalMobile function| handleDevolutionClickMobile function| htmlCollect function| getBankCode function| exchangeMessageModal function| exchangeModalJustMessage function| showReplacementMethodOptions function| filter function| filterByCity function| filterByUf function| mountSelectUF function| showPoints function| mountHtmlPoint function| clearText function| clearFilter function| accountForm function| createAccountForm function| newsletterForm function| passwordForm function| creditCardChangeDefaul function| addressForm function| confirmationModal function| clModal function| deleteAddress function| messageModal function| modalJustMessage function| closeDeliveryDetail function| addClassOpened function| deleteCreditCard function| copy object| JSEncryptExports function| JSEncrypt object| taxIdValidate object| checkout object| newPoints object| ufs object| Checkout object| address object| pixKeyButtton function| $ function| jQuery object| html4 object| html function| html_sanitize object| Mustache object| Validator object| ParsleyConfig object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator object| socialid function| VMasker object| KJUR object| Hex object| Base64 function| ASN1 object| Moip object| jQuery110207235486209175526 function| Catwalk function| unassociatedUserLogout function| setSocialOption function| submitSocialOption function| eventHandlers function| checkLoginState function| checkLoginStateToAssociate function| loginSocial function| socialDisconnect function| associateLogged function| facebookLogout function| PdpEventsGA4 object| routes function| Dispatcher string| cookietotal object| i18n object| c object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data number| dyAction string| dyLabel object| pattern string| variationName string| experienceName string| GoogleAnalyticsObject function| ga function| hashCode number| aux string| contentType string| dimensionValue19 object| campaign_name undefined| clientID object| _gaq object| GooglebQhCsO function| hj object| _hjSettings object| a string| id string| querySeparator string| finalUrl object| s object| _fbq object| tag function| refresh_catalogEEC function| sendClickEventGA function| save_ga object| uetq object| searchInput object| searchGroupDiv object| suggestionsArray function| hideAliceSuggestions function| createSuggestionsContainer function| setSuggestionsList function| seerRequest function| sendGAEvent function| handleSearch function| deleteAllSuggestions function| renderSuggestionsList undefined| tmppagecategory undefined| source object| datajetFish function| createLabelGA undefined| menuToggleValidation undefined| menuToggle undefined| allLevelOne undefined| allElementsA object| menuNivelOne object| menuNivelTwo object| menuNivelThree object| Data string| latencia undefined| valor number| tempoDeCookie string| TiktokAnalyticsObject object| ttq object| gaplugins object| gaGlobal object| gaData object| google_optimize object| customerId function| onYouTubeIframeAPIReady object| googletag object| ggeac object| google_js_reporting_queue function| Fingerprint2 object| datajet number| bzs62i object| AWIN function| getErrorMessage function| isIE function| sendDebugEvent function| AwinCustomEvent object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| _gat undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| webpackChunk object| Criteo object| GoogleGcLKhOms function| UET function| UET_init function| UET_push object| ueto_bdd7fdfcb9 boolean| canRunAds function| infectSession number| unifiedChpRunning string| _nppc string| store string| selector object| l1 object| l2 object| criteo_q string| customer_id string| newcustomer undefined| cluster string| sitetype string| notlogged object| gaDevIds object| _nmgtag object| journeyDataLayer object| _wlDADJEF833 object| _blDADJEF833 object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

116 Cookies

Domain/Path Name / Value
.kanui.com.br/ Name: _dy_ses_load_seq
Value: 41238%3A1685051954167
.kanui.com.br/ Name: _dy_csc_ses
Value: t
.kanui.com.br/ Name: _dy_c_exps
Value:
.kanui.com.br/ Name: mbox
Value: check#true#1685052015|session#1685051954183-697264#1685053815
www.kanui.com.br/ Name: seal_refresh
Value: false
.dynamicyield.com/ Name: DYID
Value: 6552737712912194098
.dynamicyield.com/ Name: DYSES
Value: 2fba47e207c2fa9b2d5da66393ad3b6d
.kanui.com.br/ Name: _dycnst
Value: dg
.kanui.com.br/ Name: _dyid
Value: 6552737712912194098
.kanui.com.br/ Name: _dyfs
Value: 1685051954534
.kanui.com.br/ Name: _dyjsession
Value: 2fba47e207c2fa9b2d5da66393ad3b6d
.kanui.com.br/ Name: dy_fs_page
Value: www.kanui.com.br
.kanui.com.br/ Name: _dy_lu_ses
Value: 2fba47e207c2fa9b2d5da66393ad3b6d%3A1685051954534
.kanui.com.br/ Name: _dycst
Value: dk.w.c.ws.
.kanui.com.br/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.kanui.com.br/ Name: _dy_df_geo
Value: Germany..
.kanui.com.br/ Name: _dy_toffset
Value: 0
.kanui.com.br/ Name: dftab-debit3ds
Value: 1
www.kanui.com.br/ Name: lgpd
Value: 0
.kanui.com.br/ Name: _dy_soct
Value: 150522.212506.1685051954*191271.278510.1685051954*243010.364382.1685051954*369588.615667.1685051954*466965.845050.1685051954
.kanui.com.br/ Name: dftab-freightversion
Value: 0
.kanui.com.br/ Name: _gcl_au
Value: 1.1.844634158.1685051957
.kanui.com.br/ Name: Zanpid
Value:
.kanui.com.br/ Name: _gid
Value: GA1.3.1790114719.1685051957
.kanui.com.br/ Name: _gat_ga_kanui
Value: 1
.kanui.com.br/ Name: _gat_UA-86950572-1
Value: 1
.kanui.com.br/ Name: _ga_44NBXM9HZG
Value: GS1.1.1685051956.1.0.1685051956.60.0.0
.kanui.com.br/ Name: _ga
Value: GA1.1.61963534.1685051957
.tiktok.com/ Name: _ttp
Value: 2QIrV4As0qJPI13OOYfmOMvMAQW
.kanui.com.br/ Name: _tt_enable_cookie
Value: 1
.kanui.com.br/ Name: _ttp
Value: rRDonZ-W60SvmeArw-JoR3Y6gzC
.kanui.com.br/ Name: __utma
Value: 227738178.61963534.1685051957.1685051957.1685051957.1
.kanui.com.br/ Name: __utmc
Value: 227738178
.kanui.com.br/ Name: __utmz
Value: 227738178.1685051957.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.kanui.com.br/ Name: __utmt
Value: 1
.kanui.com.br/ Name: __utmb
Value: 227738178.1.10.1685051957
.kanui.com.br/ Name: _hjSessionUser_1196013
Value: eyJpZCI6IjE1NjdkMDlkLTk0MjgtNTY3My05MThiLWNhMzY0MTk5MDg4NyIsImNyZWF0ZWQiOjE2ODUwNTE5NTc0MDYsImV4aXN0aW5nIjpmYWxzZX0=
.kanui.com.br/ Name: _hjFirstSeen
Value: 1
.kanui.com.br/ Name: _hjIncludedInSessionSample_1196013
Value: 0
.kanui.com.br/ Name: _hjSession_1196013
Value: eyJpZCI6IjQ1MzQ5ZGUyLTM0NDEtNDk1MS05MDRjLWEwYzJmYTQ4NTNiYSIsImNyZWF0ZWQiOjE2ODUwNTE5NTc0MTMsImluU2FtcGxlIjpmYWxzZX0=
.kanui.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
.creativecdn.com/ Name: ts
Value: 1685051957
.kanui.com.br/ Name: _uetsid
Value: 6510ba80fb4711eda2c2973eef4ec476
.kanui.com.br/ Name: _uetvid
Value: 6510c5f0fb4711ed8dcbfda4c66aa8c8
.bing.com/ Name: MUID
Value: 390C630F4B5261EA003E70134AD9602C
.creativecdn.com/ Name: u
Value: wWw3OmlSP68Q3gDfthnD
.adnxs.com/ Name: uuid2
Value: 7569285522747727775
.criteo.com/ Name: uid
Value: d2e8baa4-9019-49ea-b2ca-2955166d6363
.doubleclick.net/ Name: IDE
Value: AHWqTUktuJu48A0UmjcTvNt1HPVoqEU-HLHvW7Prijj4hdR7NKnTWQRkCLFmg00OJzc
.kanui.com.br/ Name: __gads
Value: ID=a66563c3ba364f45:T=1685051957:S=ALNI_MaJdEQCCGqeb0oOaPh0u5ZM8TT_kA
.kanui.com.br/ Name: __gpi
Value: UID=00000c1c10c1fbd7:T=1685051957:RT=1685051957:S=ALNI_MYf6RM-THU6R3gAbEo2NOrfGI9QtQ
.casalemedia.com/ Name: CMPS
Value: 5296
.casalemedia.com/ Name: CMPRO
Value: 5296
.casalemedia.com/ Name: CMID
Value: ZG-aNnyM0A68dk65JTbT.QAA
.adfarm1.adition.com/ Name: UserID1
Value: 7237243055968549016
.w55c.net/ Name: wfivefivec
Value: 1bfKvC7Y1Q2iZp5
.bidswitch.net/ Name: tuuid
Value: 1353dea7-8c1b-4151-98b4-2a13c53fee88
.bidswitch.net/ Name: c
Value: 1685051959
.bidswitch.net/ Name: tuuid_lu
Value: 1685051959
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: 575e646f-da37-4f00-b2f4-0e9b3a86a3b4
.mathtag.com/ Name: mt_mop
Value: 4:1685051959
.simpli.fi/ Name: suid
Value: 1BF4D73B2B10460682956713A50E86B9
.lijit.com/ Name: ljt_reader
Value: GtOnqGZH27RhKKG1RTCM7bOZ
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBDfab2QCEN8f7qyg-dRCEje90-wNYKkFEgEBAQErcWR5ZOAKyiMA_eMAAA&S=AQAAAnlzkG6aP3-v0EbPS-dTt1Y
.hurra.com/ Name: __uu
Value: N5zOBp-5L4EdjE-Gzzzzzzzz
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F4E3B2F7-A85F-48C9-9E8C-8DB475313593
.adform.net/ Name: uid
Value: 5987577493794260529
.360yield.com/ Name: tuuid
Value: e9c4bacf-538a-4bf4-b13f-20bfc441a033
.360yield.com/ Name: tuuid_lu
Value: 1685051959
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZG-aNwAMxHWC6QAn
.scoota.co/ Name: tuuid
Value: 7c4039ce-9a2f-46c6-bcb1-76c57765fcdd
.scoota.co/ Name: c
Value: 1685051959
.scoota.co/ Name: tuuid_lu
Value: 1685051959
.hurra.com/ Name: pvs
Value: N5zOBq75L4Edk--Hzzzzzzzz:C397G37148:1685051959
www.kanui.com.br/ Name: _hjShownFeedbackMessage
Value: true
.turn.com/ Name: uid
Value: 4030358798713220404
.spotxchange.com/ Name: audience
Value: 6650b290-fb47-11ed-a1ff-1eddb0c50406
.adnxs.com/ Name: anj
Value: dTM7k!M4/Afm^c0ghqdmU(7TKQlwhq#?nGNN:uLIRh0MLIf3lQnX<+^aR1N/Ejtx?pv9_w+3rm=lYCLYgY429Z<`K6?.i-LlAfp5kNXA%5qjuV/Xyf]io5xb_sfWw4gi/V^4ESZ9hy6]/Cr.+3^F-?.PO^?_Vo?*fAL-(3Djb-itg8[dHY$N40'IRj)TQ3B`Vj+CR@Jw9T5_m!x%f-5%o9d
match.sharethrough.com/ Name: AWSALBCORS
Value: 5/BkeC0t7+59GoNu0JRXT3j58zanbVtHJj9J0u37kBYhu7qL56hGsHaSZvqxQ4Ai21gMAneSSQE5DGMRf23udlvQH9ffEcVRVjcuRcr/pAZlkx+KwV3Kd1NvghOK
.quantserve.com/ Name: d
Value: EDgBCQGJKYEA
.quantserve.com/ Name: mc
Value: 646fda38-472ae-9ae5b-bd44f
.360yield.com/ Name: um
Value: !38,HnEI8iAJkShtqLokrD4d3r3r.8-q285zMnKtMQqX5mfwZkEMd8wl4mWLs2CF3JImE9wdJ0R.,1692827960
.360yield.com/ Name: umeh
Value: !38,0,1747259960,-1
.media.net/ Name: visitor-id
Value: 3280535608173630000V10
.media.net/ Name: data-c-ts
Value: 1685051960
.media.net/ Name: data-c
Value: k-Eh5ZEZUuDIvj1rJgGNe3Ji3-78FGOG5JhXeVDA~~3
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2266baa070-fb47-11ed-ba05-1742e5b39dab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2266baa070-fb47-11ed-ba05-1742e5b39dab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2266baa070-fb47-11ed-ba05-1742e5b39dab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2266baa070-fb47-11ed-ba05-1742e5b39dab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-B_oGGZUuDIvj1rJgGNe3Ji3-78FrABP0J3qzvw%22%2C%22version%22%3A%22criteo%22%7D
.ctnsnet.com/ Name: cid_559983a48eeb487ebf0b88559fef32aa
Value: 1
.ctnsnet.com/ Name: gid_CAESEBN0N05MiH0EiTlr8Zekf-k
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2bul:18yl~2bul"
.demdex.net/ Name: demdex
Value: 61470365758575269430666567771722027345
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-db9aaaef-acd7-4a32-bd28-01267cab7894-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: arnseFNZaiMjAmemFmDwxZau8nrMogRZcTvRfyEfF9SZccywQu3STK5UtLxXqEtx4oLl2WTZdYv1HdSXTnTWJB8Lc
pool.admedo.com/ Name: tuuid
Value: 3f498af8-6378-4cfa-8e4d-200a7ce996ae
pool.admedo.com/ Name: c
Value: 1685051960
pool.admedo.com/ Name: tuuid_lu
Value: 1685051960
.dpm.demdex.net/ Name: dpm
Value: 61470365758575269430666567771722027345
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-db9aaaef-acd7-4a32-bd28-01267cab7894-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-d44wGJUuDIvj1rJgGNe3Ji3-78E0CUkSVamPJg&KRTB&23144-uid:k-d44wGJUuDIvj1rJgGNe3Ji3-78E0CUkSVamPJg&KRTB&23286-uid:k-d44wGJUuDIvj1rJgGNe3Ji3-78E0CUkSVamPJg&KRTB&23287-uid:k-d44wGJUuDIvj1rJgGNe3Ji3-78E0CUkSVamPJg
.pubmatic.com/ Name: PugT
Value: 1685051959
.kanui.com.br/ Name: cto_bundle
Value: zr2Pj19sOTRnQU5ORk5yeFRqUkVRM1owZHhVRWJZQnhRJTJCOE5iSkhySmZISURGUTdJSEJ4RElMcnVERnlSS0NBYjZjdXJvR1dzZnV0SU1XRXFNRWZTcEY5d2lrU2VNTnhwWHN3ZkpJMm9BbGN4NVhTcGVXaEtSTEJpN2lRTWx1bTdNbkNUZyUyRnAzTjJsYjVrbXBYT3VWWmV4bFhBJTNEJTNE
.awin1.com/ Name: awpv20044
Value: 412871|1685051960|67106190-fb47-11ed-9d45-2261c3620022
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.krxd.net/ Name: _kuid_
Value: Pk4b4OEL
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NTA1MTk2MXZsZWExZGUyMDIzMDUyNTIzNTkyMTg1MzAzNjI2ODI1WDExNzY4M1YxMjI2MTMyNzAyTVN2aWV3b25laWRnazhhOGZyZkpWMnNQSGJIOHQ1dHJyQVVtU1FUOTk4c3dnellvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2ODM
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023052523592185303626825X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NTA1MTk2MXZsZWExZGUyMDIzMDUyNTIzNTkyMTg1MzAzNjI2ODI1WDExNzY4M1YxMjI2MTMyNzAyT
.tremorhub.com/ Name: tvid
Value: 56ca8038ac1f49ffa7fbf1665ce97b1c
.tremorhub.com/ Name: tv_UICR
Value: k-s4SkmJUuDIvj1rJgGNe3Ji3-78H4Ry82dc7w3A

33 Console Messages

Source Level URL
Text
javascript error URL: https://www.kanui.com.br/
Message:
Access to XMLHttpRequest at 'https://analytics-stamp.confi.com.vc/api/v1/stamp/102462' from origin 'https://www.kanui.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://analytics-stamp.confi.com.vc/api/v1/stamp/102462
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://ssl.hurra.com/pvs.gif?bd3p=1&cid=397&tid=37148' because its MIME type ('image/gif') is not executable.
security error URL: https://as.ad4m.at/ad/dr?ed=1h13e3aky3qwagemwkfw2wzvyzbtyvwg28dfrpv6khs4x0zwpf74mdmx7ad8pa28n2vmphjh36mx5dn46ayg5j63hm87mpent5fqjsme20nf23jc7xn4mag4r9ghg9g0m5pzb9j06bsvz35zbs16gmmm6t4taa2s5jm3j39tg37jngzcsyz4wrs4pyacs8f5tm6dnrn9dfgd3bn1wm6kpnxma4rbsb0a02rn0jrqzmywxhgdr4qqj21r1cxp3jndqm5r056dgg62ymkwzgx795m4eajdbr31cm5s3xs1c5dkdn868986t7z0y9dg979tektrgf115nz60mn8tfzscrxq2ye390xax11z59t415r2g7w95ekdkv773bhhb0m07swzatabd9qn4k3pq27fckmfzs5wp4m476zz1wh1wm669gav8w30bmvtmjff41f6nxegaytsm8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%26client%3Dca-pub-1031670330168431%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1kqr0qct8b1yd2t6j4tfebfam2k7vc58xzfm5sgm1j56y4xfedjthahjhj8qv84gtscj4rfr9v64db5vvqy8razkpqq0r89f8p3dczqwyq2rvkas1nqtrvrakrnn2krg3aqzgzk3md2pzwdvzkebr0gn2crxxv6ctdram4h60nbnf6btcsatmnhfd9byhgn3ef0bva9bqpvdz2x333m5nt06j50sk1kx47n9s44rrgkgmx2w0ffrh1v1m0qp7df32m3bfxshp9cwkgyg44jb5xwb2r86s4vfa4g4e7461gy59xr031z5hcx5bvr409pm5t9sw86qq2517v2gmhj680kydpz37n9awbj4bz2ajqpm8zwpwvf9kc58cz72vdst5z1tnmey6e3b48e8vsdrbfsc5y2sntwb4qgresrehzzsn05dznvedn87qs6bte01cyw8pnc9tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%26client%3Dca-pub-1031670330168431%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1jtafm0bq3rycms2k7qkfdwye5bb99brx607zez1d767qcd1mzxabk0bwpr3m8ggtps56n6kvgmc5r1mk8tjseyg86gdx08vwbpxqaf9wykacjy5g0yx7jepp8f24cgjty80f7xf18q01fgmctyrqqckc5vdgwwjp9vfbqy4wd3tjrc2q6wn4dwfk82jvtxx4ee342etzvnr8vvejc2ttx9fwm4vejwsmb6ythjbwn1wys32bftdwyr5nwt6j0wj30a24a9xq19n417mscb1ge05v3jesvtxc843a5ebnfrm37tec7km76xtf0sk47n8td0x58yxtwpcfb3pp5a7ya25x141vmf4pnec39z17f18as2hh5nmjrrz7cw75pmyd5z4vrfr602dhqacy7bnv6j81yq2134fs84sm86y4kz36jcsw92j6q3eze6pe4fy1v05k78y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%26client%3Dca-pub-1031670330168431%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://emnoomldgleagdjapdeckpmebokijail/icons/icon48.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://pcihjlbjjghnbohanlafcldoddloecfo/img/cc-icon-16x16.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://mfidniedemcgceagapgdekdbmanojomk/image/fcb_close.svg'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://foehlpanophbpagddidofdpeiappcmgf/img/48x48.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=de2dc8e8e382e3e80b0d78105e96f984%2F14511041865793811139&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjrg0ps7k3wj5957xt479381q4sh4femprs3216m4tg9zeqdtpg600bkv7jh4vb0d5682jk76br24hra64wexmk6k71e8z7eyatdxrb9318y7f95xgm2jkzhq97k798rtkhcs2hrv514mazx5mq940g2fq6615jqt5dsxp86hfwkwgk8bhe2hm7jg8d790tx2gdw1hp2hs725bbc9jzh95g2k7drtkdp4t1evywzw9ks9wf4x36g6f4ecwrpcq5v98pzer6cnxv0bjhk2sxzbkj7m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrLarN9pvZJWSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QnGVXqSaSQfKx2PtJj36o-UFkeVF-UtIbZRbIyCFSoh78naeHCWWlzut6gA6jY_xwAP3mtceI7yt67UAZAA8zqWbzuwuTe-kPYgr3sF1si0xMbl_pooaQic5wqd9TmlEZGUPKJg9gc3TJUKxQj_-ke-kyXJQdy_rfzm5Xj8AwxTV7UtfUtKjav2z8Z4qCq5y_cDoB83Qbggqn9UckajOIGj2Bd33txh7Pdmgzo21OqV2FsMbh-o_Zc0PIDrsjKeiHmdDOAOCEE8oxB3qdMmXxbudfnxmQx9wM_SA08NlFo8_tq571pKo2oIKS0OAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1oOMDa9t7lghJ1oR9H1dClmx2YdQ%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=300&d=50&e=&g=0e20110d1b7454db8c7825dd9d622aac%2F1750030262979613871&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685051960626&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hez0ryffw581q8608m6zt2pz032h16r1syhhrnstyqy40h5dexe0dmvwtxfbdn96cx4maemwgr97rzm8j5vgjpgvv5yxz406ssax4bs17qgfshnph76gytmr48c3ey9ywmw9ys4rw69nvjs9wv9s3rk2ppf7h8xmp8wznntp7yp6f1vazdbn8wesza4q478413eg0bptra803n6cfdpw48bbwne73e95xqtyzkgnr6tx4008vnmd48s2b0yke6cznbdg0zbkbtbkw2qt23m4fn4v4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNCzDN9pvZJeSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTtAU_QwhBQdikAMHsXzcEIJhiOSDn-kvmVZaralNRlRpXGcLeBlq651Ctst_yq4mceg7N6L5erPgpGF-rARg6qCe1Y_eO4Oc5kbZw0PWEH3bZN-QtVQgBtNUhoM1vAcA--8yJmZlceFicoz8VKNAURGp3Yk29SW4yEW4Jh2zf9J009TVi-s6NE7PXaNBbmcVEOeo4voGZ8Eyh2R8UAUZBhzSuoYYJh_fc1WTBJVBu7cbQ1EkKjUAmZezyie-r7fsoxu4nFAXwB-WTmR4ZoW8hEXs6UrRxAlJzrZxejxyEg0fJJYLA_QPE63dTv4MiU2uAEAYAGw-SuiNH--bI3oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0pUA7GrKrHKGsn9X_GskqKhAij5Q%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eoolfmmapnkhandljfaaofncecfakljd/static/16x16-active.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://lkmpdpkkkeeoiodlnmlichcmfmdjbjic/content/styles.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C175490&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C816tDf8fRk5PFgHJHEtxtQjYCGSwTpprSbw91&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CZ28fwfBfz3MkFmHDHDtDCP8Zc6SXTQQefY5jB&c=728&d=90&e=&g=1d9ad4b3b6deff0881765daebb296ec6%2F6943535914931200731&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1685051960638&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kytvpdevyca2vjq2gjasafcaqerpbgtbzq5w85dbvh5yz79t25v0x4fab1fegcg7r2jvt04bzhwjczptfjqv2t0hxyqy5xdnmr8j3k0erra17mqxy0wza9amhacn4afgtjpn81bqwgks3a8f4md1zbhpmdh1q77ekydkqew4qypddrsb8an7bvy79jea94atkpsh790nrww0bgeh3v83cbg08tt8r25pevxn9w8396vgdx1pbzsen9r2t8a0nbhqvq568ybkfvcq197cxd0r8rt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWtrN9pvZJSSA5vogAfVhLXIBZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTEwMzE2NzAzMzAxNjg0MzHIAQmpAoD8-fDc_bE-4AIAqAMBqgTpAU_QqGLGFfXc0lh-Fe79qnaO7mR4gcxaATUMBeG4-AvBn0iSwTDPu0Wtw5GnegAZp6OpYc6nSkfWYpZ5Fi3Ytxq4zjGNnJzF0Ro8Op8HC-IwPK6jx1AnZ9ZCkqOrXypluR8P8NgzjZKL1JHh1FIgoY8levP56z_mRj7XAv-g8LxJhlOXddyS3ZDhAxO6_fZr1wd8vTClF-q2Ym4l8BXRCfN1QeNw2v4Ppdik7tOYlGc2XmKBqtknszGxZ8PcZ5tFkiH40le4QavmW0UVabQ54Ny5OGLARdg2DxBKnoQ90cA_1IC4q45tLPoN4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3kEjxLVz6RC04wlA5M7bSM9LKfZA%2526client%253Dca-pub-1031670330168431%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://emalgedpdlghbkikiaeocoblajamonoh/img/logo_prod_supported.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://offafgdgnliocofjjiohlpjpenbogkbl/icon-blue.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://fleenceagaplaefnklabikkmocalkcpo/assets/images/overlay/logo_white@2x.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0
Message:
Mixed Content: The page at 'blob:https://www.kanui.com.br/169f67dd-6038-4192-a0f6-170d9fdd81c0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://chhjbpecpncaggjpdakmflnfcopglcmi/img/rakuten/logo-rakuten.svg'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38067e6e9edf74eaa5851e3a1473dbf1.safeframe.googlesyndication.com
a.tribalfusion.com
a.twiago.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
adservice.google.com
adservice.google.de
analytics-stamp.confi.com.vc
analytics.tiktok.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
async-px.dynamicyield.com
bat.bing.com
beacon.krxd.net
bidder.criteo.com
c1.adform.net
cdn.480app.com
cdn.ampproject.org
cdn.confi.com.vc
cdn.dynamicyield.com
cdn.privacytools.com.br
cdn.track.production.webgains.team
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
colrep.sitelabweb.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d34e3zwe3zzpan.cloudfront.net
dafitistatic.dafiti.com.br
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eum-orange-saas.instana.io
eum.instana.io
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
kanui.com.br
kibana-mkt.dafiti.com.br
match.360yield.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pond.datajet.io
pool.admedo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.casalemedia.com
r.scoota.co
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.thebrighttag.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
selo.compreconfie.com.br
session.sitelabweb.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssl.google-analytics.com
ssl.hurra.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
st.dynamicyield.com
static-de.ad4mat.net
static.criteo.net
static.dafiti.com.br
static.hotjar.com
static.kanui.com.br
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
visitor.omnitagjs.com
widget.us.criteo.com
wkxppshj-qx.global.ssl.fastly.net
www.awin1.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kanui.com.br
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ade.googlesyndication.com
analytics-stamp.confi.com.vc
pagead2.googlesyndication.com
sync.search.spotxchange.com
104.102.45.165
104.111.217.42
108.138.36.89
108.138.36.98
141.226.228.48
142.250.186.130
142.250.186.34
142.250.186.70
145.239.193.130
151.101.1.194
151.101.194.49
151.101.2.217
167.233.13.224
172.217.18.2
178.250.1.11
178.250.1.9
178.250.7.11
179.191.182.65
18.132.62.161
18.155.129.28
18.196.255.22
18.198.118.250
18.66.121.152
18.66.192.125
185.184.10.30
185.255.84.152
185.29.134.244
185.64.189.110
185.80.39.216
185.86.138.153
185.86.139.103
185.94.180.126
198.47.127.19
2.23.209.20
20.206.128.53
2001:4860:4802:34::36
213.19.147.44
216.52.2.6
23.215.16.120
2600:1901:0:76b9::
2600:1f18:612b:4200:92b3:de3:12af:b1c1
2600:9000:20c3:2c00:1b:5138:8a40:93a1
2600:9000:20c3:fc00:f:8ce2:fb80:93a1
2600:9000:219c:5e00:a:b89d:a6c0:93a1
2600:9000:2248:3000:15:ad21:c740:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:b5b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:cc16
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:4f:1::60
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a02:fa8:8806:20::2010
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.13.159.91
3.33.220.150
3.69.141.119
3.71.149.231
34.117.157.22
34.120.4.21
34.242.172.162
34.246.79.42
34.251.189.55
34.91.62.186
35.159.45.56
35.168.219.188
35.169.33.119
35.176.156.184
35.186.193.173
35.210.53.219
35.244.159.8
37.157.3.30
37.157.6.237
37.252.171.22
37.252.171.52
46.228.164.11
51.89.9.254
52.28.232.169
52.51.50.145
54.154.227.90
54.229.40.109
54.76.65.236
62.144.160.15
69.173.144.138
70.42.32.255
74.119.119.150
76.223.111.18
84.200.5.215
85.114.159.93
85.215.5.31
95.101.148.20
98.98.134.242
99.84.88.7
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01699e82e37c86d8af26229cace1927e8a7787840c514a44802ff1878f71ea61
027658e1822c7365a4a373756661a814c2a40226aa524c970087852890200020
02fe7308e0ee7cc71de18579ddb4df59565d142823828888164ac0a99fa6c0ff
04857d263d127bca083f9036ffcb2c030cd12b943cf4cde1a71daf4da22fcdde
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b62f4c17b493e76cc391cd94f57229bd1505523b9255e7b7f1207a3af7496e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0f5dd458da68e3ade6a7ee2446fef85d67d7cf6a23ed5d7ecfa05025f33452e2
115a3171db7784e3eb1e6a7590546ca4d32acdde4997c33ed8cab373d815e5ea
11ce26e765d589e5cda02781e1a5984398b420d0499b5ab4a551d33327c339bb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141725991fd548609dc13233286c4bd66b4d15871966379929567f2e64ef0fcc
16fa684a6403bf78dd4031230f13bf8aa73bd5267241a8fc2ef39acd4f77d45f
1786bdf581df461324dc6e67bd57a2a292cec76cf1c00e070f4f99d66cafaabb
17e9d47909a54b367ae3d6045532bf9f98545fd19ea1cba9e9d7d7857d6bf5fc
18dc681cbfe28801aa2688c9900115e6b00d17ac2924b4a2454d51d8f706eab6
194bff381ec3d81f6f66034f0ff9eeee31361b982ce0d050bc5d62372cf449cc
1962aebe29e9703e1035fdf49a4ddd9abfc31de50d5c5e3599fabb3ff5525f12
1af4b0c0e13785b45fba4c149b03f3b68c0a3a93714f73b0d13fe61e718104f9
1c4be53d9a3aa721aa64ec05844a230d092723e3deddec5b467376f9b65a5159
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2054775db25ae9485cbbff01c19b603af007341e7d45138f0a8bef2c8c434524
20b642d6d84bdb3f22bd739729db385a9fb781779304e542003c2967cef98600
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
2211ff2fd5a69d2f222920ca8d1c6a14041806fdace4d702ab79c1d1e2428d91
249cfda2569911bfbf5a352e5bfeb9cc5fe78946863bf3e6c5a4934776a26b31
253510048017ed41c626e48e258a1cd2818f275632a27cc13e67b2c5b9acf82c
2557e5144de3a7aad8b04c7336d8b78a346e0460f7bfdf927e22fa4c8e46cc38
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
29eb18e4d01a9572f259847e4028769fadd2eb1bc0f4f3827a37e18ec60c878c
2a3f84875353e59da6e4efb3b38bddb9d4e5d54dc0e8d10e4f872abb89d13e5b
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317d808c8d92f3485f748223ac58434addf9fca51c5e46a7c8960dedec53e96d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
34213292a4712c8f99b268cd03d6a1e8624a62e58ade88fd5edb560cf13f1de9
344d52234fdfd14efd6d3a3b433daa8f548ab20d8adc561eac0d4e4a8db086d8
34f6a119625653e80dc5e63874c499772c5ea977e5516c2ab70d84bc8b13f537
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
360f7707ffa97c30d46cf1b7ac868405ef0082cee8188eedc9868ca7e6c9edad
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38299603ce44a55c924225e7c33259514bfb7f3197cdc94d69cf8ae7973f450f
3877c097b17f550165ef302a8cfeab1fdf866791d54f6b5bfefc08840f73c9dc
397472510bbd1416f81166d77511813010b1ee30cc5156dc9aeb734d0ff5065b
3985eb7918f7b14c57e22a1ff7cf572892258d53357d8c286c9daa20b7f62624
3acb0aed241bf33a59d203919cdf44c343c7b3e383fad0809f5581e6981778e7
3b267a7c2fba5cdeb5f060f693ebda234ad29aeccc3e523605727b6981e8ce64
3c247c945a05e3ec94b805689e080e8714de8fe4f3d479a3f38d0bb627281fa4
3ccc4fa5d4d468f0c2b4907e9010385f5d3483a9d70e2a71d6c16ac2deefc3f8
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
3fe2a7d0d15b0a3c314df18fc73ffc1a6769e7491d9a2bb13aa8cc9b70f69106
40ad26c2e2db17b50394fd87f16da9cd675f6f9d23adec11a29e4df920d98e27
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44cfa94e43355d002c25d8fb3d03593f9312a81bafaff29b117065a35f878bff
4575591366d227da49a6d786f99d71b4a58e2e13bc869b9c75e1617163f686ed
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46882f4bef1b2dc3f1075505e60841ef3113f419096b1ba48aad715fb5b5e087
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48453a8b020b102756676dea392a2d99225fd874f315612ce8fe0aece7d6a558
4873e89721ee7fc0df35a1886dd9464fed179aff9ee147be8f1ee567b225e25f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491826940e7f69544d4ad7d9692f7a3ad70bed2796ca7efed26316fea6ed73d1
49d7201c3b4337a86357646a2db5cfcddcf79fa5a638f24b172821e560b9fb4c
4aaabc3e1be879800a6945b987e4b758997f364931108cb80580d66b08590802
4aeece7eb8c03a34af223b36a7b24d66ef97e5f9ebeb97650d86dfdef82b4a0a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7fdc1477cd41fa75ac83d648c81e26a83308a4ede2ff9a70f45af879ebc616
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513c9970da610d44c22a541db6b61f657a0b90c771066811ad7760831b5da6ce
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549f9de3c5a955391f4987c6ffbe3adec7b4874ff054a1068285d50613bfaba4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a7e557715091a4a0429c162ea64459b1bd92f7ad7f6a9ba7a3d202788afbcf
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58cc4710abdb905df22405105eec976595d70bcf0776278fbc3f812b164729e7
5bd8dfbe8a3c88cbf1413b90d7f684a474311a657b5266e7a6f33fca0a0bc669
5c1d9e173f6c357d72a617dca08e5ec8fbf78c2e7bfc5eba8821568ebee85af2
5d0caac607e282cfad3d7ccc678ffb212d0ec78e88ddbbc7dd65b0a53dd8f2f3
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5df0afc3702167718a0cd800f3f20f4ed1158900978c121f2f0bba0a7d23a58f
5e2c93ef4550c84e1700dc4596b4c8afd970b14f2d1878c7edc1d6f08c8e16d0
5f2f1e5b3d6a5516bae096cb2f4d28d01968ff7866b65c3528e602fb473c20d1
5fc29daa67f3830d0f03767227558474c4144a5ce22f9ba6ffc77b05e523f516
5fea843a3f457beefda91acccf6e72825c204589b59d2cc93a63d778a8208447
605d9ddd81095e5d63543b4435a16ff1b4ae4da30bb842b582156da601e08880
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
612cbc8b0ce8646a310bee1b0c51fefe70c6b3066bd91abfc0a4c10e6879882c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634c21652f0f11c12b96ed30a9be9fe2d29dd2ed4ab4e5da4fe34dab72f5538d
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
66e48cd1831dff2135e45c657d77ab4f283268b87033a376b355aa34b77fe8de
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
697d597df5ca9a0ceff77072433a2ec5a934720509605f5fecd52b3f39ac7ff2
6c902c245ddca0826e20d37ff8a07f1ce2b30477fadefee3da8b285cfe1ca31e
6d1d8e548b410ce60c5d804b555b6fe8e8a6a92dd6a22c503f82d39d3048cc22
72def4e68fd499ad2d5345f3c286c6d1d88bc598a3b45b4455391cd7b1592134
73e58c9ed4e7476689303e4169c343f18b277902a363dad3f39d0591f59fcf6c
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74df85b4472f8037e7e4ea143f1443d8eca40a01591e698d900bf6b8a18b85c8
7551480907a2cf13b43a57267750cf88b619d7161f4678de3b6a8fbf0489e5a2
75ca3a72714106fdf040a115ac9e32c64a1a456e5c23a0d24e55bb748403292f
7a3b5ce3b9e71975f5a54af68e5184d9f0ecdeb63b62c225139e5b32c28fd30a
7b40556d690b0e55ffa60252fed11640ca71c47e8c3869d4062a02034b62c0d0
7b824042a7108079234121c8a6e471f11b166bd4bacf85fb9cab29a9341eb647
7ca547bd416d9f8414efd584760ba6f9c515bee4293ebf2538dd012e9a27eb7e
7da80713891021cc2787c767bc376d8029ed7087fb9c2b70acb4faea5dbd9dde
7de00920bb0b147111be6d35c3d9f3d5cb63fbd4dc81c94f333607797ee7c48f
7e1247451eb92d2cd89b3fa5aa15d9983eed061e6e2c508a5ef166e7eca59805
80ec86ca07b179e383d7280ffefa2bc3143116c7e6d29c06eede960ca6e5174f
8121a35a4a3f74f2c76f84c38b8151f2505d451df55e1a0e7590534445741c55
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f9f6450a9f79a3c5fa90cc2fdbb1c745958d47cf8dc2def841f52efffc3751
84624a97231d724ea499ba6b02a31c0aab49f5252750cb25045588c117dbdd3b
8498bd65ae34f504ddf87975d5eff9552b477fe79e4f7763512133fa1d4b5ef7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
86ef94466c01a222d640333449eb1d4989f117447123356473992a353557b2a9
8801dbd26dec1d5fc66d380cb2ce8cd3672c0e4c42061f821c259297fcc8a2a6
88f1d02668a56fc5ab75270f5540371cafc84f829646e0a5dd5286411c53f249
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9a2c365a3ccd375fbf6fedbd37a3b61019b901ef429085362e095721825415
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8f6613577546dee652f8313e5e11ce45ce42f9db18d75b3eee10eb97451d1075
8f95026377161360449c6c55de4d0bc49be7b02fffc054e92c92eb6c3b46e7db
90846c724fa542088099e2d56d23f2ed6be6bbb7b8d47737d176852b639d407d
908d3d9814bd9773ba374617281297c3e74d15fde0a189013e45b23cce49ad33
9092fae1a997291e19a5b9761a725b6c91aaa91400a0baa150d795c94a92fb91
9289a2f488a316419058b1b7e635ffac86eadb2a780c6845dc910dc85ed4b132
9586724a8919b155316b62e47f38a6b58205d06648560034004209e2d238555d
95e80901adda93269fa97276326096f8e3537aa30d4684411dc79f4c48ff2189
9634e8d62507de8ffd2a253deca5f7bc48a274c3a7a62b5a4f85bcb8b089b32c
963682b6480c487be0f00e54a32989eddc38611839c1ba052d541d8f9d5532f1
96f452c979bde4478c26318d9bfaafaa28f3bd8fa295918901bf4ba6dd96933c
970e322932327436b9fbbba9bf325d576d04448a1d722b8ebb55c0cd747e18a0
974af4d36f26a2ebee2dd0d43165f5943340dd5e6d064c8627342b733abe1e0a
978f3d1dfe83e176b31cefa605353d06329513c53d427dc885047123472f144b
985e58230b45baac2febe13ac675118309e93e1686f5ce83634e5353b2f6c75b
990708a370fc7f0173e951516c5ec91ce9d2e3ff35c2471e40bb3ba4ee43bc9f
992bd3ee0d5870e5bc0e068fd99d9807f1ae09f3b5a9499bbecc754811943247
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cd1a3d3e456380e27163075b96a7d7c5c75324f00bec26d9cfef3ebbdf40280
9ed0f134474fba6bff3ebfcf124a879a3baad6a9b482f8fe52222da8a4282d10
9f03509718beb4070d2850b743d60a459a91d5c2510a0698675f1f2132e55468
9f8ddde7973da273414e2c4bf39f1310cfe833f16a5c0677d425a4aa413dc264
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ab2b7e1cdb49a6e4ca35b738732a3d6c2924b4faaed0249bd15b277b616bf3
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a988b63f99db965bfc7f0af6f354c464ab171808cdf5dcc54bdf4f7f55e75029
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9c5e748ccf72f5ed630e6e11eef4cb90aa6897e7116cfa2f45d3573dc47480d
aa121cf65fbbefdeafd6bf9ee45a15d32b7468abf1ee5be346e4e5da9c6da10c
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac07b21b9c8016dd564bf9de88d4b0f401ac0c90b586c59b6af3f62d8cd80c2b
acff40324ef40543d8d84a31217c27188b8a3f1cee1dff3cb1b3fd8a6073cd65
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af7c563112880ec7ebde4e8d9700a759699a1bdf84023783ec4ed81e59d87e33
afef8758b4e30f1afda61d12b54869eede96ae24c4f585725cb525592045157f
b1429d4b9461de2d1a53d6207eb0acb7967da94fbb011c828c40d23667b5dd88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b289bac9b12392b4e1e20a187f10bc98e91025d0acb717e4f4e395af5b1d36d5
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b47bfe2bb34fdfb68ec9df2f523571d13141a7c9716dfc862dc5c5c8739917ac
b52baea12d32e2e512df377c2bb4ef3ca1b633e7d5abed226dfaebb8450f8d53
b5902ea668c562d9b87129182849179f77967f4210bd2dbd0077e9debc853365
b5c105c2b621413cb431064c0f40cf9f985e84dd293da14d93d2f102703dbf40
b612c829e284a05a3c1ad7c038a0256a8bb1b51ad5c755ec464db9d297d0231f
b668790fb4a78e37c82b8fa599fb7e8a0dc59ce0b2b9d420c32f6d9dc6f62c17
b9b90f5b0ab7d55d88ecc7fab5b8ac2a37ef20857cfae21327104667857bd525
bac18217eff428a695ca1b18b1a989a6ed411b354f773c11949ca58b820c6057
bae8601a65f20808c0c7439df7f17d89c3f92fa625fd0b38232f0a581a0ecaec
bafb9a03bdac5fc5a5325ca9d9ef3e7f62708b5efbb63137f35873c4519ed310
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7ddc9e1c6516cac534ecbbe4603921ae538259dd32eb225f50c0e59d4f1cbd
bc15c9a762a2ef4fa9f61301249d1dfc04a42b78dfaec450ab4f75af3652f140
bc348fdf3d6e98dfb1b06c53951baba12ccb2041a63a044d166ce5e4a4e61f06
bcc1afc53529416fc5780618306f4e39ed3f38af3ea776aa4282a91878062b73
c1534793e8ef1132ecc6f0d9c7bed223e837f5f1eb4f1495ea40a08ef40e204a
c292f61f54af368905af4b9d7b54338fb2da302c15f596c694fa68b210f2daaf
c336e611e43128b20c8ad73345bad62a9f39066f2f2ccc3f46c60a13452331c1
c4430b97b55b8103f278e137eda1a2acae554981e0baa81c8cf45313ca4865f0
c4e3a6660841a2aaefca4bc6bd707c3a83291d96e44afabc7a51a875be30e1f0
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
c8015792fdcae6f89230c479fd95e5998bf815c6d882c64fa6a7cecdb3c724d6
c8eab4253dfcb0a960d80bd71d5e2849a0cd77139cdf8a05412c55c3e7da0cd4
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca690205f18df47cbd3e34f8cbbd00e7b169d25bd369f7d4664e7189173c76f6
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc5803ab4343f70b4b4993aa04e32e5bddab6f1191a2daa8f2e88c1b55e42167
ce6141070b094e2b86bc5576dc4b7e91ad38476dbfa30f3c8bc6871234f15c16
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5cc0708817ec6b47ca7011923dbf4a4a57562c5dcf482c37b5100a3db5fe217
d69ceeef402d5481f94eb88ca0daff8268f16c0e72ad300532942cd4fc87f4c5
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d7971b9f10a7f8a94f87b5820ee0421e39ad41c8ad90c64fbdc7cf7b5431d8f1
d7aa5ee5fc5e760558483ae97feffb192e6eaf5f7d58cd8cb65699188b1baaa9
dc2bbcece24a41494bd7d15dbe450e37f167abcbb30c063772d1972bef448329
e164d75a762646af6c378dfc910eb1ade9b52ec39ac0e957d126e24187bd0a04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4da03326fbdf8a738c8097aebb5f6fb3ccd6f0af79132c02f65452783c6dd45
e56aa5dc8361558e56e2fbc4686388a6ae524c470d459c555b3159126cd3bffe
e58351697744d1b13c815ea2b37bc019176fa595a7a56ae74a4ab8ffa911dfc1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e606a7b9d89aae4ff95f6023167172228a5d50c485bcbdfd2070488fade6e354
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e920df2d72369d6d348a9216cde2ba6fd1c9fe0e3d93faa55e1b3acde4addaaa
ebca1d660b412e273419a7dfcbe0e51c7bac87dd15e52d593e4a578f92cdaf87
ec0e3ffe0b2711a6690c2451fe108e9c095c66c852a16229dec58422f778a56a
ecc3da4087e1ff05f5492df1dee43224adce7750e28d3b212c1764a63559cd7f
edeb9a11459312fd6e13d3e6906ab4cf5dfee3f66d4dbea92c141019ab1316ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6258f845774c76d5d05f26c052ed90480d17b55996a6f85cac9e745442a25b
ef79135808bf7134120efb4488d60050b5844db1ac968c56a636ff6b4329b93a
f07df032188087dcee6c22910ac7f794ed057176fff027789790e540038eae52
f23a2098f84a1ee0a70e453f2c5a3449ed079f5e0515e6c882590ff92b40cfba
f2c422b7669dd5905e74935e23ef2939d5667dd9620422cc1867151b98012228
f4e35692aefd094976130c06ab5cdf2453d48eb674dacd118fb172a1aedd097f
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65ffadacf83c8cd584861fdb443cb9daa4f4fde52325ecb3ed30dd39c700414
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fb5fa52a1e087924c6c850ad29fc22daf238886de8d32af08f7f6474736b1d62
fce58a506394d5b4a0a5f8ba580904de18efb690c9744df4c7e76682c5b62a37
fd09c8dee63de746c2a41929ca8044bb99dc0bec8feee8dc04ecca1b4a0fc97e
fd51b242b4b96a66a061d2de8bd377a637322731863047dc8c7eba42d7ee1926
fdb72fac128844fe148d3221c43ae7f9dc65e1937b8297b074fcab9437da46e4
ff0c083a624d58fde02443e7587d9fa86bb0b192bba55065d4d4cfdf595988fe
ffbd86d4d5e2589cefbba66deb541a09acdaaf99df503ef7902e5595c58e9b61