www.apontador.com.br Open in urlscan Pro
104.22.15.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.apontador.com.br/
Effective URL:
https://www.apontador.com.br/
Submission: On November 28 via api (November 28th 2022, 12:13:23 am UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 15 domains to perform 210 HTTP transactions. The main IP is 104.22.15.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.apontador.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 16th 2022. Valid for: a year.

This is the only time www.apontador.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.22.14.25 104.22.14.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	104.22.15.25 104.22.15.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	34.249.153.40 34.249.153.40	16509 (AMAZON-02) (AMAZON-02)
9 12	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
9 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
9 12	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
58	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
5	108.138.5.230 108.138.5.230	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.32.99.115 13.32.99.115	16509 (AMAZON-02) (AMAZON-02)
4	52.17.68.86 52.17.68.86	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
210	28

1 104.22.14.25 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.apontador.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.22.15.25 (None, )

ASN13335 (CLOUDFLARENET, US)

www.apontador.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newpoi-assets.apontador.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.153.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-153-40.eu-west-1.compute.amazonaws.com

as.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.194 (Glen Cove, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 9 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.46 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.5.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-5-230.fra56.r.cloudfront.net

playercdn.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-115.fra60.r.cloudfront.net

assets.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.68.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com

evs.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net

cdn.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	adform.net track.adform.net — Cisco Umbrella Rank: 2405 s1.adform.net — Cisco Umbrella Rank: 4236	474 KB
45	googlesyndication.com 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	270 KB
32	apontador.com.br 1 redirects www.apontador.com.br newpoi-assets.apontador.com.br	298 KB
26	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 stats.g.doubleclick.net — Cisco Umbrella Rank: 142 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	299 KB
17	jivox.com as.euw1.jivox.com — Cisco Umbrella Rank: 102768 playercdn.jivox.com — Cisco Umbrella Rank: 6257 assets.euw1.jivox.com — Cisco Umbrella Rank: 109977 evs.euw1.jivox.com — Cisco Umbrella Rank: 103400 cdn.euw1.jivox.com — Cisco Umbrella Rank: 116464	634 KB
15	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705	12 KB
12	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	11 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	189 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84 region1.google-analytics.com — Cisco Umbrella Rank: 1166	20 KB
3	gstatic.com www.gstatic.com	16 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5200 www.google.de — Cisco Umbrella Rank: 3269	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	126 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1615	63 KB
210	15

	Domain	Requested by
58	s1.adform.net	track.adform.net s1.adform.net www.apontador.com.br 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
29	newpoi-assets.apontador.com.br	www.apontador.com.br newpoi-assets.apontador.com.br
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.apontador.com.br 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.apontador.com.br 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
12	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	track.adform.net	1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com s1.adform.net
6	googleads.g.doubleclick.net	1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com www.apontador.com.br
6	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net
5	playercdn.jivox.com	as.euw1.jivox.com
5	1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	evs.euw1.jivox.com	as.euw1.jivox.com 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
4	www.googletagservices.com	www.apontador.com.br 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
3	cdn.euw1.jivox.com	as.euw1.jivox.com
3	assets.euw1.jivox.com	as.euw1.jivox.com
3	www.gstatic.com	www.apontador.com.br 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
3	www.google.com	www.apontador.com.br tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.apontador.com.br	1 redirects www.apontador.com.br
2	as.euw1.jivox.com	1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com as.euw1.jivox.com
2	fonts.googleapis.com	1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com www.apontador.com.br
2	www.google.de	www.apontador.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	www.apontador.com.br www.googletagmanager.com
1	code.createjs.com	as.euw1.jivox.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
210	29

This site contains links to these domains. Also see Links.

Domain
api.apontador.com.br
institucional.apontador.com.br
www.linkedin.com
wa.me
br.linkedin.com
twitter.com
www.facebook.com
www.instagram.com
apontador.xgen.com.br

Subject Issuer	Validity	Valid
apontador.com.br Cloudflare Inc ECC CA-3	`2022-02-16` - `2023-02-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.app.euw1.jivox.com Amazon	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.jivox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
euw1.jivox.com Amazon	`2022-11-11` - `2023-12-11`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.apontador.com.br/
Frame ID: C017195B1970A2A76CCC15400B6CBB7C
Requests: 55 HTTP requests in this frame

Frame: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 135012A1CC3544AE85F91BD771E0D7D7
Requests: 1 HTTP requests in this frame

Frame: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BCE0C6A4068DCFE0D13F7C7E9F5AB277
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA39A907C7F695466B8B863F8C777BDA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95BE8E4C2F7049887D8C13568E547198
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 85C44D0BB86FB337B975308D88DAC617
Requests: 7 HTTP requests in this frame

Frame: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1C86100293B9D10D6A4BCB5C7CE1630
Requests: 17 HTTP requests in this frame

Frame: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75CDCA0CD270A8DDDD14FC50712CE98E
Requests: 11 HTTP requests in this frame

Frame: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F75195895AABED567DB757E66252815
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 85B2A766607193E096188BEBD8AA3A80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNUVgBzhKunz8ZXw60Ynd0R2QHXfVl3UHhXV-EiR9LpBBDzXODuFCKvXS5JYQyu2S4AKlMq52uOhpQNbx1ZYXopA1ywEOczORkFh29Ry53742dgyjOP9b1la3re0c3hm7FFX5V2cem_pOawS2Nb7hj1IOB4TAKNAiLQh47xZKUVDkd-H3BE
Frame ID: 6932E9DA324EA9FE375025DD501E8F6C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNUoE2jh086uIgE5WpxiKRQ6ERI27-IaiyWfATFmkXgkkV0A6hFQVSR_yJue5CIFFx_bYSt984KDGQAjBLOED9gtfHyJ1421QVT1ASGPR-QlhEqvM5Lh3fP9wdehr-_-t7ehpHpFSjCpgIv-F524XGpwfm6CBJQyPyuEZXxe4S9qwFN0YrM
Frame ID: 1A549C51A6138BE19FB8D652E61C3D6E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNV5pU98dQ0fZb1tbMCRKyeFqIJ5Pij2iERaJNfteae0uQltLpW1arOzxwixdOJOktCMCQQTEXGv44Vm2uYC_brSFds-GQOa_041nUvsBwcKRmeEYwI5kuBOiM1hfxDmWkQjTY0-V_WPdB02DUU7NWtgeGDaqTHTLRxVAeMMVayPUgo7gnk
Frame ID: CC9814644E1D976492926240DF9571EE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 93F6ACBD8925D10A9B8C814534AA841E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7468D2F125717EFC48AFDAA971DD5218
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97E757B31135844FB2CE0E02AD44322D
Requests: 3 HTTP requests in this frame

Frame: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: 08127FD1075103B847D2913F3B2F0CC4
Requests: 7 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: CC3E41E2BBB05AD5BA89C67B1D3BBAE3
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/11990643.js?ADFassetID=11990643&bv=516
Frame ID: 62D7570A5D639D456A846D672A6C36C7
Requests: 27 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/11990643.js?ADFassetID=11990643&bv=516
Frame ID: E8B52365BA7B9FF6A5ADBB8D2D6F64A1
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Encontre lojas, serviços, alimentação e outros lugares na sua cidade - Apontador

Page URL History Show full URLs

http://www.apontador.com.br/ HTTP 301
https://www.apontador.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

210
Requests

94 %
HTTPS

57 %
IPv6

15
Domains

29
Subdomains

28
IPs

7
Countries

2401 kB
Transfer

5595 kB
Size

18
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://api.apontador.com.br/v2/logout?redirectUrl=https://www.apontador.com.br/
Title: Sair

Search URL Search Domain Scan URL

URL: https://institucional.apontador.com.br/#oquee
Title: O que é o Apontador?

Search URL Search Domain Scan URL

URL: https://institucional.apontador.com.br/termos-de-uso/
Title: Termos de Uso

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/apontador/
Title: Trabalhe com a gente

Search URL Search Domain Scan URL

URL: https://institucional.apontador.com.br/ajuda/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://wa.me/551130478411
Title: 11 3047-8411

Search URL Search Domain Scan URL

URL: https://br.linkedin.com/company/apontador

Search URL Search Domain Scan URL

URL: https://twitter.com/apontador

Search URL Search Domain Scan URL

URL: https://www.facebook.com/apontador/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/apontador.com.br/

Search URL Search Domain Scan URL

URL: https://apontador.xgen.com.br/apontador/form_chat_cliente.html?info_site=https://www.apontador.com.br/
Title: Olá, podemos te ajudar?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.apontador.com.br/ HTTP 301
https://www.apontador.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3NjQyMzgyNjAxNTc1OTU3NQ%3D%3D

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

Request Chain 105

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Request Chain 107

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

210 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.apontador.com.br/
Redirect Chain

http://www.apontador.com.br/
https://www.apontador.com.br/

70 KB
9 KB

863ms
817ms

Document
text/html

104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c97b117825c7055886818c7dbac3b5ea22530d429987c3182db0ce218585676

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=1
cf-cache-status: DYNAMIC
cf-ray: 770ee58b6ecb9b9a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 00:13:16 GMT
expires: Mon, 28 Nov 2022 00:13:16 GMT
last-modified: Mon, 28 Nov 2022 00:13:15 GMT
server: cloudflare
x-cache-status: EXPIRED

Redirect headers

CF-RAY: 770ee58adc2e92b4-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 28 Nov 2022 00:13:15 GMT
Expires: Mon, 28 Nov 2022 01:13:15 GMT
Location: https://www.apontador.com.br/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 app.css
newpoi-assets.apontador.com.br/website/assets/css/ 287 KB
38 KB 202ms
40ms Stylesheet
text/css 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newpoi-assets.apontador.com.br/website/assets/css/app.css?version=0.1.175
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7a0e9a24895e9f5a9bfbca5f171d5e0fe020d9e9105fc1a2505146789aa870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 17:46:44 GMT
server: cloudflare
x-amz-request-id: 21G5N2B16GZDT9DT
age: 365649
cf-polished: origSize=293467
etag: W/"33fc4c3c38dee599571c66b873793f47"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
cf-ray: 770ee5918fd89b9a-FRA
x-amz-id-2: QY5Dwk+MHWZ0/OddYP2aIw3lLSlOPiaPzcZ7y7cLhLbrJHX+aMrPT5ZfuYbynqwhL1RuxDeqE8U=

GET
H2 200 email-decode.min.js Show response
www.apontador.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 30ms
30ms Script
application/javascript 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apontador.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
server: cloudflare
etag: W/"637cd00d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 770ee591c8249b9a-FRA
expires: Wed, 30 Nov 2022 00:13:16 GMT

GET
H2 200 app.js Show response
newpoi-assets.apontador.com.br/website/assets/js/ 408 KB
110 KB 32ms
32ms Script
application/javascript 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newpoi-assets.apontador.com.br/website/assets/js/app.js?version=0.1.175
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a69d904b1d0dc339e42156d9684f90c9636f4c1c04d5a135f293b01798393c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 21:14:06 GMT
server: cloudflare
x-amz-request-id: 21G4SF32W17Y6KBD
age: 365649
cf-polished: origSize=418018
etag: W/"3a6fbcdf019aff2cabc3587bd3806f82"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 770ee591c8299b9a-FRA
x-amz-id-2: /FU4UdSVNFQ9G3pec+lmKWYVQWpi8eOVPR+54e39HwjLDUk2EaBOLTgD++f+9Mo2m2a7XEdj688=

GET
H2 200 chat.png
newpoi-assets.apontador.com.br/website/assets/img/ 2 KB
2 KB 31ms
31ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/chat.png
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be319868af11affa5ffd932e8584d796990bc874e23e463b49037f810670c6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: HIT
x-amz-request-id: C54SQ3GR0FGGNSVK
age: 82185
cf-polished: origFmt=png, origSize=3356
content-disposition: inline; filename="chat.webp"
content-length: 1682
x-amz-id-2: Yv9Ctro2XLmH8MMR9D3qWZ7tLpZQQBunW9KqSVclOuZzOpapGO+KjXJPGq3dNeQUC9HYuC59eGU=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Nov 2022 17:23:12 GMT
server: cloudflare
etag: "0b00e154adbe5ccb948d10977d84fd41"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee591c82a9b9a-FRA

GET
H2 200 bg-busca.jpg
newpoi-assets.apontador.com.br/website/assets/img/ 2 KB
2 KB 30ms
29ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/bg-busca.jpg
Requested by: Host: newpoi-assets.apontador.com.br
URL: https://newpoi-assets.apontador.com.br/website/assets/css/app.css?version=0.1.175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091887ae3c2985745041d7b515c44eecc810e72a55c6c807ea5e4d0f10af030d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newpoi-assets.apontador.com.br/website/assets/css/app.css?version=0.1.175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: HIT
x-amz-request-id: 4BAQNS8T1B17Z6W4
age: 82188
cf-polished: qual=85, origFmt=jpeg, origSize=17285
content-disposition: inline; filename="bg-busca.webp"
content-length: 1562
x-amz-id-2: bojttCtkIA/7lT6HJew3zXKF6aPq20qGxlAqSULWSG1LiERErw3H2+s8+tMV2be51XkCwmOarOc=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Mar 2022 13:12:04 GMT
server: cloudflare
etag: "41c133088328d25a371dfb1a3e2b7270"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee591f8669b9a-FRA

GET
H2 200 icon-logo.svg
newpoi-assets.apontador.com.br/website/assets/img/ 2 KB
960 B 265ms
265ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icon-logo.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd0a7c763c10975fa511e608ad14ab9172ef8f6a7cf4149c51795c4be750964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 13:11:03 GMT
server: cloudflare
x-amz-request-id: 3JXA99SX8YVRB0CR
etag: W/"f4a218a23a0bb7ff9e296afb45974181"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee591f8699b9a-FRA
x-amz-id-2: bdEjlhrqmNIqoVUWAgEnfQ3U3ijGs1yGuc5w0bdtQEPNbTmRP2OgVNrzgmF0fTIhT7bOtjD+lIc=

GET
H2 200 bg-destaques-perto-de-voce.webp
newpoi-assets.apontador.com.br/website/assets/img/content/ 36 KB
36 KB 29ms
29ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/content/bg-destaques-perto-de-voce.webp
Requested by: Host: newpoi-assets.apontador.com.br
URL: https://newpoi-assets.apontador.com.br/website/assets/css/app.css?version=0.1.175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95615e0dfccdca15e1fc3475548d35d070323c66edf728f8cc8d0eb6670d5650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newpoi-assets.apontador.com.br/website/assets/css/app.css?version=0.1.175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:12:25 GMT
server: cloudflare
x-amz-request-id: 1RH2TKZWHSA5REBY
age: 34980
etag: "067e007e933637305f5a286bd675b733"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee591f86e9b9a-FRA
content-length: 37034
x-amz-id-2: d05nvy7oA1rTXwH/gvX2u9Q2j9u7NAFsGhC89RH1vglns0tconolSh5TeyUp4Ru9oJpmR89SpRg=

GET
H2 200 close-pane.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 320 B
452 B 31ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/close-pane.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51465d68a406d56bccebd9a898fd304b830c85f2d0de75100b7880e143f8ecec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:34 GMT
server: cloudflare
x-amz-request-id: B99QXTWNFVBNDW0K
age: 87640
etag: W/"8bede598c404df7c335c61a348dd68eb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59218a29b9a-FRA
x-amz-id-2: 5yL5r1uFFlSKde+zcew+2vplt3hOrlp8+5YYgwKuDXbx8RHUtKKTIme6m77TP1oI56Ow9o24eag=

GET
H2 200 logo.svg
newpoi-assets.apontador.com.br/website/images/ 5 KB
2 KB 30ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/images/logo.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1d6c87a768bb42670f37f6fea855c3e109b1b355dc0d880ec5a35645096d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 19:02:26 GMT
server: cloudflare
x-amz-request-id: 4BAM6DW8P1HZZXCT
age: 82188
etag: W/"9dcccc72ab4e0b88517dd07d3e6e9e7d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59218a59b9a-FRA
x-amz-id-2: s4pDS2n7E6stLl/RceHr9OKIttCu6odvsZWumxGioCsRkTV477xDLBq83lnKbZJZ8/MnbIV67B8=

GET
H2 200 carot-arrow.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 161 B
341 B 34ms
33ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/carot-arrow.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171c971a56aca0293481074de5b5cb6c6c75353ed0221adef1e64fe81ff3e0fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:50 GMT
server: cloudflare
x-amz-request-id: 4BAMCPV7WXE710XD
age: 82188
etag: W/"b094b726468a70829b22c4666fd8245a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59228ae9b9a-FRA
x-amz-id-2: LWwplqPxLex3WEBnKOJ7vtUEZsuzwHcydDdlh7ggkoKkQ+FyZKS4mkKULxQgDsRTEX9stleN3T8=

GET
H2 200 seach-home-sp.webp
newpoi-assets.apontador.com.br/website/assets/img/content/ 54 KB
54 KB 458ms
458ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/content/seach-home-sp.webp
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68cfd8b56c0181945d8ac52112c1e19d4a4c1c1fca6b03314f93844ed5c3fceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 13:12:18 GMT
server: cloudflare
x-amz-request-id: 3JXF0QDEKTZ3QGFY
etag: "9cd97b21f3e674264267d3011e87e894"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee59228b09b9a-FRA
content-length: 55384
x-amz-id-2: jCvezKwwz0P7QD4BmtBM59hUmgwJip2zFYDVe56UyujToLasmlOMXkrgJbN7d7gkzbs5lIW1ut0=

GET
H2 200 melhor-do-apontador-thumb-02.webp
newpoi-assets.apontador.com.br/website/assets/img/content/ 2 KB
2 KB 33ms
33ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/content/melhor-do-apontador-thumb-02.webp
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3bc9be671994481af5196f4df408eb6bc7e93a086573735891514069f52f08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:12:21 GMT
server: cloudflare
x-amz-request-id: RAM7W9A8E4SMWGEQ
age: 42030
etag: "2d56df0a270c606f931be052c3297efe"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee59228bc9b9a-FRA
content-length: 1546
x-amz-id-2: QJ+rohdVzcgR31bVu1HjoVd1lNt1KrU/mtjIIpqZF4Qhd87tynxLeEgkRXfzP+FQbUy9r1hEzfw=

GET
H2 200 arrow-left-yellow.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 166 B
352 B 38ms
38ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/arrow-left-yellow.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd272b5aa73c5065e6ed4ecff28ebd3dfc590ab88e62bf25571f32faedcb2b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:43 GMT
server: cloudflare
x-amz-request-id: 2C5ADGH3XEJQVJH6
age: 82143
etag: W/"9c64ffb81e404f68ecdfa9868b75f64e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59228bb9b9a-FRA
x-amz-id-2: A7kvHj5nO9EUYrMOJdZXNS6RadyHLhOydsmecjbQwyEqRLWXNz0nFC9t3ZazIAcc9Lb2njxtIUw=

GET
H2 200 category-restaurant.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 2 KB
992 B 29ms
29ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-restaurant.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60d14e5ac34d4ef70efde9b4765687786dc13310a4c2ef9ded63968e1156032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:15 GMT
server: cloudflare
x-amz-request-id: B9Z7EQ2YCC7JZ2EV
age: 82114
etag: W/"00e5290e64df74c04fb02e0188b6f629"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59258ea9b9a-FRA
x-amz-id-2: OBcmzedfLiqdOsEYH9brmrhzzyq26jfUiN7wMUA/FwVOXag5uJgJ+5Y7gl8ewSDMj+dZWFTf7/o=

GET
H2 200 category-car.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 3 KB
2 KB 30ms
30ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-car.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2620d197f316fa24771a3a620ec7d54d3f924bec4e14c2957ed1b2de3ea709e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:38 GMT
server: cloudflare
x-amz-request-id: X396EQHVGCEE0M8A
age: 42031
etag: W/"792af703a5980c05b94cf908a7fedf70"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59258eb9b9a-FRA
x-amz-id-2: 4Il2cxEYnouA5g8JDRY7Gw7lUXShGVc3JkeSib9QpPKiarE2cHoDBNzY6lxsoA9KC7ZU19w6z9k=

GET
H2 200 category-hotel.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 1 KB
810 B 29ms
29ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-hotel.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928d03569d25f92fde8d90d31c29b954e64a5547f05696f050b7a10bd26e4c25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:23 GMT
server: cloudflare
x-amz-request-id: X399YQYTR9GV8DJ4
age: 42031
etag: W/"ec56fa663ea609401fc4b7898690bc71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59258f39b9a-FRA
x-amz-id-2: myCUNZZKfIv8kTGc0HnWOPb5KjdRgXJHjEX+g7SzblxiLO2euJTcJkBWe2Iz7GUP03dPZm1dG6A=

GET
H2 200 category-animal.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 3 KB
2 KB 29ms
29ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-animal.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8628eca915c8d9c8878277f12009ef247562927ee41a1d765333ffdc8ea58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:39 GMT
server: cloudflare
x-amz-request-id: 4BAX473KXT05FMKF
age: 82187
etag: W/"d519fd58e48cd546d61e6f1cf1a3e7c5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59268f89b9a-FRA
x-amz-id-2: pe9t06fv7MqII3ljf8qR8TfO64xtGhhcUecVCKgblY7w42zGXszX6cjXFTRzAZ7W3tXyx6WYHLE=

GET
H2 200 category-lazer.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 2 KB
1 KB 33ms
32ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-lazer.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d50a72e991a18151888b01e352da5e21632c98b4a4f8b0cb54421a1bab3ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:29 GMT
server: cloudflare
x-amz-request-id: 4BAR9PQBVM9JCE6V
age: 82187
etag: W/"0d5391db1c475921cd787f9ac1f6c95a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee592892e9b9a-FRA
x-amz-id-2: C5PpaQEy3Qrlgm518KAFtMHIQzANwu5C6Gf9368GqiYU0ZIArpKSyBfLh0fZPpNKKuYILi60Pf4=

GET
H2 200 category-vestuario.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 1 KB
966 B 28ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-vestuario.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aff31211972a6d23379c45387f50b07c35bdd094c0e4aa1ea30a51629381828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:47 GMT
server: cloudflare
x-amz-request-id: 4BAGSJMFBV1NJ0MW
age: 82187
etag: W/"cc1d294019ff53a7a9de9af36b8e3658"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee592892f9b9a-FRA
x-amz-id-2: rq8THHQWsgK6vbUjcAW+AQ4tS/rsyFfjAwuYvhStlbmBC85XLGc0PIRm8GzqLYDGvIe4J9d6w5E=

GET
H2 200 destaque-por-categoria-bg.webp
newpoi-assets.apontador.com.br/website/assets/img/content/ 23 KB
23 KB 362ms
361ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/content/destaque-por-categoria-bg.webp
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44097ada1ca37b49fcde0306c47c04261683b631eef57f9d21322aa17dbbe335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 13:12:19 GMT
server: cloudflare
x-amz-request-id: 3JX7KQP3SVFKTEYG
etag: "395ae50578f1efc8e3d22536ef69b693"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee59289329b9a-FRA
content-length: 23202
x-amz-id-2: b+/rg8hsMq/np39HDvhly3tH7MdB427iirx94J5YZ4U0WFufZAWxeTz2dnavANsdiDkw0Q4shSI=

GET
H2 200 destaque_por_categorias_mini.webp
newpoi-assets.apontador.com.br/website/assets/img/content/ 560 B
789 B 234ms
234ms Image
image/webp 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/content/destaque_por_categorias_mini.webp
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae05b5bf3a0d482b806731854b2f796f184d04960175949628f65f3d401ef1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 13:12:24 GMT
server: cloudflare
x-amz-request-id: 3JX9C9F5151NMGTD
etag: "c6f481c8646ea07ff9908d12ac9fc7d0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 770ee59299379b9a-FRA
content-length: 560
x-amz-id-2: jtapINS49wNNyQMSBJNGSfEXMZExIckGeL1LkZndrK9EmYMZtO1yz0sUR+RuYefzSmOW3nbvjsc=

GET
H2 200 star-checked.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 588 B
572 B 35ms
35ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/star-checked.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce55f56126915543568b61fd1d387f8e77c6f1d67175d83028a9ec25842090f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:36 GMT
server: cloudflare
x-amz-request-id: C54HGBGMK5NF84QG
age: 82186
etag: W/"f80986fc56345efb04600e7465e35ab9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59228ba9b9a-FRA
x-amz-id-2: hK9Lwtg0+D65ICyKm/+38GizaFZ+1yHITHovUvZGMj0XP/TxSI12dQo5fEjfxfdV7VjVy0IrUgo=

GET
H2 200 fone.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 1 KB
825 B 29ms
29ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/fone.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870b764f4b5567242d0a21b5500ec59f833961c144b79c418e7732d7b905a055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:14 GMT
server: cloudflare
x-amz-request-id: 1RH13F8D7NVNPYZP
age: 34981
etag: W/"4f1b52f771f0636798f520b3893cec7a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee592b9619b9a-FRA
x-amz-id-2: V5oZB0q8LXS40LzqOXM6t6aVp3tpx/xkNBCY53tXFlpYwwRuQOIUbZeO8pUmf6k73kg9ClEOHBk=

GET
H2 200 whats.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 2 KB
1 KB 250ms
249ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/whats.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc660cfeed8ed447fa3e750b0b2d62e5bb5ce398baaa24e3e57f24b763a3f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 13:11:04 GMT
server: cloudflare
x-amz-request-id: 3JX5XC00GZZP2GQW
etag: W/"8c9daf99d8dd05c124273f4bc7029e1c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee592c9679b9a-FRA
x-amz-id-2: QAEui7LjHQy7CL/lYveb3hxHbQ4PoTWQSK1YlPoR1jMhHmwdDiR91dM/tdMaWdeiheEpAmERabI=

GET
H2 200 linkedin.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 638 B
531 B 27ms
27ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/linkedin.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4442aa5c3efeebdcb5755c0eaac45d9fbc63c7c1704f8895d1d4d6fa96c65a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:11 GMT
server: cloudflare
x-amz-request-id: P19S6G8VTT1FK807
age: 82140
etag: W/"fc208164669765ecb606c79204abec4c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee592e99d9b9a-FRA
x-amz-id-2: 1oA6iQPhtRcJ22QRAPPxJ4kyeMP8hAIwM8w/Jou7RQWMu0wTB1a7YyVIxoxa5DYXa8eOCY8pi/o=

GET
H2 200 twitter.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/twitter.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43d4ee4d9440eb84382f7f2dc678e40f09e9d32c5d436bcb4269ca6f7992b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:41 GMT
server: cloudflare
x-amz-request-id: P19QEC4RMJ1FMK34
age: 82140
etag: W/"5eef5dfaa138edc69371b5ae5640e977"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee59319ce9b9a-FRA
x-amz-id-2: kWEW+zgbdbLCpYJXsFqgPX7xLSgTFAll4hD20abP3YUcZQvRwTJKv1RpQnlTPQrB+0Bdr8tqMGM=

GET
H2 200 facebook.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 523 B
507 B 30ms
30ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/facebook.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7eea794757dbbdc1dafd9b045a10823f8c5278bbc6ce5539d1b9239ee34fcf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:05 GMT
server: cloudflare
x-amz-request-id: P19JJQ0Z8B2B7VJQ
age: 82140
etag: W/"f12f105fa73c2f5c4ce009255b376c5c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee5934a089b9a-FRA
x-amz-id-2: LoKIWvZgmhZi/gQ9ZwHcfxw0lDpu4bqzNw/18BpOjmynjUmNGGaDPDNTz2B1CoHwB/rpSD8ublc=

GET
H2 200 instagram.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 3 KB
1 KB 28ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/instagram.svg
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1032cedc0643260906fe96d2abeacf18ef7a7f770f257626ebcc6da4c9ccf20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:51 GMT
server: cloudflare
x-amz-request-id: P19V6MQM7G6KKMKW
age: 82140
etag: W/"f33a67ab40f3e272f6c3118d2bd48488"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee5937a439b9a-FRA
x-amz-id-2: HsglujObgKB+Q900WEbalQhIzDDMpRmOjXF/Db/YrGe8HdRoquNdHOXZS98bh8q+L8ti5KA8NoY=

GET
H2 200 category-salao.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 3 KB
2 KB 34ms
34ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-salao.svg
Requested by: Host: newpoi-assets.apontador.com.br
URL: https://newpoi-assets.apontador.com.br/website/assets/js/app.js?version=0.1.175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a95dc992194b0df4c2cbbc0643525b91bbc50e6f4abbe0f037ddf4e1c7429aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:45 GMT
server: cloudflare
x-amz-request-id: 4BARZD3BJVFS99RP
age: 82187
etag: W/"0b23df8a9d0b9032afef4e89b435a707"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee5939a789b9a-FRA
x-amz-id-2: JDu/g1G3ZHrQOkbjj3pq+P4ZumXTosDo3u2vn79Hoi+tOi6h41IqFgjp7p4EgXAyJMVJNvw3P5I=

GET
H2 200 category-pizza.svg
newpoi-assets.apontador.com.br/website/assets/img/icons/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 104.22.15.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpoi-assets.apontador.com.br/website/assets/img/icons/category-pizza.svg
Requested by: Host: newpoi-assets.apontador.com.br
URL: https://newpoi-assets.apontador.com.br/website/assets/js/app.js?version=0.1.175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.15.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b64e68adfa9b3ded0f9e0aec61bdcaff2c4aea5bf4f6b87f11d0448cd6fecbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 13:11:27 GMT
server: cloudflare
x-amz-request-id: 4SAW32V774BKA4XJ
age: 87639
etag: W/"39f80d147449ddbe4acb968c3c0bab8f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 770ee593aa7d9b9a-FRA
x-amz-id-2: nDBn41uyLaETKAhluieUH0bO9ah0UEUthCJwyUxfAj9SthptqReo5Dj9F9y9yQpes8ULRDlo3zo=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
51 KB 268ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-59C45P

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be1c137b913a191e72ed7c77b942620911775a5d3bcebe3255e7c45e2d6868e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51296
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 00:13:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
19ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59C45P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3442
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 28 Nov 2022 01:15:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NJYMDW4MDH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59C45P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3453e2cc626685991e8dd7ad565d36c3cced14b4912ab5dc4c1df07aa98bcf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 00:13:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 90ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59C45P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1405 / 959 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Nov 2022 00:13:16 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 86ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NJYMDW4MDH&gtm=2oeb90&_p=1772670452&cid=1430814732.1669594397&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669594396&sct=1&seg=0&dl=https%3A%2F%2Fwww.apontador.com.br%2F&dt=Encontre%20lojas%2C%20servi%C3%A7os%2C%20alimenta%C3%A7%C3%A3o%20e%20outros%20lugares%20na%20sua%20cidade%20-%20Apontador&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJYMDW4MDH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
26ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1772670452&t=pageview&_s=1&dl=https%3A%2F%2Fwww.apontador.com.br%2F&ul=en-us&de=UTF-8&dt=Encontre%20lojas%2C%20servi%C3%A7os%2C%20alimenta%C3%A7%C3%A3o%20e%20outros%20lugares%20na%20sua%20cidade%20-%20Apontador&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1557856762&gjid=182475325&cid=1430814732.1669594397&tid=UA-2086338-9&_gid=1221720544.1669594397&_r=1&gtm=2wgb9059C45P&z=364811606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apontador.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 62ms
27ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1772670452&t=pageview&_s=1&dl=https%3A%2F%2Fwww.apontador.com.br%2F&ul=en-us&de=UTF-8&dt=Encontre%20lojas%2C%20servi%C3%A7os%2C%20alimenta%C3%A7%C3%A3o%20e%20outros%20lugares%20na%20sua%20cidade%20-%20Apontador&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1964800010&gjid=77245985&cid=1430814732.1669594397&tid=UA-2086338-1&_gid=1221720544.1669594397&_r=1&gtm=2wgb9059C45P&z=589013911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apontador.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 21:49:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
109 B 66ms
27ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.apontador.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

853c3c525cb96f5ef071f167471f65615952343c55ad008304cd365b0b890584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Mon, 28 Nov 2022 00:13:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 82ms
26ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2086338-9&cid=1430814732.1669594397&jid=1557856762&gjid=182475325&_gid=1221720544.1669594397&_u=YADAAAAAAAAAAC~&z=291627151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apontador.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2086338-1&cid=1430814732.1669594397&jid=1964800010&gjid=77245985&_gid=1221720544.1669594397&_u=YADAAAABAAAAAC~&z=431341008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apontador.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
29ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.apontador.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 74ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.apontador.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 89 KB
26 KB 512ms
511ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2510701532167919&correlator=3206034955830510&eid=31068367&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=1034948%2Capontador%2Chome_llb1%2Chome_slb1%2Chome_slb2%2Chome_slb3%2Chome_slb4%2Chome_lb1%2Chome_oop&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C728x90%2C1x1&ifi=1&adks=2471861852%2C2876982550%2C2664139644%2C432355477%2C356453174%2C829788326%2C3976537499&sfv=1-0-40&ists=1&cust_params=local%3Dsao-paulo%252Csp%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1669594397170&lmt=1669594395&dlt=1669594396236&idt=906&adxs=315%2C315%2C165%2C165%2C165%2C436%2C-12245933&adys=0%2C917%2C1999%2C2911%2C3747%2C4322%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.apontador.com.br%2F&frm=20&vis=1&psz=1600x0%7C1600x67%7C1270x67%7C1270x67%7C1270x67%7C1600x67%7C1600x4645&msz=1600x0%7C1600x0%7C1270x0%7C1270x0%7C1270x0%7C1600x0%7C0x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1430814732.1669594397&ga_sid=1669594397&ga_hid=1772670452&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb5d62ba46d229a38141649735208448abc56bf36ea6e8b54a64533f6ef409f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26886
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 186 KB
48 KB 286ms
286ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2510701532167919&correlator=2988515161351144&eid=31068367&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=1034948%2Capontador%2Chome_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&adks=3461528250&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=local%3Dsao-paulo%252Csp%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1669594397176&lmt=1669594395&dlt=1669594396236&idt=906&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.apontador.com.br%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1430814732.1669594397&ga_sid=1669594397&ga_hid=1772670452&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d779dcb88e2f428f1662b4b59119dc84428723ffdf6b95bba152914f74b3d929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49370
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apontador.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1350 6 KB
3 KB 111ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Tue, 28 Nov 2023 00:13:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 15:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13838
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 15:38:28 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 90ms
39ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2086338-9&cid=1430814732.1669594397&jid=1557856762&_u=YADAAAAAAAAAAC~&z=1629600756

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 75ms
29ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2086338-9&cid=1430814732.1669594397&jid=1557856762&_u=YADAAAAAAAAAAC~&z=1629600756

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 83ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2086338-1&cid=1430814732.1669594397&jid=1964800010&_u=YADAAAABAAAAAC~&z=458237453

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2086338-1&cid=1430814732.1669594397&jid=1964800010&_u=YADAAAABAAAAAC~&z=458237453

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 98ms
43ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f546c12af25f8d6f303f0b06e90007c74a93fe697a1be5eb08b23dc9b622ba36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11103
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H3 200 container.html Show response
1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCE0 6 KB
3 KB 58ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Tue, 28 Nov 2023 00:13:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=0&qid=COmP3OfLz_sCFXHPuwgdCYYGbg&ns=2452.5999994277954&fs=0&req=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ptt=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA39 13 KB
5 KB 65ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 23:08:48 GMT
expires: Mon, 27 Nov 2023 23:08:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 95BE 783 B
535 B 73ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8bf3b267e832ca7a5b927d69a1ab9f250ed9694bea4e3a3ac79b71e41f9646b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LHCkgn6DQRIEIQ9cvNggSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LHCkgn6DQRIEIQ9cvNggSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Mon, 28 Nov 2022 00:13:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame BCE0 4 KB
709 B 105ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 23:30:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 85C4 8 KB
1 KB 91ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 23:32:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 85C4 2 KB
765 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 85C4 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:25:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 85C4 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 15:41:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 85C4 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:41:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85C4 154 KB
48 KB 101ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 85C4 34 KB
14 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame BCE0 19 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 16:37:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCE0 205 B
520 B 65ms
23ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:45:48 GMT
x-content-type-options: nosniff
age: 1649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Nov 2023 23:45:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCE0 604 B
695 B 66ms
23ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:42 GMT
x-content-type-options: nosniff
age: 14015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Nov 2023 20:19:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 95BE 0
0 54ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2510701532167919&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame CA39 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 22:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 22:39:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA39 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zl1w2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1C8 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Tue, 28 Nov 2023 00:13:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75CD 6 KB
3 KB 18ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Tue, 28 Nov 2023 00:13:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F75 6 KB
3 KB 18ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apontador.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Tue, 28 Nov 2023 00:13:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 85B2 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 22:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 22:39:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6932 624 B
919 B 104ms
30ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNUVgBzhKunz8ZXw60Ynd0R2QHXfVl3UHhXV-EiR9LpBBDzXODuFCKvXS5JYQyu2S4AKlMq52uOhpQNbx1ZYXopA1ywEOczORkFh29Ry53742dgyjOP9b1la3re0c3hm7FFX5V2cem_pOawS2Nb7hj1IOB4TAKNAiLQh47xZKUVDkd-H3BE

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Mon, 28 Nov 2022 00:13:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A1C8 28 KB
17 KB 125ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzwgw7dzrK4BLnP9T3WgxqXTjBJdIh6uEa-uEd1gDF5USJzFb5hYtpFunDVtU3Oxl6EzNAWAid8zz7fPZzbWKYdUFMj_-wSp6G3HfoA4ov6uTQn0kVY-9kCgHRouaLpo6r8nTwtwK_rcrf0LvOXBAEufk0lUZVoay6i4j7ALdmBAMXHyw&cry=1&dbm_d=AKAmf-DSHQg9wdijm2sj-d4x4XJADNTIeNUKO-fgAbToBiDcizXZRiwJyrFJhIywCcyEQk5mNLU-OuB2-smrLuScVR7CkcYCEel7aCYPLgdiZ-RlNeU_93B_dWHyP9MYRz3EhrRwE2I6cL62st0FTaPM-DZhlfBlG1Z_RmLzT8RZ5FMjIRiRD-wv1oep2QThALbp98UgE3OHyGr0rmqVf3UZ9qgnSO0vds_Cakl1dGpnxdlwGM6v7ugvz9lRqqy5UOiDUG9ZpeAXaDF2K3mIsi6WMN7rEtaKYvCwsU17RUM3rjyQ6i25gq4re9hCSPud9_q0wM4ktBnQ6SC2Xyjr6U2drGdlZRTPymjdaXilJsG4vMbS2YZNkKSONgTjKMw26uIbVtAphTPU33AQtXp9kz3OQyMzx_rwW0B79dUeNDPZBf3b6gVy8tapVYzyykv-o5Ro8qL8S6OshD6V3r29sCNiJ_I9Jshf1JoNML6mvNRNQmApsdOxgf5dzclOlAmpubZ_GtqE4axRFAxWg0xzTMzFwnQzQMuZJW-xRslfqf4dyi-izOEbZvfzmUlLiXqPP2IbM_CZoEPmEsrCwKvU0A50CxrzTtiZBN4RWLW_uafsNkMEVF8kukEOqykbqoyyboNKUNAi5lS1_iyAd7dEjxY808tRDupWFE091ZngLYqpgI58M80zS42XcX7JCi1Ctkb9G-BMG4-bKeuODkQTFVZia2SK8bVpcxkKtpSowhN8f-Pql5cUDUzV6ERkX-mMvAxHEBTJSJKP_82hNJBOsX1KPtMTM08WsOWfKCqLhlYu1CjIhvBMunPbp7TqxSQ33W4LL5VVTu_LsQqMUZDFdPi_Xsz6lOWsZmkyCHkdzUwSmMcfcgp098PTGjGrBXmk8dNxgwMyiGPK6HCa6ogVWrINXZeMcGBfqv47lPqg8Jp5Y-7BWh-fTWCz4Q0upUKywgsQb5fwhLWRbN21EMLumNsSU7AVkB2hssXDD9gDx7jcZ96QriMh5CgNgETb7XQwRXhSdAMKOvYRbb9dIkVL03N7wxq1bE6t5kcS0VB-XbkxghlJp1p1L-QtY6hLiwZ6OTzzyjBimm1JFqCDNp2-kkFKvC6m8Vqc39tCZbAGPV7kkDN91TvgZWJ30g0w5CfuzrhIczY0RaCl0r4CXX9QU5auDuwLEbeVOFsppRfla0xkg_HmQBqlH4s-amKygikgt_IBWyGubOEAcbBu-ba_oykSPXbMX5nLCJwZqlqLxo9FMClHk_7JqYUHXFfLJnEGyhyp-xWSVCDmS8iAewM-GPLg5L4j3wKE6-eXSVPnjUHQf3WynnqND4_H0YSl7zDf4-sryhG49JDp2nqZ7W4-odMrYlxFyZVvoy95jzKLHmINI3gsVSSjAxltA3Je0HhTQybGvEuTlCGMK4_LyzLYc3XUH6STocWcNeJfTNiYvkzdW49N3BP1UETRFsLW5qLqX0vVmpKB3CVX0v4Pvro-LOq-deyLEJ4IR36XJ2FhoQaf5gailY9XrwW5eDP-P1pGulh-mKVTJDxWGkyVoI4pqhzNjryCwxuh-b32mmjNzsLSD92Dyt8bpxfMLLrUYXGA9dFeTQD-MnEC5Ped_mbBBtZQXuF9wV2u5WJ_Rz05bmektvE6KoM0FdIzrDESZoWmf7u3C1DD7JAdgP2Ommy3Jjh5P_SjsucJaSK2Bn6OmvepQ0tJypT3idG-l1wFS6Y9Tqd9L3q3rxiCcTNeU6u4ocVWw_4G2Do7tUrOccNs5a8czaqOsli83uN2sSuHi-ndqfrrZ2iIBUzu2a9rJIDhcU6rI-_L3KrWjq6RM-aK26YLSWaTUKiSzgBqxLNeJlrTeCOJoOgB6j9IpLNAfDJ8_YMe5yH7d43QGwa60IUEQffmbuJA79k65HKQsd3mrGm56ShC0h-molmQCEGcDqlnYOUVPQt4uIzYCrz3QCh1ZMCL7r_QCOeygGlc8cglLVLJTxiht9KzSYk2P4RuEc7zNGsKSbmk-VG4pA2K9jGBCQGOH6Dgdspq_hTUjD6Q2NCKqWd9-Y5lDCwl4N5I0fpM7RYRX_fJeROSYKt74xwGCjTzAHBzr184D850ieoQbiUJlo0ayWiO6La9oDz3juJyMkLhV9fOSqQImOfR54KQCoCUkKsWLD3tPCqyI2KGHFC6HFgZK_WBRKooDp1nirc_c8x2pyE7DMs10Z8hwuKog1nKOH-ckRkk1jAC5efElttRNnLzGqexcwNbUteB83sSuMvH30iBc7vT1j0gFjnBb_TO6bwaBwKtxKS4E5z0Q6vsX_U9GDFKrA_u-ScCVtbOr8lcay4BiJEumJe7MfehiJgDIDLr44AIa4EO_g_itWBma2CxfTJv9eHw_2RWRc4qPapWYg9vhhsXu7KZ3G0xdmiUvJBfztVPpomndbnrn9K3aj2oLMyQ6oT5GY3Zy6utEiEAGd7bh5r-gTDt4Hm_9TnNzzpIpmXpRn59S6CchXdRAqAliufWd7U1BKKkcHJWkNB8VJWUUOhLbbHv-KhfgCyw0yeNhKu7KDMMJLbX23NfmXWiARuZ9RWVhAkQci55yXk6Y1QO4ifwyPVJ3Ts5jXKsXg6bAE88vnLc70K-Ci0NObs2kg4WjihQKyDtHDZoQvjcq619qSRZvjPZxKUpEpCYp8OlzV1h6b2rtqmb9fNUKY7mpWhVbIe5oXVYqcgHzsZe8-_QnfMRYhtzTDPizJmE3ya-a_e7g2vimstxIJxoYkZWeZsUT8ue54vEPnSGIJErHYLGPM71hPPtoB7KLApVziny1BwzmMXsaH-4npRK3t5DS6Tj1yWatIRR-fV4DmNvwpqLGu8df5RQx-_a0w9b_x5hrq246HpV_Q-m0Wr4iQ7d2Iz4wpxkqFSAyloJm7lL3XxjT5C6eu2oMjandp5SejemCC8QoJdtEfElTYJpIniAsSs2lUgVlLhj1fqiKHJHaCnshIyNOqum8HR90U0kUKUmp8QQFH7mLxxFI2y3s9krhfROTfOmdzVYYYoN2np8pHBywzU1FVy7IRqlctSBPApJGMgN-secDAk-xmzrQ_3ehhOcxug-8ab8ip0wQoo79m1WkL9ueoeyMhyCKYTou62VuAajbw1MNeE7uizKHjAPcNNNUxBQvy8NRzb81cnypX1XMJNn8aVauKik40WaB1P1wqMR16n2XX-PGAfcCFHOvpuzxCI9Q0Jtycad00pgCnaYAbiuT7BdwZjLmozeoJsh95hyJRjBRtptuE-n_UrV-jpiLTYWvZHuxeJKqRuTKN9eksgAn8-xFjHSxfGEcv5_h15RKprumEbO65JgcFyI-UBCq3sBEvlpsVJPBsypKCPvIo4BoBSYsHkUh0ae5O0RS1zFXQfR3Xdg3kyRpTpTVQGF-yPoiQibOFuCKkRbQEEXbZIVy4urYziww8fevv82Zmyl4c5OBmfj_2urm0OvFIcnBUdxSWZCgHnObaOpH8dhQojlWks7jACfNbMpheflB7mG4oGoR77UiBW6kjmxsi3h7gmXVsdtvF4cEZkY_rRxN7Ku2oeCnP4pse8Iwulpc0wnCXg&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7dba8fcdf871b4b0426e7fc15c74cc659e64195c9a7aa7a7d3c703778a481e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1C8 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYRnRxtfWSKe3ys6XOUdDcW1tjXzHthGjf4t7wQkOJZxIMsJIn4zBtHTBjbtxbv1vV1zXJSXNXW2R2aYSuyOFks4kdqPGO-SJGf8cd0h93u7ct4EA

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A1C8 2 KB
3 KB 151ms
42ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXQnjHf2DY_PnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT7AU_QtPiuyBDAozuVu2BPc4hHciP09hKV-5m2eTbb5QqMOPfjDEvAiA1yq3GfprI0Y19egcZkliP9kpjEWNC2Ta-zDW8MvoSnUvCMwyegtlIU2By5xoRU9XShtaVP_T8jA6RNPTiDvvongM_akFcEaHVNxhRs0HjZ8bYmrxcJpHKGgIDQAzTAAqs_sp_YpUcxUwraFKM3f8K5S2y3mSIL6Hzz0QpCpkOPUnwegWctj_FnW1Ww4VaC97QRq_M1yyuGv_A8T2HRudgSvQaoUBvX9DBp7Ua4n2YaB3wv7TD49uckiTCgH5RNvnBpDHPGTKZkSAjDBmv6EsgT3IMqwATIneTbkwTgBAOQBgGgBk2AB_CMlf8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPlzasR0BMA2BMKiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_0wo32N6Q9lBV0TH2IAc7OWmTllYQ&client=ca-pub-9083063808846513&dbm_c=AKAmf-A8bqWhK6E7WVm8lS5kB6v9TAZZngaeZBiCeQgYORt4xXLvnlkSEJsEbXC9RMlg6cFOVaodAQA61cqLQgEn6XpfoLhzovyNTAud1z0Um5AGa2cmWfuC6qmiNj2c1vBPNV_dDKg-mRmp9OakgsIfF_1r7PhtnX_6SXFatJYPXGJ3ETrKAsg&cry=1&dbm_d=AKAmf-BojL1yJIn8W1LnDWkYfy2SX_nAgKv1YqPtcoDTnhbMAUEAy_pjDioCWoZsU5kgd1Fqb5JknxT5hq_bXXlwvR9nNJ7EfdtJoT86Pi-2WOAheHW1yoYfZJgU1FwvFeP_R2UQerGvLD9I6KyzqzZ4dPiSmy6GvOITWjq4VyiXfBzrnDZ82DUvOp4vmc9U2hLsl1_isdLqAT79cYum1sOzS0ryATouoRfbk2G72eh3HF7wGyOacj5swROuqFVesgv9mC6W-ZtxEgkE5smUMTAMG5KMS4UOsnn0G_XmBscDJlDP8ZmseggELtNpinc8POcBEg9ZYmjn1gGD7IB4xloygSO3B1NXXd8YmCsVj0n6ZkgLC31SAYdlJEVbFROsIc-dc_EmA4a8K0nM1u9unnUlq43xEQmXe4FtkxnjxYaXeSy9SBrW5CKl8-kz7TMjTffeXIkwua9HqPbRKiBmCB1DYLVoIe7-jL6Sg8Axr0S-uM6iqTndQwVhGwo3HEbdo1XqDzA1x_a_FIDSz3QjgLTgQKi73Hwc_EFrmtEMwWojPsts6dbdfPw&adurl=

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fb17db5be3138204f4c89c8c3235ba90cbf728fb2318e9eb80b339690998da1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2361
expires: -1

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A1C8 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 15:41:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A1C8 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1C8 154 KB
47 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A54 624 B
505 B 101ms
30ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNUoE2jh086uIgE5WpxiKRQ6ERI27-IaiyWfATFmkXgkkV0A6hFQVSR_yJue5CIFFx_bYSt984KDGQAjBLOED9gtfHyJ1421QVT1ASGPR-QlhEqvM5Lh3fP9wdehr-_-t7ehpHpFSjCpgIv-F524XGpwfm6CBJQyPyuEZXxe4S9qwFN0YrM

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Mon, 28 Nov 2022 00:13:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 75CD 28 KB
17 KB 134ms
64ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AA66JDNUA4oOt1fsZIFnmIePBPiOkytt337hCMjktUaWazzQXVVRFRfR2hT-DGcIHqY84HHGtrSypAEYqeeD_2trZJpZziiP5TAIDsn9DFU2FoYAEe8kXPxDB3aTyN-pO9GzCk8tFvBrRhwdwkRHmNPdJKM8ALKu1QDQVwcdwgELdYyIc&cry=1&dbm_d=AKAmf-BAotr4ApaH-QzJV81PZdyK9bIN4mTZODD6bw-WU2qBn5Fj93qKhTInqvZV6h1v920Wl_fDI43VoyvgmM6N3C5UaCZMhwY_l8HwOOdFjxoQjQx5yuzO_RpbF3hwj5jSWVL57d6CGr7jIF8vQdc6Kw3DQEtmacwKj6kGIkI8_nq7Gd3AgT2Gg7jtP1ZpWPUeqx1inqPdVBMOhrUjkVMHOQ6M0lyxk3UMyO9Sy7MF4nPIxHFu2VqnC4yDoXGMO1L88x-IhAryVKldlz1FzyN46GzqHGhf0pADBwwEpGG0MQNmMB6QyVZrZ6KMMMfjnmkiRhEnklHXfW-k9Nfmt589NIzFE9Xj3veJWMt-P-Lh_sYhOkmv9fMi0KVkc-8AeHMi7R0WTSMDagaRHe8_Tk6qJe8zVkm91FviK1gr4t8RPriOJt52ICsmR4ZHbB6uL2JhTzIfxFkfSxeMnOKd1jFEZzYIUAXqJw4sEBsUNeVrzxpU28Rlk_9CkxYxbCQo-PkNJJ-oY60wil-kTeNaQKNNiKHV9hgEOA8Y0g9i44iTEO_D5j8w2MZOz82NO48iBbE3YjnCJ9SsaFUBmcD1hSThSdW_0a2ov0zz5kbq3CMJ_XUTSf67a7ukVpYEVNKJKOpiRVSGZw8dffWfdTPbg7x7MIHH25EVegx2C0rgfjCw3wtaqiQ59vzekhsUk33mIFXdcIevglJr-MdhpEY7UgL7gIxEkSY09mMWeaV9wZadueqFUqY9_zEyC6x-SpzKTxM-tFNu3yhd7c64PSacL9lhXaQ1LzQMypfzOWB0PTCIZBENP658hsN6eAVxq9mm2wKIiFF-S3YwixRT54iWTZ893miWW8UFfjkbqaRM91DwDPWEjcnVCrnHr6dmExp5_27yUNA5roMlQewsSJGVSz3wohSXt1TQxiS9iPHjoQ6kn01YED0C1BH4O1jP6RD4uafAc9y05HZmroNVjDqWFzFnNccJf7YE28JQeRCYZHNyJgLhHEClQGJjw9oMEvXQWqlUXw8xjiPPQ8TUocrOeLgWHnPQxWIeb6uzT91LmaY79ufVl_bLyQKmpP_LsE-kHPHf13DuWLbRlk-o5ij1MzJsLGuX3aaXqbowAoz9KFGSAK2YdI8_RbUkW4Etg0O0Wn2RTlRQhY3n6eo5bdXyeb2HyhJZLCxfR68-lrsy7v4np6nb1hznrBl9jC_SfirhtnL7_dx0PFfBLEHEVv9w1Khe4wxWa3K_hQOU1sGFYAsFEm-c-T8q3oeXFewa8SrI7onMBa8EkgebG7GrXwV5dJvWt-detMyQghQCoCdF6jmbKLWfq1JIdQOvNAXEHGNvDuYZSMTXgihzpoYnoj-tJV2oLzGQ0khCrl6fOhdC_m573a75JVn_TX-cFR4wxpUXo3R1A88PrM6F9l-mVkE8aL8URkxCjHrGnl6_yGSKgUMthbZG5U-x2-_nvfpM29uKIFWZKNOXbuQi3njLHs74u_4M40rDIJOBbfUu60F1uybMQLhjBYbobse9ai19W5mg3pF5ZuSCDXiwyy3AezY3D0Ogg9V0WPO4ZO5zl9aVSnevsWKIqSCZatghcJM1SLLgaCjPIBPnzyHsOzFgGiovvzBqZA9pwhP9ReFmk0owtoE4E9E5kdihXcROoCSNCk3sviwwdJ75AmTdAY2rRDzehXt5D2-qrwEI7_EGGn8bujZMjzK9WMxKlfVrAKeKtAtJlzDhO2-HSAGTwjypODSq8Buba1aiSKermpiBkWQeFuMBgCd5dJVBr0-XSdZT5LCB9FZDegabik1FQn9dsDIrfKU_eDNO4q_JDWr7UBsybqsAp4ZWQx-Bn_Kqg_Fe9vqUu9X23D15HTndE_koJWwut-eM3KNJV3OtZ5H62909m4NfGxskwT-n71nWa707pCujFfJNMSdnKKrq1wT2HID7Ma3gewXn01a2dQrWgSjQlfo0QzOqlhBs3Qkw-9CQBvWNSPdEywhYrI5_d_S3bMRm2SEzQQ6cPjFlkGJ9eSXiIif_Pz6vvyYUl9vaeRJMJQ7plRScN7dFZUBAVeVdWqQQ1MOZp5v-_E24NsqGtQxOGbHBw7-lyng4P5vU3_wYxHxXSYuh7jcUr1g-Fpujgcgw3w1gbjl_xjwiOZl4Hgij2_EfBkCydLRRykGiFKw6VEwEAbxhF3P082X3Cglbi2ojDLcmhEFFXVSK9wwCiBcuhwL_Hk22D18-yd9PbXvbe7bq-L1wnfyweEtDiq3Vx-PjfbjF8r-UWQJ1HtJV6SkN_G1g-yl4heLulKl2L_hFp0qyzPXhLakxnffI6QoOT96qYHlVAydvYO_39NHqZC0PXzFtFcM0KMc9yT37GVakkjBDINIEc73RClpEOewUl15C2AaU1WmhLMxg5lqgP40CVZWhe3iOkztlIFLQWbKb7DHGZIQAsUvrifKIATkyU90FTVa_WyRlK8TAwX1INlNPs9xvudDeb0eUTyUF_SCX2Z3SNRNcMOwcX8tWHGPt4jv44m3uYxClkh4M7asdRFjVRaR2PsIxla6mBVOeGskN0whSP6fgWhWo_BHg62oaZm_LjzyTXJU_HRsmM5HnNNnO_FrhmQ7GP9BRBfVZNaEelkkix1Pbk0Lso_if1WHyVQO2DkG9woor9lsgRtsbvaVlzdoidqOz49iWzaFq3vXDCQ4nRKsmfMTRb5P6xWQPvCX90I9pzVcn96eLziAjzBTCSD5VudbgK29BNxse_azb7wsxd98MNfH2gSlw2S20qWUtgZCFaPzxvqwuO9XfIVHkgrZb7E7LhqgdkZMx9yWLutwJN-3qFaMURpZunCivAGtrldILiUXW4cOXNqFJtc_HhkdtoWilDJEJmJTSg7pQ1dItjDDJ_SFs90k_jMMWrbKfB_1Q_qBKtBS0DCAYLtvB_wGbq_xL56yBDoeJHfiAINDi1nU_11DOiE4cdjvDnscN4dOO640MRkQ7vv-QXBLCM0h0KME6YHs7ixw0bWhYPDRJ9JZBcfMOyKTlZJFNkbi-ce-s4pidP3YSHs0wEarWv7AiV8OH-TMClaAJvzdHgI7oHKaauEQdf6Er1okrXU6DGKhL0FMiVGbJdyBsKhyKugeBahWU7LzI-TJCefX_-GEh8DzPOhjf1OmFO2WVHHZBU0TMJMHMhFqFswkIp0egoaeUwvftcv1KcdyxIXdB7TgZZTx1iYHejgqJY3jI7b-YuZKSOU6gWb8fybEPsS1TAc5aiwTD9a2DrCx3ZfM8RXqr1_OWXa-vosL1SLqydapuKB7foZGPHelpBmkqudVMUKhXFKXOxLI7Yl5r1Nb0Q7Gw7HnYg5bsPaWxYGJQyWMlRHXjkmNdu_ZUIb6c5O9ZebsNzL6wZMFEuWw3zKsUOczjRXc0L-2brndAiFm-G2Ky4N6qY2ATOXoxvyyQ5GW1XDiG89v_1yFHvvs&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0d8c79e5d189c976b219ae87ace103d5430be3a29bc991dce2b8e543bbe629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75CD 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtYmvW0mAqQZYj0rvVwVKHlEVFr3RraF3hHvg1ZqxyAgLQlFLfk0MPzofEBcm7jCqbinHRE4uBzlMOrqGz7vRWF8wKoaGq14earSG2-s6bLBidJtI

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unit_renderer.php Show response
as.euw1.jivox.com/unit/ Frame 75CD 97 KB
26 KB 199ms
96ms Script
application/javascript 34.249.153.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.153.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-153-40.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 2894045981eecef28eb7202a50cc9285c222500cff8f74d7346418e4cc46ad95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 26359

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75CD 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 15:41:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75CD 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75CD 154 KB
47 KB 88ms
48ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CC98 624 B
505 B 99ms
31ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNV5pU98dQ0fZb1tbMCRKyeFqIJ5Pij2iERaJNfteae0uQltLpW1arOzxwixdOJOktCMCQQTEXGv44Vm2uYC_brSFds-GQOa_041nUvsBwcKRmeEYwI5kuBOiM1hfxDmWkQjTY0-V_WPdB02DUU7NWtgeGDaqTHTLRxVAeMMVayPUgo7gnk

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 00:13:17 GMT
expires: Mon, 28 Nov 2022 00:13:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1F75 28 KB
17 KB 138ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B51P6A3LJYwbfgUjlgcS_xMN1R5TJoOAimsHi-2vcJxxB7WA8vGcjuU-7lMB4rbkJm_NB2VE_qsQ22ZneVAJKLTXWqSSdM7Q2xi4T_EEmtzZUXcTsdxVWOhS_LS2LeWu24vbccCk1ATLIJB4ONDhLGz6gSDbFI1IP1g9vS-IouxmiAz78&cry=1&dbm_d=AKAmf-AWP2XlkaqEfq_fhEBESIsJhTzdQpsfvNXef5ufD1GrHhlFJNUmZT2jAOhI7Ud0f4GaOsbJqm_wzO2ophMFK-Bjb0mctHW6SnVZSLssULh-Oc61QcwzkihUHQRUW_Hn84ZUCSISaPh6DJGov4ftCaE34cZlDr_ySIi5ebfYj3WECE-34Rm8xKwiuCEkrO45wgUyFZkMPIKeUExYZVrbCtOhRM-VO9Q7_lJL6tC1v7Z8BvMCkoO9BHy7XA-DLYa10cZWVnlWzag2d6pteodeIFM4NK_x02l1EcFiYyXK0db88l-DkX1e9XMK9NvSKCVoDV75GPr_T24LZbXB-iLRnTuyzXUQLvBORThXAjhKED2-t1K8DqxUBKZw9F62dJDLW29es2ZhfWq4QXiIsGMszI2yd-ykraz9XTdDJY0HCtlqfc6QD2KnbiGUsu0qUndAINmA9k7M1Mih-iECwY5uJoyuT5GYQjj8g_5uX0U72wn0SI9jpSy0zQhiLW3AVlSwIBuFhkg2dLfDEZzr70Xr27UBjbiabYgwyjcnF_ST9oR-3pmFbLu-1Zta3LY97bJvDPfzcp_0tDvcDeP53eFdUy2InSHgBUnFOqwu73BFLoG9lRtdlnNpVJ0PSVl2oC3h249siaGYaSUJSgQAK3ek806XOIieeZ0YofFZUNM7UWtzv94AaKblf6S8iTEMFDrglIdKpWa_xVNhaAorjtzH4owV7tRHX0ffH6TXtm2IHAVm2VrsK78U-7_K2gBBgxLoZtaxBFuuBuqTr2h5aNRTpMq46Dz0hK3WLxy-b35eEYoOQ7yaphohoHxTi68pN4sV67i5X5atuG3oQtHMvg1yuhuIf7nc7uc-syDCaVuPh6_YcV_XNDgkFt50g2KKCfFf6Eh_l6WhnTj1iCfIBPrY02-_eLdpuIeXrcIbjWINKF0I-N6m_bR8BEMMqlzfxWaIxdFhlcy8-Np09wOcJbguSfVRQjDaL9G7xW3-Rn0obUorEdJav9vZYFj7sTDtvztY832aK9mSLmzRqpY-tQ1X1FRShRyTdsSegrUuRFyCfvIAmKnSpi3CgZruiaVlcIDZWyYwuDWb3Ua8jjAUDqiJZ9J5BN2PLVZEv4hqcVL67WTgk9shGe7qMZlaPIZczUw21pib-IiVNUp2w9h_EUBSASm1ALge_f5Yn3sPFVGNld3WkirRKnzvWEJGeNSkD2Q6rDyV0N94rl-s5umYMMYOANXnvBNlzaiYLyEt758TATAIf_hZqXhaLCX4zqn1LA6jYzMWUCUYQC7trPc_i0VVUakxi5ubrCjxctvePTi-FvKjYxPy0Np0t4co9p81mz5AOLAVujWnq36mNpevcbZ-4o461iLRdmU9N4gklaFsTenm2bSoG6OTI_21pcBPeVBPqYIStExsHUY4hqIB_Dz2RAT1BqoJzGteZJcfWobLW4_tf56o3mfuWW4ehI821zKkJAC1AHlRR0hLhCDEWiKPTPScQUrInT9PSW9IjW8CoRU1UJKIsNLg2R8qBHSfrm_w4rpAHPQpwgjQJscghClzUx8iBKcgntTaSXVCGXi9kPbeKXcIN60aDD6BdG2Z_NuRLkK7pFlu0yLUBYgexWPkBWhjvwyUwdJxjhH9VbrftGvrvp-K7lIByY3eEZ5wrUzDQ9F9dqaNuHuL_ZMfF7tR358ko6lRVIMyoxMx-7OXXmwTMZuw7wxis6yJjeoZozNqntwa3WenxQJvHqBo9RlyMJpKdLgVWKShebXCJfxtNiYpZckJOXCUNt19y24okZm3YtixpN_2GNKULAiRxmtUaAhryoFunzTP3hBBdl9VkV9E53kIrOiZdeZjYy8NDHvGM1KsNz0qfSUB0ZJprR-MsJwBnNYe-9L9XrIKiZkXWZgCUoz2a5-B_KU0CjyDhiVG1-QlodBdZnDXnHgrJH_3ebF08NvqTCw5uPzKkUBfQDGiCtd3j9XIZoPT58FX6nNY6hRwieUuMst64IAqjpnrnQ9rZFGstT5CdwO7AQlgN2ipYonXXOkBEOTOcYQrRDFdK2VOIYKo3np7VnuEUCvBS-16klPcxG6oW7uholuwPy53ynfkY-AWwtk0zOls4RtecufwvzUpoUl3sjGFchu4eSqRQ4urpjDmc1fC-pNoV00V5utLSudlkmU_bbfX6DRs9B7ob2NERb1dYGRe--0xzy3UmhAkJJaO5VLwxqnc24qzf_gYlS7qLS0JD7VmmMLDO3lAtCAU9h6UztPMgcfHjBufYThYJ-eDGQg2sajaCdx0qReiw11vOWzI5evJslXBVcYelGnDzAFla8dGIToTfNXS-VQP59-3o5CY5f-irtrnWiJNFt_TRMCDZyr-xUdpjs9IeiTLzyBv0_uZ3gN35vodiybzxoYiqikyf5KQMSddh4fAZRfrJby0-ninwS-c01xtpIOH_VoEvO-qvrwrmJHaiXeMgHUtcCquBxr1KcSOUfykdJs6zEeEMDwupFjqF6adk0gLpHP476Nzgk16b2gWUMUdZ46jqfHWV23BDWasN13J4mAssD_ESoxbwXF64f2b1O4SQhj-ESPngD_u47t_L-5yAICimIV7LTQDOSq7ihytq8Eddyox2EZ0EWkojb99QeOsCS81e8hP9Ee9pDeB3zwFHszugiq6opK5LGE5uhosz0fMEWPynZ_nYkIfL7C7onYS97aowJI-lmrhhAOaYl8cbWYWYL4DzplUG9ee07j9BySbjUq-ldleW1dwJAogfJtZWMPczOp05N3xYjOg_VgBbhM69c1iVotKXtNasi6eRVFHNJG0pGJrITdXwTWHryHfEIe2YQ_QoU0wL7wxmeJiutKHFVSPv1DeaMNMXV6GNYN7qZCGWiFAalTI4AFP3nJGEDOr20MozgflfF9Ecp5_OwvyxTawt_Q5VqQ7z3XvjS7bEkcbdgleEe70Hsn7y2cjlZ78blzJGFmhoYfMXBtHn4euvW1XPnwkVTekxU7nljs0fpHSLi-bj6c9oX7p9umvYyCJqJr3UOuFRawCHum4Au0y1zFjVLO1J4OfbdpX-1MgGR_MGD-TAdP_4RAoKjztGUpwDrzOcLjh1MC7p5DuknwcGcZ1CnBUipgHhA25c3CFwYBbKwJJ0vk1jUX5NH1_4Ubt7uAjUq3UoAo3mzfwY4kHW6CICUeSchUuY9LNXupH9Njm6F-mVoDsK-i1RbIlCtwQvaTDmHU4bbu7GBi9_KZJec_T_hnXjpsTuVy6WaCR4Rt0YAcY_3eNqWe2ocRusW5vKTRivMkYp-8ogkBiBr9KzjjhmwC4ID__CI9lUPEpMkPTmMzsldAKnTqe2Fn4zmDeEcu_FqTAV311Qq-5o2PLaqvREBOfOurRlsspEOIyRUIAEYy1jU7Y_XnpjVBB9AMtg-jgF5UwXwH3vjlwJ-zckkZuntQyAFcpwStSKUftwbco594ItZN1YwBpCZH8V6UMZuaqJE527iKuuw7WcMxbD0IOnQvybxSgtg5Tx9dUYRWz-MvkbYZVo8dmfmdDzPX3ns7YJnOHiSZTMlmuwg&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Requested by

Host: www.apontador.com.br
URL: https://www.apontador.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

782f733c875662dae47650f7c407d57ea697252a593eee55418bb7beb211d371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16983
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F75 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCbUYCsX_vfRG56fJcTqsFiUqOeQN0IPo7-UXGhRuk3-mK1-mxnA5h_mpc0m01V8XnuGSVhQPsVdTeJgwIbZ-RaUvYxTsJDMsg777u5BodeOX1MfU

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1F75 2 KB
3 KB 145ms
41ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTnnxHf2DY_LnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT3AU_QOaK-XA1-Nq53sZyGRUqUbDqcOGzClcoPukazNXUDqPJn7I4blwAIAJ6f4pfUQIaO3fiYnVflAT0O32T2-jWEbnvC1lqTMAtRcQgSqe44y20U9Oub84sNbTuZ5QXcudXtwOxiy7K32pdrrA-h-vz2PqtB4YA0VKBeLammeaiZvx9NdkuDiW2wABIa1DvyGljYZpZyOxwzDt196pQY_LaVNYCsNl5Vn9uDpQlwV7GMlJsNmy8xSC5fH1EmfbiWwNDJewhVWvOGN-FI6qKL03LV6p4SRt6xdQcJsNjGb1jPFLFOOK7qzi5p1zU5d9gFlWXyO92JUmbABMid5NuTBOAEA5AGAaAGTYAH8IyV_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-XNqxHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_303jjHGktCvgX1yfLlgNKac98iMg&client=ca-pub-9083063808846513&dbm_c=AKAmf-CJnPYou5jbZtcH9I19EWL96JHwznd_U8jSfEzSKBQ9M4RZM8YiA23DM3QVGvtHrsXNDzY_CMjJ55cX_Qonb_qRkNTZRy_r5le9Wr_0d8DeqEzT97HaIA6wXJnrjSBLjA_bVuGgyCqzjOTkh1FbLEpEqeDsRsuSEpFNKNIOaQRoFP7q4fs&cry=1&dbm_d=AKAmf-DDDU0PWDuGmzZ8aMUaUFvJRrJoC3cGwT-4imx-8pp39_g1uT-qprnkiVMdcgaJJy9w0DkeYMGN1mrXvJWPOKp9sn9EP3kqLDaX8F1G5Cz5fu9TfLHu8DInjQPdo4csP5o-pbu_cHPRDVrxigqJwSCxJQXa301v-2JcuMG_77isuJ7rAXJzKv0H882PGAur30QHeYjzOawy6tmIrpi9dslloz03OWGXzhfDU_xxSTrX9im7Lp4zymSXiM2wOxTGwe22Bw-3zjykcwSrs7GtVw9PpOkpoRx3wWlrwQGI8xHc40WzJ4m_lzZEIJha-Z7RotujSvgAvJ_DYDuvw77v__Dh4v49SLcnr_gSpUKWU9iJYu4rki92GQTvdehX0JOv7uTHIa24cYXaRAXuuyTvabN-DixpsJpRKcrRfr2nXKDz7rvwK0pg2Jgn3Bh_izro4oPtrx_3ssk4mpsytNbyCQmskj4qSX743cfvcO8cjv1ansifhidXh6DSoebo0gbpx_r1Jtqqc3gmWxxNn61hg45S5uYnk6juP9XMCJepBsjMFn1sh0E&adurl=

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1a2b51f303b57a9585fdd0608b1329d41d4025dc674835dbc7a7acb758a0f6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2359
expires: -1

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1F75 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 15:41:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1F75 18 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F75 154 KB
47 KB 94ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:13:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6932
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

43 B
766 B

19ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNUVgBzhKunz8ZXw60Ynd0R2QHXfVl3UHhXV-EiR9LpBBDzXODuFCKvXS5JYQyu2S4AKlMq52uOhpQNbx1ZYXopA1ywEOczORkFh29Ry53742dgyjOP9b1la3re0c3hm7FFX5V2cem_pOawS2Nb7hj1IOB4TAKNAiLQh47xZKUVDkd-H3BE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6932
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNUVgBzhKunz8ZXw60Ynd0R2QHXfVl3UHhXV-EiR9LpBBDzXODuFCKvXS5JYQyu2S4AKlMq52uOhpQNbx1ZYXopA1ywEOczORkFh29Ry53742dgyjOP9b1la3re0c3hm7FFX5V2cem_pOawS2Nb7hj1IOB4TAKNAiLQh47xZKUVDkd-H3BE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6932
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

43 B
1 KB

27ms
27ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNUVgBzhKunz8ZXw60Ynd0R2QHXfVl3UHhXV-EiR9LpBBDzXODuFCKvXS5JYQyu2S4AKlMq52uOhpQNbx1ZYXopA1ywEOczORkFh29Ry53742dgyjOP9b1la3re0c3hm7FFX5V2cem_pOawS2Nb7hj1IOB4TAKNAiLQh47xZKUVDkd-H3BE

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: 5a24b86a-cd4a-4c84-8dec-b009a8c56348
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: 0d4bdae0-01ba-412d-ae58-0bb0b8a4e2fd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6932
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3NjQyMzgyNjAxNTc1OTU3NQ%3D%3D

170 B
188 B

73ms
31ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3NjQyMzgyNjAxNTc1OTU3NQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: 80b86cdf-eb86-421d-ab2b-37f415566ca4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3NjQyMzgyNjAxNTc1OTU3NQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

43 B
766 B

19ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNUoE2jh086uIgE5WpxiKRQ6ERI27-IaiyWfATFmkXgkkV0A6hFQVSR_yJue5CIFFx_bYSt984KDGQAjBLOED9gtfHyJ1421QVT1ASGPR-QlhEqvM5Lh3fP9wdehr-_-t7ehpHpFSjCpgIv-F524XGpwfm6CBJQyPyuEZXxe4S9qwFN0YrM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A54
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

43 B
766 B

20ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNUoE2jh086uIgE5WpxiKRQ6ERI27-IaiyWfATFmkXgkkV0A6hFQVSR_yJue5CIFFx_bYSt984KDGQAjBLOED9gtfHyJ1421QVT1ASGPR-QlhEqvM5Lh3fP9wdehr-_-t7ehpHpFSjCpgIv-F524XGpwfm6CBJQyPyuEZXxe4S9qwFN0YrM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1A54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

43 B
1 KB

28ms
28ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNUoE2jh086uIgE5WpxiKRQ6ERI27-IaiyWfATFmkXgkkV0A6hFQVSR_yJue5CIFFx_bYSt984KDGQAjBLOED9gtfHyJ1421QVT1ASGPR-QlhEqvM5Lh3fP9wdehr-_-t7ehpHpFSjCpgIv-F524XGpwfm6CBJQyPyuEZXxe4S9qwFN0YrM

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: c99796f4-1c90-43a6-8735-3565aa756514
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: ea98c60f-aa52-4e51-8e16-0e04d13a6d75
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A54
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

170 B
188 B

74ms
31ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: a8919e6f-abad-4950-b0ff-197c9d5ca9fc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1

43 B
766 B

19ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNV5pU98dQ0fZb1tbMCRKyeFqIJ5Pij2iERaJNfteae0uQltLpW1arOzxwixdOJOktCMCQQTEXGv44Vm2uYC_brSFds-GQOa_041nUvsBwcKRmeEYwI5kuBOiM1hfxDmWkQjTY0-V_WPdB02DUU7NWtgeGDaqTHTLRxVAeMMVayPUgo7gnk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENuAX_UQLqcXgmULv_lev5c&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC98
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4P9Hjf9wQ9s4I2HPjgcBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1

43 B
766 B

19ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNV5pU98dQ0fZb1tbMCRKyeFqIJ5Pij2iERaJNfteae0uQltLpW1arOzxwixdOJOktCMCQQTEXGv44Vm2uYC_brSFds-GQOa_041nUvsBwcKRmeEYwI5kuBOiM1hfxDmWkQjTY0-V_WPdB02DUU7NWtgeGDaqTHTLRxVAeMMVayPUgo7gnk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENmgWcyJGo-aX_koFYmIbHw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CC98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBR55FaN1gRt1LwAEd90QkU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

43 B
1 KB

26ms
26ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQlY2jgQMY9MCE2QEwAQ&v=APEucNV5pU98dQ0fZb1tbMCRKyeFqIJ5Pij2iERaJNfteae0uQltLpW1arOzxwixdOJOktCMCQQTEXGv44Vm2uYC_brSFds-GQOa_041nUvsBwcKRmeEYwI5kuBOiM1hfxDmWkQjTY0-V_WPdB02DUU7NWtgeGDaqTHTLRxVAeMMVayPUgo7gnk

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: 436aada5-5963-43e1-a358-ae1ec6b001ad
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: 628cec5e-1d76-4d8a-b430-5b3ccc15c2ac
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBR55FaN1gRt1LwAEd90QkU%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC98
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

170 B
188 B

75ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 00:13:18 GMT
AN-X-Request-Uuid: fe23958b-e705-43fa-a078-773be2728f23
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NTA0NTU5MDQ4ODc2NTY3NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A1C8 29 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzwgw7dzrK4BLnP9T3WgxqXTjBJdIh6uEa-uEd1gDF5USJzFb5hYtpFunDVtU3Oxl6EzNAWAid8zz7fPZzbWKYdUFMj_-wSp6G3HfoA4ov6uTQn0kVY-9kCgHRouaLpo6r8nTwtwK_rcrf0LvOXBAEufk0lUZVoay6i4j7ALdmBAMXHyw&cry=1&dbm_d=AKAmf-DSHQg9wdijm2sj-d4x4XJADNTIeNUKO-fgAbToBiDcizXZRiwJyrFJhIywCcyEQk5mNLU-OuB2-smrLuScVR7CkcYCEel7aCYPLgdiZ-RlNeU_93B_dWHyP9MYRz3EhrRwE2I6cL62st0FTaPM-DZhlfBlG1Z_RmLzT8RZ5FMjIRiRD-wv1oep2QThALbp98UgE3OHyGr0rmqVf3UZ9qgnSO0vds_Cakl1dGpnxdlwGM6v7ugvz9lRqqy5UOiDUG9ZpeAXaDF2K3mIsi6WMN7rEtaKYvCwsU17RUM3rjyQ6i25gq4re9hCSPud9_q0wM4ktBnQ6SC2Xyjr6U2drGdlZRTPymjdaXilJsG4vMbS2YZNkKSONgTjKMw26uIbVtAphTPU33AQtXp9kz3OQyMzx_rwW0B79dUeNDPZBf3b6gVy8tapVYzyykv-o5Ro8qL8S6OshD6V3r29sCNiJ_I9Jshf1JoNML6mvNRNQmApsdOxgf5dzclOlAmpubZ_GtqE4axRFAxWg0xzTMzFwnQzQMuZJW-xRslfqf4dyi-izOEbZvfzmUlLiXqPP2IbM_CZoEPmEsrCwKvU0A50CxrzTtiZBN4RWLW_uafsNkMEVF8kukEOqykbqoyyboNKUNAi5lS1_iyAd7dEjxY808tRDupWFE091ZngLYqpgI58M80zS42XcX7JCi1Ctkb9G-BMG4-bKeuODkQTFVZia2SK8bVpcxkKtpSowhN8f-Pql5cUDUzV6ERkX-mMvAxHEBTJSJKP_82hNJBOsX1KPtMTM08WsOWfKCqLhlYu1CjIhvBMunPbp7TqxSQ33W4LL5VVTu_LsQqMUZDFdPi_Xsz6lOWsZmkyCHkdzUwSmMcfcgp098PTGjGrBXmk8dNxgwMyiGPK6HCa6ogVWrINXZeMcGBfqv47lPqg8Jp5Y-7BWh-fTWCz4Q0upUKywgsQb5fwhLWRbN21EMLumNsSU7AVkB2hssXDD9gDx7jcZ96QriMh5CgNgETb7XQwRXhSdAMKOvYRbb9dIkVL03N7wxq1bE6t5kcS0VB-XbkxghlJp1p1L-QtY6hLiwZ6OTzzyjBimm1JFqCDNp2-kkFKvC6m8Vqc39tCZbAGPV7kkDN91TvgZWJ30g0w5CfuzrhIczY0RaCl0r4CXX9QU5auDuwLEbeVOFsppRfla0xkg_HmQBqlH4s-amKygikgt_IBWyGubOEAcbBu-ba_oykSPXbMX5nLCJwZqlqLxo9FMClHk_7JqYUHXFfLJnEGyhyp-xWSVCDmS8iAewM-GPLg5L4j3wKE6-eXSVPnjUHQf3WynnqND4_H0YSl7zDf4-sryhG49JDp2nqZ7W4-odMrYlxFyZVvoy95jzKLHmINI3gsVSSjAxltA3Je0HhTQybGvEuTlCGMK4_LyzLYc3XUH6STocWcNeJfTNiYvkzdW49N3BP1UETRFsLW5qLqX0vVmpKB3CVX0v4Pvro-LOq-deyLEJ4IR36XJ2FhoQaf5gailY9XrwW5eDP-P1pGulh-mKVTJDxWGkyVoI4pqhzNjryCwxuh-b32mmjNzsLSD92Dyt8bpxfMLLrUYXGA9dFeTQD-MnEC5Ped_mbBBtZQXuF9wV2u5WJ_Rz05bmektvE6KoM0FdIzrDESZoWmf7u3C1DD7JAdgP2Ommy3Jjh5P_SjsucJaSK2Bn6OmvepQ0tJypT3idG-l1wFS6Y9Tqd9L3q3rxiCcTNeU6u4ocVWw_4G2Do7tUrOccNs5a8czaqOsli83uN2sSuHi-ndqfrrZ2iIBUzu2a9rJIDhcU6rI-_L3KrWjq6RM-aK26YLSWaTUKiSzgBqxLNeJlrTeCOJoOgB6j9IpLNAfDJ8_YMe5yH7d43QGwa60IUEQffmbuJA79k65HKQsd3mrGm56ShC0h-molmQCEGcDqlnYOUVPQt4uIzYCrz3QCh1ZMCL7r_QCOeygGlc8cglLVLJTxiht9KzSYk2P4RuEc7zNGsKSbmk-VG4pA2K9jGBCQGOH6Dgdspq_hTUjD6Q2NCKqWd9-Y5lDCwl4N5I0fpM7RYRX_fJeROSYKt74xwGCjTzAHBzr184D850ieoQbiUJlo0ayWiO6La9oDz3juJyMkLhV9fOSqQImOfR54KQCoCUkKsWLD3tPCqyI2KGHFC6HFgZK_WBRKooDp1nirc_c8x2pyE7DMs10Z8hwuKog1nKOH-ckRkk1jAC5efElttRNnLzGqexcwNbUteB83sSuMvH30iBc7vT1j0gFjnBb_TO6bwaBwKtxKS4E5z0Q6vsX_U9GDFKrA_u-ScCVtbOr8lcay4BiJEumJe7MfehiJgDIDLr44AIa4EO_g_itWBma2CxfTJv9eHw_2RWRc4qPapWYg9vhhsXu7KZ3G0xdmiUvJBfztVPpomndbnrn9K3aj2oLMyQ6oT5GY3Zy6utEiEAGd7bh5r-gTDt4Hm_9TnNzzpIpmXpRn59S6CchXdRAqAliufWd7U1BKKkcHJWkNB8VJWUUOhLbbHv-KhfgCyw0yeNhKu7KDMMJLbX23NfmXWiARuZ9RWVhAkQci55yXk6Y1QO4ifwyPVJ3Ts5jXKsXg6bAE88vnLc70K-Ci0NObs2kg4WjihQKyDtHDZoQvjcq619qSRZvjPZxKUpEpCYp8OlzV1h6b2rtqmb9fNUKY7mpWhVbIe5oXVYqcgHzsZe8-_QnfMRYhtzTDPizJmE3ya-a_e7g2vimstxIJxoYkZWeZsUT8ue54vEPnSGIJErHYLGPM71hPPtoB7KLApVziny1BwzmMXsaH-4npRK3t5DS6Tj1yWatIRR-fV4DmNvwpqLGu8df5RQx-_a0w9b_x5hrq246HpV_Q-m0Wr4iQ7d2Iz4wpxkqFSAyloJm7lL3XxjT5C6eu2oMjandp5SejemCC8QoJdtEfElTYJpIniAsSs2lUgVlLhj1fqiKHJHaCnshIyNOqum8HR90U0kUKUmp8QQFH7mLxxFI2y3s9krhfROTfOmdzVYYYoN2np8pHBywzU1FVy7IRqlctSBPApJGMgN-secDAk-xmzrQ_3ehhOcxug-8ab8ip0wQoo79m1WkL9ueoeyMhyCKYTou62VuAajbw1MNeE7uizKHjAPcNNNUxBQvy8NRzb81cnypX1XMJNn8aVauKik40WaB1P1wqMR16n2XX-PGAfcCFHOvpuzxCI9Q0Jtycad00pgCnaYAbiuT7BdwZjLmozeoJsh95hyJRjBRtptuE-n_UrV-jpiLTYWvZHuxeJKqRuTKN9eksgAn8-xFjHSxfGEcv5_h15RKprumEbO65JgcFyI-UBCq3sBEvlpsVJPBsypKCPvIo4BoBSYsHkUh0ae5O0RS1zFXQfR3Xdg3kyRpTpTVQGF-yPoiQibOFuCKkRbQEEXbZIVy4urYziww8fevv82Zmyl4c5OBmfj_2urm0OvFIcnBUdxSWZCgHnObaOpH8dhQojlWks7jACfNbMpheflB7mG4oGoR77UiBW6kjmxsi3h7gmXVsdtvF4cEZkY_rRxN7Ku2oeCnP4pse8Iwulpc0wnCXg&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 16:51:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A1C8 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 12:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 75CD 29 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AA66JDNUA4oOt1fsZIFnmIePBPiOkytt337hCMjktUaWazzQXVVRFRfR2hT-DGcIHqY84HHGtrSypAEYqeeD_2trZJpZziiP5TAIDsn9DFU2FoYAEe8kXPxDB3aTyN-pO9GzCk8tFvBrRhwdwkRHmNPdJKM8ALKu1QDQVwcdwgELdYyIc&cry=1&dbm_d=AKAmf-BAotr4ApaH-QzJV81PZdyK9bIN4mTZODD6bw-WU2qBn5Fj93qKhTInqvZV6h1v920Wl_fDI43VoyvgmM6N3C5UaCZMhwY_l8HwOOdFjxoQjQx5yuzO_RpbF3hwj5jSWVL57d6CGr7jIF8vQdc6Kw3DQEtmacwKj6kGIkI8_nq7Gd3AgT2Gg7jtP1ZpWPUeqx1inqPdVBMOhrUjkVMHOQ6M0lyxk3UMyO9Sy7MF4nPIxHFu2VqnC4yDoXGMO1L88x-IhAryVKldlz1FzyN46GzqHGhf0pADBwwEpGG0MQNmMB6QyVZrZ6KMMMfjnmkiRhEnklHXfW-k9Nfmt589NIzFE9Xj3veJWMt-P-Lh_sYhOkmv9fMi0KVkc-8AeHMi7R0WTSMDagaRHe8_Tk6qJe8zVkm91FviK1gr4t8RPriOJt52ICsmR4ZHbB6uL2JhTzIfxFkfSxeMnOKd1jFEZzYIUAXqJw4sEBsUNeVrzxpU28Rlk_9CkxYxbCQo-PkNJJ-oY60wil-kTeNaQKNNiKHV9hgEOA8Y0g9i44iTEO_D5j8w2MZOz82NO48iBbE3YjnCJ9SsaFUBmcD1hSThSdW_0a2ov0zz5kbq3CMJ_XUTSf67a7ukVpYEVNKJKOpiRVSGZw8dffWfdTPbg7x7MIHH25EVegx2C0rgfjCw3wtaqiQ59vzekhsUk33mIFXdcIevglJr-MdhpEY7UgL7gIxEkSY09mMWeaV9wZadueqFUqY9_zEyC6x-SpzKTxM-tFNu3yhd7c64PSacL9lhXaQ1LzQMypfzOWB0PTCIZBENP658hsN6eAVxq9mm2wKIiFF-S3YwixRT54iWTZ893miWW8UFfjkbqaRM91DwDPWEjcnVCrnHr6dmExp5_27yUNA5roMlQewsSJGVSz3wohSXt1TQxiS9iPHjoQ6kn01YED0C1BH4O1jP6RD4uafAc9y05HZmroNVjDqWFzFnNccJf7YE28JQeRCYZHNyJgLhHEClQGJjw9oMEvXQWqlUXw8xjiPPQ8TUocrOeLgWHnPQxWIeb6uzT91LmaY79ufVl_bLyQKmpP_LsE-kHPHf13DuWLbRlk-o5ij1MzJsLGuX3aaXqbowAoz9KFGSAK2YdI8_RbUkW4Etg0O0Wn2RTlRQhY3n6eo5bdXyeb2HyhJZLCxfR68-lrsy7v4np6nb1hznrBl9jC_SfirhtnL7_dx0PFfBLEHEVv9w1Khe4wxWa3K_hQOU1sGFYAsFEm-c-T8q3oeXFewa8SrI7onMBa8EkgebG7GrXwV5dJvWt-detMyQghQCoCdF6jmbKLWfq1JIdQOvNAXEHGNvDuYZSMTXgihzpoYnoj-tJV2oLzGQ0khCrl6fOhdC_m573a75JVn_TX-cFR4wxpUXo3R1A88PrM6F9l-mVkE8aL8URkxCjHrGnl6_yGSKgUMthbZG5U-x2-_nvfpM29uKIFWZKNOXbuQi3njLHs74u_4M40rDIJOBbfUu60F1uybMQLhjBYbobse9ai19W5mg3pF5ZuSCDXiwyy3AezY3D0Ogg9V0WPO4ZO5zl9aVSnevsWKIqSCZatghcJM1SLLgaCjPIBPnzyHsOzFgGiovvzBqZA9pwhP9ReFmk0owtoE4E9E5kdihXcROoCSNCk3sviwwdJ75AmTdAY2rRDzehXt5D2-qrwEI7_EGGn8bujZMjzK9WMxKlfVrAKeKtAtJlzDhO2-HSAGTwjypODSq8Buba1aiSKermpiBkWQeFuMBgCd5dJVBr0-XSdZT5LCB9FZDegabik1FQn9dsDIrfKU_eDNO4q_JDWr7UBsybqsAp4ZWQx-Bn_Kqg_Fe9vqUu9X23D15HTndE_koJWwut-eM3KNJV3OtZ5H62909m4NfGxskwT-n71nWa707pCujFfJNMSdnKKrq1wT2HID7Ma3gewXn01a2dQrWgSjQlfo0QzOqlhBs3Qkw-9CQBvWNSPdEywhYrI5_d_S3bMRm2SEzQQ6cPjFlkGJ9eSXiIif_Pz6vvyYUl9vaeRJMJQ7plRScN7dFZUBAVeVdWqQQ1MOZp5v-_E24NsqGtQxOGbHBw7-lyng4P5vU3_wYxHxXSYuh7jcUr1g-Fpujgcgw3w1gbjl_xjwiOZl4Hgij2_EfBkCydLRRykGiFKw6VEwEAbxhF3P082X3Cglbi2ojDLcmhEFFXVSK9wwCiBcuhwL_Hk22D18-yd9PbXvbe7bq-L1wnfyweEtDiq3Vx-PjfbjF8r-UWQJ1HtJV6SkN_G1g-yl4heLulKl2L_hFp0qyzPXhLakxnffI6QoOT96qYHlVAydvYO_39NHqZC0PXzFtFcM0KMc9yT37GVakkjBDINIEc73RClpEOewUl15C2AaU1WmhLMxg5lqgP40CVZWhe3iOkztlIFLQWbKb7DHGZIQAsUvrifKIATkyU90FTVa_WyRlK8TAwX1INlNPs9xvudDeb0eUTyUF_SCX2Z3SNRNcMOwcX8tWHGPt4jv44m3uYxClkh4M7asdRFjVRaR2PsIxla6mBVOeGskN0whSP6fgWhWo_BHg62oaZm_LjzyTXJU_HRsmM5HnNNnO_FrhmQ7GP9BRBfVZNaEelkkix1Pbk0Lso_if1WHyVQO2DkG9woor9lsgRtsbvaVlzdoidqOz49iWzaFq3vXDCQ4nRKsmfMTRb5P6xWQPvCX90I9pzVcn96eLziAjzBTCSD5VudbgK29BNxse_azb7wsxd98MNfH2gSlw2S20qWUtgZCFaPzxvqwuO9XfIVHkgrZb7E7LhqgdkZMx9yWLutwJN-3qFaMURpZunCivAGtrldILiUXW4cOXNqFJtc_HhkdtoWilDJEJmJTSg7pQ1dItjDDJ_SFs90k_jMMWrbKfB_1Q_qBKtBS0DCAYLtvB_wGbq_xL56yBDoeJHfiAINDi1nU_11DOiE4cdjvDnscN4dOO640MRkQ7vv-QXBLCM0h0KME6YHs7ixw0bWhYPDRJ9JZBcfMOyKTlZJFNkbi-ce-s4pidP3YSHs0wEarWv7AiV8OH-TMClaAJvzdHgI7oHKaauEQdf6Er1okrXU6DGKhL0FMiVGbJdyBsKhyKugeBahWU7LzI-TJCefX_-GEh8DzPOhjf1OmFO2WVHHZBU0TMJMHMhFqFswkIp0egoaeUwvftcv1KcdyxIXdB7TgZZTx1iYHejgqJY3jI7b-YuZKSOU6gWb8fybEPsS1TAc5aiwTD9a2DrCx3ZfM8RXqr1_OWXa-vosL1SLqydapuKB7foZGPHelpBmkqudVMUKhXFKXOxLI7Yl5r1Nb0Q7Gw7HnYg5bsPaWxYGJQyWMlRHXjkmNdu_ZUIb6c5O9ZebsNzL6wZMFEuWw3zKsUOczjRXc0L-2brndAiFm-G2Ky4N6qY2ATOXoxvyyQ5GW1XDiG89v_1yFHvvs&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 16:51:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 75CD 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 12:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 1F75 29 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B51P6A3LJYwbfgUjlgcS_xMN1R5TJoOAimsHi-2vcJxxB7WA8vGcjuU-7lMB4rbkJm_NB2VE_qsQ22ZneVAJKLTXWqSSdM7Q2xi4T_EEmtzZUXcTsdxVWOhS_LS2LeWu24vbccCk1ATLIJB4ONDhLGz6gSDbFI1IP1g9vS-IouxmiAz78&cry=1&dbm_d=AKAmf-AWP2XlkaqEfq_fhEBESIsJhTzdQpsfvNXef5ufD1GrHhlFJNUmZT2jAOhI7Ud0f4GaOsbJqm_wzO2ophMFK-Bjb0mctHW6SnVZSLssULh-Oc61QcwzkihUHQRUW_Hn84ZUCSISaPh6DJGov4ftCaE34cZlDr_ySIi5ebfYj3WECE-34Rm8xKwiuCEkrO45wgUyFZkMPIKeUExYZVrbCtOhRM-VO9Q7_lJL6tC1v7Z8BvMCkoO9BHy7XA-DLYa10cZWVnlWzag2d6pteodeIFM4NK_x02l1EcFiYyXK0db88l-DkX1e9XMK9NvSKCVoDV75GPr_T24LZbXB-iLRnTuyzXUQLvBORThXAjhKED2-t1K8DqxUBKZw9F62dJDLW29es2ZhfWq4QXiIsGMszI2yd-ykraz9XTdDJY0HCtlqfc6QD2KnbiGUsu0qUndAINmA9k7M1Mih-iECwY5uJoyuT5GYQjj8g_5uX0U72wn0SI9jpSy0zQhiLW3AVlSwIBuFhkg2dLfDEZzr70Xr27UBjbiabYgwyjcnF_ST9oR-3pmFbLu-1Zta3LY97bJvDPfzcp_0tDvcDeP53eFdUy2InSHgBUnFOqwu73BFLoG9lRtdlnNpVJ0PSVl2oC3h249siaGYaSUJSgQAK3ek806XOIieeZ0YofFZUNM7UWtzv94AaKblf6S8iTEMFDrglIdKpWa_xVNhaAorjtzH4owV7tRHX0ffH6TXtm2IHAVm2VrsK78U-7_K2gBBgxLoZtaxBFuuBuqTr2h5aNRTpMq46Dz0hK3WLxy-b35eEYoOQ7yaphohoHxTi68pN4sV67i5X5atuG3oQtHMvg1yuhuIf7nc7uc-syDCaVuPh6_YcV_XNDgkFt50g2KKCfFf6Eh_l6WhnTj1iCfIBPrY02-_eLdpuIeXrcIbjWINKF0I-N6m_bR8BEMMqlzfxWaIxdFhlcy8-Np09wOcJbguSfVRQjDaL9G7xW3-Rn0obUorEdJav9vZYFj7sTDtvztY832aK9mSLmzRqpY-tQ1X1FRShRyTdsSegrUuRFyCfvIAmKnSpi3CgZruiaVlcIDZWyYwuDWb3Ua8jjAUDqiJZ9J5BN2PLVZEv4hqcVL67WTgk9shGe7qMZlaPIZczUw21pib-IiVNUp2w9h_EUBSASm1ALge_f5Yn3sPFVGNld3WkirRKnzvWEJGeNSkD2Q6rDyV0N94rl-s5umYMMYOANXnvBNlzaiYLyEt758TATAIf_hZqXhaLCX4zqn1LA6jYzMWUCUYQC7trPc_i0VVUakxi5ubrCjxctvePTi-FvKjYxPy0Np0t4co9p81mz5AOLAVujWnq36mNpevcbZ-4o461iLRdmU9N4gklaFsTenm2bSoG6OTI_21pcBPeVBPqYIStExsHUY4hqIB_Dz2RAT1BqoJzGteZJcfWobLW4_tf56o3mfuWW4ehI821zKkJAC1AHlRR0hLhCDEWiKPTPScQUrInT9PSW9IjW8CoRU1UJKIsNLg2R8qBHSfrm_w4rpAHPQpwgjQJscghClzUx8iBKcgntTaSXVCGXi9kPbeKXcIN60aDD6BdG2Z_NuRLkK7pFlu0yLUBYgexWPkBWhjvwyUwdJxjhH9VbrftGvrvp-K7lIByY3eEZ5wrUzDQ9F9dqaNuHuL_ZMfF7tR358ko6lRVIMyoxMx-7OXXmwTMZuw7wxis6yJjeoZozNqntwa3WenxQJvHqBo9RlyMJpKdLgVWKShebXCJfxtNiYpZckJOXCUNt19y24okZm3YtixpN_2GNKULAiRxmtUaAhryoFunzTP3hBBdl9VkV9E53kIrOiZdeZjYy8NDHvGM1KsNz0qfSUB0ZJprR-MsJwBnNYe-9L9XrIKiZkXWZgCUoz2a5-B_KU0CjyDhiVG1-QlodBdZnDXnHgrJH_3ebF08NvqTCw5uPzKkUBfQDGiCtd3j9XIZoPT58FX6nNY6hRwieUuMst64IAqjpnrnQ9rZFGstT5CdwO7AQlgN2ipYonXXOkBEOTOcYQrRDFdK2VOIYKo3np7VnuEUCvBS-16klPcxG6oW7uholuwPy53ynfkY-AWwtk0zOls4RtecufwvzUpoUl3sjGFchu4eSqRQ4urpjDmc1fC-pNoV00V5utLSudlkmU_bbfX6DRs9B7ob2NERb1dYGRe--0xzy3UmhAkJJaO5VLwxqnc24qzf_gYlS7qLS0JD7VmmMLDO3lAtCAU9h6UztPMgcfHjBufYThYJ-eDGQg2sajaCdx0qReiw11vOWzI5evJslXBVcYelGnDzAFla8dGIToTfNXS-VQP59-3o5CY5f-irtrnWiJNFt_TRMCDZyr-xUdpjs9IeiTLzyBv0_uZ3gN35vodiybzxoYiqikyf5KQMSddh4fAZRfrJby0-ninwS-c01xtpIOH_VoEvO-qvrwrmJHaiXeMgHUtcCquBxr1KcSOUfykdJs6zEeEMDwupFjqF6adk0gLpHP476Nzgk16b2gWUMUdZ46jqfHWV23BDWasN13J4mAssD_ESoxbwXF64f2b1O4SQhj-ESPngD_u47t_L-5yAICimIV7LTQDOSq7ihytq8Eddyox2EZ0EWkojb99QeOsCS81e8hP9Ee9pDeB3zwFHszugiq6opK5LGE5uhosz0fMEWPynZ_nYkIfL7C7onYS97aowJI-lmrhhAOaYl8cbWYWYL4DzplUG9ee07j9BySbjUq-ldleW1dwJAogfJtZWMPczOp05N3xYjOg_VgBbhM69c1iVotKXtNasi6eRVFHNJG0pGJrITdXwTWHryHfEIe2YQ_QoU0wL7wxmeJiutKHFVSPv1DeaMNMXV6GNYN7qZCGWiFAalTI4AFP3nJGEDOr20MozgflfF9Ecp5_OwvyxTawt_Q5VqQ7z3XvjS7bEkcbdgleEe70Hsn7y2cjlZ78blzJGFmhoYfMXBtHn4euvW1XPnwkVTekxU7nljs0fpHSLi-bj6c9oX7p9umvYyCJqJr3UOuFRawCHum4Au0y1zFjVLO1J4OfbdpX-1MgGR_MGD-TAdP_4RAoKjztGUpwDrzOcLjh1MC7p5DuknwcGcZ1CnBUipgHhA25c3CFwYBbKwJJ0vk1jUX5NH1_4Ubt7uAjUq3UoAo3mzfwY4kHW6CICUeSchUuY9LNXupH9Njm6F-mVoDsK-i1RbIlCtwQvaTDmHU4bbu7GBi9_KZJec_T_hnXjpsTuVy6WaCR4Rt0YAcY_3eNqWe2ocRusW5vKTRivMkYp-8ogkBiBr9KzjjhmwC4ID__CI9lUPEpMkPTmMzsldAKnTqe2Fn4zmDeEcu_FqTAV311Qq-5o2PLaqvREBOfOurRlsspEOIyRUIAEYy1jU7Y_XnpjVBB9AMtg-jgF5UwXwH3vjlwJ-zckkZuntQyAFcpwStSKUftwbco594ItZN1YwBpCZH8V6UMZuaqJE527iKuuw7WcMxbD0IOnQvybxSgtg5Tx9dUYRWz-MvkbYZVo8dmfmdDzPX3ns7YJnOHiSZTMlmuwg&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&rfl=1%2Chttps%253A%252F%252Fwww.apontador.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 16:51:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F75 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 12:06:40 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A1C8 34 KB
16 KB 301ms
39ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXQnjHf2DY_PnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT7AU_QtPiuyBDAozuVu2BPc4hHciP09hKV-5m2eTbb5QqMOPfjDEvAiA1yq3GfprI0Y19egcZkliP9kpjEWNC2Ta-zDW8MvoSnUvCMwyegtlIU2By5xoRU9XShtaVP_T8jA6RNPTiDvvongM_akFcEaHVNxhRs0HjZ8bYmrxcJpHKGgIDQAzTAAqs_sp_YpUcxUwraFKM3f8K5S2y3mSIL6Hzz0QpCpkOPUnwegWctj_FnW1Ww4VaC97QRq_M1yyuGv_A8T2HRudgSvQaoUBvX9DBp7Ua4n2YaB3wv7TD49uckiTCgH5RNvnBpDHPGTKZkSAjDBmv6EsgT3IMqwATIneTbkwTgBAOQBgGgBk2AB_CMlf8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPlzasR0BMA2BMKiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_0wo32N6Q9lBV0TH2IAc7OWmTllYQ&client=ca-pub-9083063808846513&dbm_c=AKAmf-A8bqWhK6E7WVm8lS5kB6v9TAZZngaeZBiCeQgYORt4xXLvnlkSEJsEbXC9RMlg6cFOVaodAQA61cqLQgEn6XpfoLhzovyNTAud1z0Um5AGa2cmWfuC6qmiNj2c1vBPNV_dDKg-mRmp9OakgsIfF_1r7PhtnX_6SXFatJYPXGJ3ETrKAsg&cry=1&dbm_d=AKAmf-BojL1yJIn8W1LnDWkYfy2SX_nAgKv1YqPtcoDTnhbMAUEAy_pjDioCWoZsU5kgd1Fqb5JknxT5hq_bXXlwvR9nNJ7EfdtJoT86Pi-2WOAheHW1yoYfZJgU1FwvFeP_R2UQerGvLD9I6KyzqzZ4dPiSmy6GvOITWjq4VyiXfBzrnDZ82DUvOp4vmc9U2hLsl1_isdLqAT79cYum1sOzS0ryATouoRfbk2G72eh3HF7wGyOacj5swROuqFVesgv9mC6W-ZtxEgkE5smUMTAMG5KMS4UOsnn0G_XmBscDJlDP8ZmseggELtNpinc8POcBEg9ZYmjn1gGD7IB4xloygSO3B1NXXd8YmCsVj0n6ZkgLC31SAYdlJEVbFROsIc-dc_EmA4a8K0nM1u9unnUlq43xEQmXe4FtkxnjxYaXeSy9SBrW5CKl8-kz7TMjTffeXIkwua9HqPbRKiBmCB1DYLVoIe7-jL6Sg8Axr0S-uM6iqTndQwVhGwo3HEbdo1XqDzA1x_a_FIDSz3QjgLTgQKi73Hwc_EFrmtEMwWojPsts6dbdfPw&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 29 Nov 2022 03:03:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 93F6 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 216284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:08:33 GMT
expires: Sat, 25 Nov 2023 12:08:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7468 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 216284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:08:33 GMT
expires: Sat, 25 Nov 2023 12:08:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1F75 34 KB
16 KB 344ms
91ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTnnxHf2DY_LnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT3AU_QOaK-XA1-Nq53sZyGRUqUbDqcOGzClcoPukazNXUDqPJn7I4blwAIAJ6f4pfUQIaO3fiYnVflAT0O32T2-jWEbnvC1lqTMAtRcQgSqe44y20U9Oub84sNbTuZ5QXcudXtwOxiy7K32pdrrA-h-vz2PqtB4YA0VKBeLammeaiZvx9NdkuDiW2wABIa1DvyGljYZpZyOxwzDt196pQY_LaVNYCsNl5Vn9uDpQlwV7GMlJsNmy8xSC5fH1EmfbiWwNDJewhVWvOGN-FI6qKL03LV6p4SRt6xdQcJsNjGb1jPFLFOOK7qzi5p1zU5d9gFlWXyO92JUmbABMid5NuTBOAEA5AGAaAGTYAH8IyV_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-XNqxHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_303jjHGktCvgX1yfLlgNKac98iMg&client=ca-pub-9083063808846513&dbm_c=AKAmf-CJnPYou5jbZtcH9I19EWL96JHwznd_U8jSfEzSKBQ9M4RZM8YiA23DM3QVGvtHrsXNDzY_CMjJ55cX_Qonb_qRkNTZRy_r5le9Wr_0d8DeqEzT97HaIA6wXJnrjSBLjA_bVuGgyCqzjOTkh1FbLEpEqeDsRsuSEpFNKNIOaQRoFP7q4fs&cry=1&dbm_d=AKAmf-DDDU0PWDuGmzZ8aMUaUFvJRrJoC3cGwT-4imx-8pp39_g1uT-qprnkiVMdcgaJJy9w0DkeYMGN1mrXvJWPOKp9sn9EP3kqLDaX8F1G5Cz5fu9TfLHu8DInjQPdo4csP5o-pbu_cHPRDVrxigqJwSCxJQXa301v-2JcuMG_77isuJ7rAXJzKv0H882PGAur30QHeYjzOawy6tmIrpi9dslloz03OWGXzhfDU_xxSTrX9im7Lp4zymSXiM2wOxTGwe22Bw-3zjykcwSrs7GtVw9PpOkpoRx3wWlrwQGI8xHc40WzJ4m_lzZEIJha-Z7RotujSvgAvJ_DYDuvw77v__Dh4v49SLcnr_gSpUKWU9iJYu4rki92GQTvdehX0JOv7uTHIa24cYXaRAXuuyTvabN-DixpsJpRKcrRfr2nXKDz7rvwK0pg2Jgn3Bh_izro4oPtrx_3ssk4mpsytNbyCQmskj4qSX743cfvcO8cjv1ansifhidXh6DSoebo0gbpx_r1Jtqqc3gmWxxNn61hg45S5uYnk6juP9XMCJepBsjMFn1sh0E&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 29 Nov 2022 03:03:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 97E7 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 216284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:08:33 GMT
expires: Sat, 25 Nov 2023 12:08:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK layout_renderer.php Show response
as.euw1.jivox.com/unit/ Frame 0812 294 KB
52 KB 93ms
92ms Document
text/html 34.249.153.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.153.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-153-40.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3f0c80055ab21963d78481dfae7abb423a89f274d6a8cf34998f0364e04d5c2

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Nov 2022 00:13:18 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 75CD 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4694c95ecb2077683d94b6ceff327a4b52afff71b7488e87d05b00e195ac8a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 93F6 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 22:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 22:39:25 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 7468 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 22:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 22:39:25 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 97E7 36 KB
16 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 22:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 22:39:25 GMT

GET
H2 200 jquery-2.1.0.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame 0812 82 KB
29 KB 75ms
21ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 12:54:05 GMT
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 40754
etag: "84642ab523899a6150af1489287de4de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 29294
x-amz-cf-id: U3gD2G08HUlQkay1F7I6xcKQicdajVYJFMqc85xpN3xT4vMtGPjcLQ==

GET
H2 200 velocity-raf-disabled.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame 0812 34 KB
13 KB 90ms
37ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/velocity-raf-disabled.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 01:53:45 GMT
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 80374
etag: "6db08f58b76a3c4459a454a7acf752ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 12405
x-amz-cf-id: exxs2KO63YUMOYbBT5id4CI5oZXRLJorbNuw7ZSAjcglYawVCeLzgw==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 0812 29 KB
6 KB 91ms
39ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 05:34:33 GMT
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 67126
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: THRUkJG8qlMLU8QA7ei20XsX5SCk0I7U-UiLExRP7BDg6jI3Dg5QqQ==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame CC3E 29 KB
6 KB 19ms
18ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 05:34:33 GMT
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 67126
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: tzHdb70IGU3ongjfcMXtGUEpD42KMBhLN8AsjyYclOcgFbTEy-YawA==

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame CC3E 236 KB
63 KB 210ms
26ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 28 Nov 2022 00:28:18 GMT

GET
H2 200 mazda_970x250_jvx.js Show response
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/ Frame CC3E 26 KB
6 KB 68ms
19ms Script
application/x-javascript 13.32.99.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/mazda_970x250_jvx.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-115.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9423269a7f4d0dc276ee47a2b7fa33df3284d350f38792dcba7c45174329fbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date: Sun, 27 Nov 2022 20:41:30 GMT
last-modified: Thu, 27 Oct 2022 16:50:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 50834
etag: W/"5630c7e2ff14249d3106257cd2d08aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: 8h26dkkiUhexd2BtDace0BaT4eGE7yFC9PqyB3vPuTFyNBuhRMRHMw==

GET
H2 200 canvas-text.js Show response
playercdn.jivox.com/1651821427/player/js/ Frame CC3E 8 KB
2 KB 19ms
19ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/player/js/canvas-text.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:49:11 GMT
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:22:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 35962
etag: W/"92cdc84e4a0a05215db6931b920e15fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: ZMv8Ggie7OhTd91Gdq1MOCGRNgv0zPgu3dwZMO8Mxg7CcSSiOuTgeA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93F6 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpAGAHf2DY4D9NeeW9u8PlueN-AIAAAAAOAHgBAI&bg=!WlmlWR3NAAbvMpMzzzI7ACkAdvg8WsrUZKPAp9qFnfgM49JhkH-VG-mge6F3L6tcxKGMHze-klKwaAIAAACYUgAAAAJoAQeZAvcTl5AQXUKMHdI_c92oSxV6G1yvkEKkxXYMqcTRSITn3XcQrpsGlxtxl8ksGCEn3j0NqDQNnPTwRbQBVpQ4epEoXrmoc9I4XSdAh3q28F68r1Ay0zXtdK80DGbvowjpNXs6yNz7eL8pf7KS72vX_08pwN6rx6rsNXc4WfTa0yg3Tv495WVoPq3LPOMTY3pBz-XRwiH6pB0E_mm4mi7qeq7OYn3wsufH5a2J5ho_0TaUQBHxjzT2iqSQXdpouhNzhHZi-CfPSpz6ue7u5sT5GHaB9l9c6a-P25aJXkyem0ZbxC5w0XIOeJJRMkeGXUlyJ0gqXhfNDrZejuoSt_XJPJ6rcBXaRF95xAO8zej5BGUxOJGRAHEWTv6nDIvAtUJbjOD2T-KtVXIf3s7eU167NTh5PIpW0OToTup1b7uuo1VIlmg5bmP0zJ_wnIVYep4n47l3sS4YZs6SyeQSLvp_ahdaZD3mhrxCDAMnW_fSV9iFeN4C5Ck1ycqfvg8DKL77iy2oRsNUR_NxLuYkEnF9vvAVJEv6vKtL8OLn61niSfpp08vYSGaFgpAc8pyLFBhJ_smfSuakoS4uShbt0OmFXct2Rqvmf1q62PXW6Qxv5JVQA7jX3RPzQTN5K6N1QNZJKLESl1iJDYm-0rXlZuIrwpU5DhwVqKDEo43yxDdiJbfXfA_7re8UWtTQKeKYLXSQm5U7Bwh6lC_E-MawG6meFcs1XPCVBqJxi0caS9vl7Hr0igcYAAeW0fKyfh7T0gU59b1lYGlQQyTFnmu7n6nGW0OcwzZnGOyEUQZ4ZcOj_ut7Ao_iFG2N_6eMPY-M9a0SIoFTs1RkycHQrba_TaklWhxk31G9A4TSnZpC79zSFBepU_NKtX4HP1GVp_cgqfoau90nVsMc1e51CHZDX6D6JXnbDPBEcMn04J0M6f7j8PBMsgc-3XdC0CYxA2bcVHJEti2Lz4XW-S9ih1RKbAZDHbjUVcmxExaMm_4xLJbOX3kOOVWEq94bR74

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT05NzB4MjUwL3I9MC40MDE5NjQyODEyOTY2MjgyL2Vz...
evs.euw1.jivox.com/trk/66/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/ Frame 0812 43 B
229 B 153ms
45ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/66/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT05NzB4MjUwL3I9MC40MDE5NjQyODEyOTY2MjgyL2VzX2V0PTAvZXNfY2dOYW1lPU1NREVfTTIlM0FEZWZhdWx0X25vK2xvY2F0aW9uX1dlZWtlbmRfRGF5X0JvbmRfcmVkX3YxL2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrRW5kX0RheQ==
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 00:13:18 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/60/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/ Frame 0812 43 B
230 B 152ms
45ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/60/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENEVmlmSGYyRFlfVG5EYXlzOXU4UGlkV2FnQWFJbnJ6SWJaQ2h5OXZkRUxqVXNZYlRBUkFCSU5TT21DRmdsWUtBZ0xBSG9BSG00OTdwQXNnQkNha0NfVjNpZXA5d3NUNm9Bd0dxQlBnQlQ5QWd6TUpIMElmRHJoZy0zSlVSM1VHQXZSX1hJRGs0OFJZWWd5Tkw4M1E1QXJpdkxQQXhWSGJWR04zVlUwOFQ2TDNHNnk2UlVscTJhWnJOSWc3LUkwZHVhbk84Wlk3MVFPZFY3c3B4SXlXakd0a3FCU1R5dXp0YXo3ZTVRVjdGbmotQWY3WF9jb1pqaDltNTFVZlpISzJMbTZaTTlIeXowWFNWVkV1R1MxaDM3MmtORjJ4ZDZQNHBBRXhZU2pKTmhTOGJBd2paajVqZC1qdVl4aWpmaVNzRG5rUnBlUmhnX0NMZHMxZXZpUld2Z3lzN0w4bzJJajhzQmFPTm1zTS1YSV9wdXdTM25lUHl1VTZaSlNPbl9mRkZhdUNXTFdjWF9QRFBKSWlEOXRnSDhsaEZsS2ptbEx0UmVnaFlZOHFPTnlYYmc2emdvS1hBQkpIVmk3MlNCT0FFQTVBR0FhQUdUWUFIZ3B5aGxnR29CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uckVDcUFla283RUNxQWZWeVJ1b0I2YS1HNmdIbWdhb0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dSQ0lEaGdCQVFBUmdkTWdLcUFqb0NnRUNBQ2dPWUN3SElDd0dBREFHd0UtalBueEhRRXdEWUV3M1lGQUhRRlFINEZnR0FGd0UlMjZhZSUzRDElMjZudW0lM0QxJTI2Y2lkJTNEQ0FRU1RBRHEyNk45Y0FiSG9RZmpyRDlPcVp0dkNJS2lEM3o3YkZLWTV6UnRENVBvWDZ1Wm9nOFAwU2x1VVVnYUEwSklsSWtYZGRTc0QtOFkyZ29DT25KSzlFMU5ZcWc2UEh0NlZmZ2NueW9ZQVNBVCUyNnNpZyUzREFPRDY0XzBkWDcxRE9VWTFCamE0b2hFN2poMFM0TzR3MlElMjZjbGllbnQlM0RjYS1wdWItOTA4MzA2MzgwODg0NjUxMyUyNmRibV9jJTNEQUtBbWYtQWl1VUp3QjlMLUwwWS00RzZQdnRlWjhGZXZrM01kLXVyWmx5V3BGbk03cFF1eV9vUUZUS1FEME1XRlR2VEp2WmFLUGpEVG0tdllGdDNlOFNncEVSUnhoYkJ4NTRWTzl5QUtSZnlnbUpDN3RWUUQ1RXdRMHdTZGVrelllZUNpMm1ORkFvaXR6cGJGdG8xWWRzd1JGVFFiYjc2MkhuUmkybnFBZEVuZjU0NFJhSWktRDNNJTI2Y3J5JTNEMSUyNmRibV9kJTNEQUtBbWYtQ1pDWlVrUnR0VDFqd2FQUW5PZ19QMm9kU0lxbUZBUzhKRkZORk5xYVVTNmtiMlhsLUtQYmtNOFBEMlVQbVJQdDBYRERQd2M2NU5ZUzhUUDNEY1hsWmF2YXlqNFBpY2w1WHhBU0pQWWJHY25Ob3lZUUZrZDBDSllZZVFXNFduUmpMcGR2Y29WMlphVVNHTVF3LTc2dWZ2V3c2cWdnYkF0VjdKSFNOLWpsZzJ0eERsTUs2WGVRWFFLaEJMNkxzajhGVWdJZkFlMVl0SnVnTHVVMEc3UUkyUnpZQXgzRXpPWlBlanpkS1pSODFDRXlRM2dMSDc0NXNVWnNOTnJBQmZCeHVtaWNhU3ZsRVdBdmxoZEh2RGhGUTMxYzlFVlA3cmUtZURZZ21HZ1Roby1JLUdLeFpiYkx5NWdKanMtN1d3eEp6UjJ0WFFtOWZqX0VsaDJKWUJUMVE2QVMzaHVKTS1DanAxdFB2eXNMQXA4bU9zcy1IU3hualUybnE0VFVPNUpEd1dQR0NpeVFBT3hzc3dpMEVvX3NFQzY3bXdFTVNfMXUyTWQxTHh2YUlKV3R1R0NzUy1hd2o3ZFR0dHlvbU0xZFkzUnhhOThrR3hsQ2g5dW1uQkY3RVRaYjBoT0t0TzBXcHVyQ0tBYU1lWU4yYVkxN1hLQkcxM0NtTmtGNFdlX1VXZVl5NDcxeGtjWlByajQ3cjlMUHN1Ql83MjM2MjZqOGRJbi0yYkR4aktkb1J0aHl3JTI2YWR1cmwlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy5tYXpkYS5kZSUyNTJGbW9kZWxsZSUyNTJGbWF6ZGEtY3gtNjAlMjUyRiUyNTNGdXRtX3NvdXJjZSUyNTNEZG91YmxlY2xpY2slMjUyNnV0bV9tZWRpdW0lMjUzRGRpc3BsYXklMjUyNnV0bV9jYW1wYWlnbiUyNTNEbW1kX2Fsd2F5c19vbl9kY29fY3g2MF93ZXJiZW1pdHRlbF9kZV8xNTdfMDkyMiUyNTI2bW9kZWwlMjUzRG1hemRhJTI1MjUyMGN4LTYwJTI1MjZib2R5JTI1M0Q1d2duJTI1MjZjYW1wYWlnbl9mb2N1cyUyNTNEbWF6ZGFjeDYwXzV3Z24lMjUyNmRtcF9zb3VyY2UlMjUzRG5vJTI1MjZkY29fc291cmNlJTI1M0R5ZXMlMjUyNmNhbXBhaWduY29kZSUyNTNEbW1kX2Fsd2F5c19vbl9kY29fY3g2MF93ZXJiZW1pdHRlbF9kZV8xNTdfMDkyMi9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5ldXcxLmppdm94LmNvbSUyRndpZGdldHMlMkYyMDIyJTJGMTAlMkZhNzI3OTh6NjM1YWI2YzdkZTQxZCUyRjElMkY5NzB4MjUwJTJGbWF6ZGFfOTcweDI1MC5odG1sL2JEaW09OTcweDI1MC9yPTAuMjY0NDk0NTU1OTAyNTgzMy9jbGlja01hY3JvPWh0dHBzJTNBJTJGJTJGZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0JTJGZGJtJTJGY2xrJTNGc2ElM0RMJTI2YWklM0RDRFZpZkhmMkRZX1RuRGF5czl1OFBpZFdhZ0FhSW5yekliWkNoeTl2ZEVMalVzWWJUQVJBQklOU09tQ0ZnbFlLQWdMQUhvQUhtNDk3L2NhY2hlTWFjcm89MTY2OTU5NDM5NzIyNjI5Mi9wYWdlVXJsPWh0dHBzJTNBJTJGJTJGMWY5YmEyZWVkOTQ5NjRiNTZjNDIzZGRlMjAxMzhmNTMuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSUyRnNhZmVmcmFtZSUyRjEtMC00MCUyRmh0bWwlMkZjb250YWluZXIuaHRtbC9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2VuZF9EYXlfQm9uZF9yZWRfdjEvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtFbmRfRGF5
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 00:13:18 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/77/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/ Frame 0812 43 B
229 B 153ms
46ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/77/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENEVmlmSGYyRFlfVG5EYXlzOXU4UGlkV2FnQWFJbnJ6SWJaQ2h5OXZkRUxqVXNZYlRBUkFCSU5TT21DRmdsWUtBZ0xBSG9BSG00OTdwQXNnQkNha0NfVjNpZXA5d3NUNm9Bd0dxQlBnQlQ5QWd6TUpIMElmRHJoZy0zSlVSM1VHQXZSX1hJRGs0OFJZWWd5Tkw4M1E1QXJpdkxQQXhWSGJWR04zVlUwOFQ2TDNHNnk2UlVscTJhWnJOSWc3LUkwZHVhbk84Wlk3MVFPZFY3c3B4SXlXakd0a3FCU1R5dXp0YXo3ZTVRVjdGbmotQWY3WF9jb1pqaDltNTFVZlpISzJMbTZaTTlIeXowWFNWVkV1R1MxaDM3MmtORjJ4ZDZQNHBBRXhZU2pKTmhTOGJBd2paajVqZC1qdVl4aWpmaVNzRG5rUnBlUmhnX0NMZHMxZXZpUld2Z3lzN0w4bzJJajhzQmFPTm1zTS1YSV9wdXdTM25lUHl1VTZaSlNPbl9mRkZhdUNXTFdjWF9QRFBKSWlEOXRnSDhsaEZsS2ptbEx0UmVnaFlZOHFPTnlYYmc2emdvS1hBQkpIVmk3MlNCT0FFQTVBR0FhQUdUWUFIZ3B5aGxnR29CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uckVDcUFla283RUNxQWZWeVJ1b0I2YS1HNmdIbWdhb0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dSQ0lEaGdCQVFBUmdkTWdLcUFqb0NnRUNBQ2dPWUN3SElDd0dBREFHd0UtalBueEhRRXdEWUV3M1lGQUhRRlFINEZnR0FGd0UlMjZhZSUzRDElMjZudW0lM0QxJTI2Y2lkJTNEQ0FRU1RBRHEyNk45Y0FiSG9RZmpyRDlPcVp0dkNJS2lEM3o3YkZLWTV6UnRENVBvWDZ1Wm9nOFAwU2x1VVVnYUEwSklsSWtYZGRTc0QtOFkyZ29DT25KSzlFMU5ZcWc2UEh0NlZmZ2NueW9ZQVNBVCUyNnNpZyUzREFPRDY0XzBkWDcxRE9VWTFCamE0b2hFN2poMFM0TzR3MlElMjZjbGllbnQlM0RjYS1wdWItOTA4MzA2MzgwODg0NjUxMyUyNmRibV9jJTNEQUtBbWYtQWl1VUp3QjlMLUwwWS00RzZQdnRlWjhGZXZrM01kLXVyWmx5V3BGbk03cFF1eV9vUUZUS1FEME1XRlR2VEp2WmFLUGpEVG0tdllGdDNlOFNncEVSUnhoYkJ4NTRWTzl5QUtSZnlnbUpDN3RWUUQ1RXdRMHdTZGVrelllZUNpMm1ORkFvaXR6cGJGdG8xWWRzd1JGVFFiYjc2MkhuUmkybnFBZEVuZjU0NFJhSWktRDNNJTI2Y3J5JTNEMSUyNmRibV9kJTNEQUtBbWYtQ1pDWlVrUnR0VDFqd2FQUW5PZ19QMm9kU0lxbUZBUzhKRkZORk5xYVVTNmtiMlhsLUtQYmtNOFBEMlVQbVJQdDBYRERQd2M2NU5ZUzhUUDNEY1hsWmF2YXlqNFBpY2w1WHhBU0pQWWJHY25Ob3lZUUZrZDBDSllZZVFXNFduUmpMcGR2Y29WMlphVVNHTVF3LTc2dWZ2V3c2cWdnYkF0VjdKSFNOLWpsZzJ0eERsTUs2WGVRWFFLaEJMNkxzajhGVWdJZkFlMVl0SnVnTHVVMEc3UUkyUnpZQXgzRXpPWlBlanpkS1pSODFDRXlRM2dMSDc0NXNVWnNOTnJBQmZCeHVtaWNhU3ZsRVdBdmxoZEh2RGhGUTMxYzlFVlA3cmUtZURZZ21HZ1Roby1JLUdLeFpiYkx5NWdKanMtN1d3eEp6UjJ0WFFtOWZqX0VsaDJKWUJUMVE2QVMzaHVKTS1DanAxdFB2eXNMQXA4bU9zcy1IU3hualUybnE0VFVPNUpEd1dQR0NpeVFBT3hzc3dpMEVvX3NFQzY3bXdFTVNfMXUyTWQxTHh2YUlKV3R1R0NzUy1hd2o3ZFR0dHlvbU0xZFkzUnhhOThrR3hsQ2g5dW1uQkY3RVRaYjBoT0t0TzBXcHVyQ0tBYU1lWU4yYVkxN1hLQkcxM0NtTmtGNFdlX1VXZVl5NDcxeGtjWlByajQ3cjlMUHN1Ql83MjM2MjZqOGRJbi0yYkR4aktkb1J0aHl3JTI2YWR1cmwlM0RodHRwcyUyNTNBJTI1MkYlMjUyRnd3dy5tYXpkYS5kZSUyNTJGbW9kZWxsZSUyNTJGbWF6ZGEtY3gtNjAlMjUyRiUyNTNGdXRtX3NvdXJjZSUyNTNEZG91YmxlY2xpY2slMjUyNnV0bV9tZWRpdW0lMjUzRGRpc3BsYXklMjUyNnV0bV9jYW1wYWlnbiUyNTNEbW1kX2Fsd2F5c19vbl9kY29fY3g2MF93ZXJiZW1pdHRlbF9kZV8xNTdfMDkyMiUyNTI2bW9kZWwlMjUzRG1hemRhJTI1MjUyMGN4LTYwJTI1MjZib2R5JTI1M0Q1d2duJTI1MjZjYW1wYWlnbl9mb2N1cyUyNTNEbWF6ZGFjeDYwXzV3Z24lMjUyNmRtcF9zb3VyY2UlMjUzRG5vJTI1MjZkY29fc291cmNlJTI1M0R5ZXMlMjUyNmNhbXBhaWduY29kZSUyNTNEbW1kX2Fsd2F5c19vbl9kY29fY3g2MF93ZXJiZW1pdHRlbF9kZV8xNTdfMDkyMi9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5ldXcxLmppdm94LmNvbSUyRndpZGdldHMlMkYyMDIyJTJGMTAlMkZhNzI3OTh6NjM1YWI2YzdkZTQxZCUyRjElMkY5NzB4MjUwJTJGbWF6ZGFfOTcweDI1MC5odG1sL2JEaW09OTcweDI1MC9yPTAuNTIwMTE0MjU4MTQ0Mzg5OC9jbGlja01hY3JvPWh0dHBzJTNBJTJGJTJGZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0JTJGZGJtJTJGY2xrJTNGc2ElM0RMJTI2YWklM0RDRFZpZkhmMkRZX1RuRGF5czl1OFBpZFdhZ0FhSW5yekliWkNoeTl2ZEVMalVzWWJUQVJBQklOU09tQ0ZnbFlLQWdMQUhvQUhtNDk3L2NhY2hlTWFjcm89MTY2OTU5NDM5NzIyNjI5Mi9wYWdlVXJsPWh0dHBzJTNBJTJGJTJGMWY5YmEyZWVkOTQ5NjRiNTZjNDIzZGRlMjAxMzhmNTMuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSUyRnNhZmVmcmFtZSUyRjEtMC00MCUyRmh0bWwlMkZjb250YWluZXIuaHRtbC9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2VuZF9EYXlfQm9uZF9yZWRfdjEvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtFbmRfRGF5
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 00:13:18 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7468 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeG62Hf2DY4HoNqvL7_UPoYGI8AkAAAAAOAHgBAI&bg=!xMelx4PNAAbvMpMzzzI7ACkAdvg8Wl5WepOMhrD5vDH_-bjN11kt7FTzCAb-gy7RkXygAWEq0_PTXAIAAACfUgAAAAJoAQcKACfxxJYWhBTeYfDnUHyPO4dIQXz3hOMej623-qgVp9LqO6u9rs5tJKuZAug5IdBgj4hYNqx_tm59q4BSf45IFG7PazVkvL0C6505UX5eTcQB89Jbum0t2X1heOvSzcvWKC-wrHz3eOP_GoyiFAztColaJRY1X3LOYDCw1DbgZYYYrw0fe0a9gLmA2rwk_d738skGIiKdcEJd_jdnY7m7RWu7gS6U5QRChj3xPXLVNhDkXDFQKtUiCJwcBvTcvM4CRyFL23af5G0T1CYOc3oHKUr3rages7ZHqJhJxtiCQtjGGb_mFlbwrd2YoIicGL7Z3O6U5Bb36d02rHYTY9d60eesTqKtcMA39PgoPV1XBY3U4WHXyCEAOR3nioKJGxEqmKKYmw5DKGu2i9k8R_r6msGrBpxEUq6hLwGIxULEPkL1646bLNrNkhEvj_aHLrgJOuGWAHC_-wnkNDg-O60GOMZQFqlbvXYXeXv5OEJRteNl8y8o9mYx7_g7xX7hoTD9tpMifQcGzoEYDNJ29bbBXOKcPHoAwSuFEvuRQJvy8I4m55yrcXrcNo7mxpwet5gRIT73BxAfzTZBcezdFJnowqPN7PiKIYbHG1LHGOpkFfSdsPGXQHj1fIWKTX69qQbwmYzoKwk2hYU9Lb6JG4ye8_TZCyD6nrRd0Y9iXRpYyQQtOPHxWA2e1P32pVKiGqlTWSeZP91mPrh3asKdy_LLLWlHAzpn7y_A5imWCJ1Az0-GGG6a3i0DkQQkOhELFBbTyT75LOZT8-I4teY2beaaH8JUfm0ugTK11DdsG2PtdsTN1yPPViZ62i5nPj5U2IjjzwN54F7eUYJWXj6NiFcF7HXWFb5Uw4GXds6313aIiQMapxuwHL2mbZ01NAWr4gZvvEkXoiRN8aK6rWc9dox7PHx9JtGJd8FZbMV7zXofO0BRPtzkQPRk9C8HRb-kn5dF4FqIcB2ZWwEcW6q0AfAjNIbjHaIdGinxVHKhp3fbSaz6qxC4hJqmwNqgVq5wVbiFcwpdsz17VoSj5yjite417zYzWcw

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2510701532167919&bg=!Z2SlZCDNAAbvMpMzzzI7ACkAdvg8WqKmYHtACBFz6tZBGps08YibKNIAmoewLX5LCMXNpr8RQd1mFQIAAABVUgAAAAJoAQeZArQqFU-k3sfKGQXlEI4ltuFg8GwzyByHxcsbCHZ-PzNE6xRdZeV_I5KBQba1y87c0RO7iNu-cZZKKdvuO7YbsiF0Ey2-e5jkhfVB8amRzvmg9q7qs_EnhCKcbkXyXarQE2C374fjrZAwojeGuqmYa-yQAwgz1HuXorHjlglLlaNyQsPjHE0gDrbYib5d6EpsgmtCLaL6RqlpWfBNdbRN8k98qotLshamyti7vf6ubC2eVh364s6x4BCb-K-j83u8TV8Dvnh1xYhZHFpCAv9fKcvwclTZhC7EJNY2rw2TeZ91kysHQWoEhN4e77nBxUvdngeaXe6HglzUokJ2iRgb0KKRFfz2lRYkrYDY-5Kln26Kk5TtqjF1vEzMLNUzovc8kwax35I3ZaGg0RIw9K_Cskv3u_DZbLqMZB8KqteLjlR9HJIINuU7nHjNJhmEnmiMhPqT35ZpG3kz290-ZhJy-5dHVApt8cxJ-jM_3MJInGDC1gohDVaSfHgkXqBQOXE947eAb7SC3s1qFG-Odec-yQKLYk95QeTNxZBOxIVuq2h-_kOLePIO7QaMsN117kY47xuFVyWwfkVNWerH2eMyiBqmHSu41qW_GjUy3ewWoLWo1P7FVKAOKm0dymJ-IBqtQQKXy8hnldLLhLx2sbQs5MEknSsFoDmGbpGl4NUd7FkMvi3pgSD2hdZPLsu-l4KS9dVVwK7a6xrI1Igo75679W3tBZfL-uq4kiKFFrlu5JFyLjn26QHcLwP3PSezjm2iHH0qU5glhqIPU1UU2DhWrHlV-dc7YfLO9vBw22M6Iv_WXa6XczQ0HqoBeiUTbf-bmJzIGW5mXVI8FYofl61nIyuqwx8dWg6GP4hOSPfjMjRlVMHWUeVWRNNCkOBTyL8Trd2lj1_zTDRAg3mMKQVJwvGxPv_iEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apontador.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E7 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlETkHf2DY838NrKhlQfgjYSADgAAAAA4AeAEAg&bg=!JiWlJWHNAAbvMpMzzzI7ACkAdvg8Wtn5MKYTyW5fEuPGKzBb-U2p47srqo8uT6J-Xly8y0HBfO7r2gIAAACqUgAAAANoAQcKAB88Q2KAyIqbJZw9AdsHUVotswhpoqhZzI0J-WBMn_jxmQL4L5SSFt53Zu4wHYMbdbr0_hBXdA3iRGS4049hR6O0bp2tELE68IjmwTag_6wsFyaoPM3LzOKaCNWQ-4ykljgcRIYsa9IaYBEO_tYCx4nCtWSbIw57W51a9QBMoXTn0knd3CpUO6VACQq6rb8EqCJLWrJraySMCXERX0iJsjDxYkJw9nlL9Ats7xYCPBAP_yi8ZOQo6YExGWZeBQUDmHKUI3rfuzQ1wEXI8Fm8SrSdPF6dJ8PfVEojTwd6gDmwTYVZW21tjK08O0gi_T73oa5-9Ndzu_Tp77dj6CybzIg-p9HX2QXmijoPhYxtwdfQGkb0LxCIdpcwVCicIH6Zrx9mLIglQDjg-v2GaGWwudAIQx7q1c2kKWae4fY-ZjioMcGXbTODYxELFThOLk-LZNH2K0EtE32IIYdyeUbe3PZmQVUg3OYvvzB1IWsRMMWrrSoV3lUC0KB9Li4LJMcQTZfAr-sCVtqCut2Z5nUN7BGIMJvwjMmVC3MPskhxmYlCJLDQpY_v06zI0aWQ2U6d73jIsZu0zCRUjPB2rhGGpHW8c-_wCLeM17B2AtSGzYZQKHWCpxPAoiV1eVZBWv4Yl7bqR7KbdAkG25NHCKFV09ovSM_xpykj6xeqLEX4kODw6I9XbTjGECgEOg4RH8WaO8KmMq_BKXJD8tkR-Qslo0L6QUAF-Qdh1sY3pPxjnlE5GBstq62vhYaszi-6uU--F8hfiI2BNmAmGM8ItEXuH9bGBiNhRwfxLwdg036329FR4T_L1Il_VAoGUJZto6f5aLkHaBUTdCdKvAIzRRTODxP9J9DICnpxToclVrBhqL-2mp2TXhnsiV7Ahm6HV6qQoTSU9ccARaUc2vN0MZ204otlJYIGA_gNw928OZMHm7sHtAh5Zk6i6W3d0sRn1_xsrfz34ovpSTQtFZqSqHlPfw3A3SxvKUyR1SN5fhSuI3b2SD7OqxwEhzSi_M3V18m9Km9YhCcCLkLmf4vu9OiAwcZEuxH_HTGS-d8BfQ

Requested by

Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A1C8 13 KB
4 KB 49ms
48ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXQnjHf2DY_PnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT7AU_QtPiuyBDAozuVu2BPc4hHciP09hKV-5m2eTbb5QqMOPfjDEvAiA1yq3GfprI0Y19egcZkliP9kpjEWNC2Ta-zDW8MvoSnUvCMwyegtlIU2By5xoRU9XShtaVP_T8jA6RNPTiDvvongM_akFcEaHVNxhRs0HjZ8bYmrxcJpHKGgIDQAzTAAqs_sp_YpUcxUwraFKM3f8K5S2y3mSIL6Hzz0QpCpkOPUnwegWctj_FnW1Ww4VaC97QRq_M1yyuGv_A8T2HRudgSvQaoUBvX9DBp7Ua4n2YaB3wv7TD49uckiTCgH5RNvnBpDHPGTKZkSAjDBmv6EsgT3IMqwATIneTbkwTgBAOQBgGgBk2AB_CMlf8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPlzasR0BMA2BMKiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_0wo32N6Q9lBV0TH2IAc7OWmTllYQ&client=ca-pub-9083063808846513&dbm_c=AKAmf-A8bqWhK6E7WVm8lS5kB6v9TAZZngaeZBiCeQgYORt4xXLvnlkSEJsEbXC9RMlg6cFOVaodAQA61cqLQgEn6XpfoLhzovyNTAud1z0Um5AGa2cmWfuC6qmiNj2c1vBPNV_dDKg-mRmp9OakgsIfF_1r7PhtnX_6SXFatJYPXGJ3ETrKAsg&cry=1&dbm_d=AKAmf-BojL1yJIn8W1LnDWkYfy2SX_nAgKv1YqPtcoDTnhbMAUEAy_pjDioCWoZsU5kgd1Fqb5JknxT5hq_bXXlwvR9nNJ7EfdtJoT86Pi-2WOAheHW1yoYfZJgU1FwvFeP_R2UQerGvLD9I6KyzqzZ4dPiSmy6GvOITWjq4VyiXfBzrnDZ82DUvOp4vmc9U2hLsl1_isdLqAT79cYum1sOzS0ryATouoRfbk2G72eh3HF7wGyOacj5swROuqFVesgv9mC6W-ZtxEgkE5smUMTAMG5KMS4UOsnn0G_XmBscDJlDP8ZmseggELtNpinc8POcBEg9ZYmjn1gGD7IB4xloygSO3B1NXXd8YmCsVj0n6ZkgLC31SAYdlJEVbFROsIc-dc_EmA4a8K0nM1u9unnUlq43xEQmXe4FtkxnjxYaXeSy9SBrW5CKl8-kz7TMjTffeXIkwua9HqPbRKiBmCB1DYLVoIe7-jL6Sg8Axr0S-uM6iqTndQwVhGwo3HEbdo1XqDzA1x_a_FIDSz3QjgLTgQKi73Hwc_EFrmtEMwWojPsts6dbdfPw&adurl=;js=1;adfxid=1x;7911;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.apontador.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89cd61a5c22214b9ed4e7b3163fc6a1ea025702038105e689756db6473ffd3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4031
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1F75 13 KB
4 KB 42ms
41ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59499586;adfm_dvio=1009221872;adfm_dvli=18538519830;adfm_dvcr=455155828;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTnnxHf2DY_LnDays9u8PidWagAb_ss7QbbPFkfT9EGQQASDUjpghYJWCgICwB6AB8NTEnyjIAQmpAv1d4nqfcLE-qAMBqgT3AU_QOaK-XA1-Nq53sZyGRUqUbDqcOGzClcoPukazNXUDqPJn7I4blwAIAJ6f4pfUQIaO3fiYnVflAT0O32T2-jWEbnvC1lqTMAtRcQgSqe44y20U9Oub84sNbTuZ5QXcudXtwOxiy7K32pdrrA-h-vz2PqtB4YA0VKBeLammeaiZvx9NdkuDiW2wABIa1DvyGljYZpZyOxwzDt196pQY_LaVNYCsNl5Vn9uDpQlwV7GMlJsNmy8xSC5fH1EmfbiWwNDJewhVWvOGN-FI6qKL03LV6p4SRt6xdQcJsNjGb1jPFLFOOK7qzi5p1zU5d9gFlWXyO92JUmbABMid5NuTBOAEA5AGAaAGTYAH8IyV_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-XNqxHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&sig=AOD64_303jjHGktCvgX1yfLlgNKac98iMg&client=ca-pub-9083063808846513&dbm_c=AKAmf-CJnPYou5jbZtcH9I19EWL96JHwznd_U8jSfEzSKBQ9M4RZM8YiA23DM3QVGvtHrsXNDzY_CMjJ55cX_Qonb_qRkNTZRy_r5le9Wr_0d8DeqEzT97HaIA6wXJnrjSBLjA_bVuGgyCqzjOTkh1FbLEpEqeDsRsuSEpFNKNIOaQRoFP7q4fs&cry=1&dbm_d=AKAmf-DDDU0PWDuGmzZ8aMUaUFvJRrJoC3cGwT-4imx-8pp39_g1uT-qprnkiVMdcgaJJy9w0DkeYMGN1mrXvJWPOKp9sn9EP3kqLDaX8F1G5Cz5fu9TfLHu8DInjQPdo4csP5o-pbu_cHPRDVrxigqJwSCxJQXa301v-2JcuMG_77isuJ7rAXJzKv0H882PGAur30QHeYjzOawy6tmIrpi9dslloz03OWGXzhfDU_xxSTrX9im7Lp4zymSXiM2wOxTGwe22Bw-3zjykcwSrs7GtVw9PpOkpoRx3wWlrwQGI8xHc40WzJ4m_lzZEIJha-Z7RotujSvgAvJ_DYDuvw77v__Dh4v49SLcnr_gSpUKWU9iJYu4rki92GQTvdehX0JOv7uTHIa24cYXaRAXuuyTvabN-DixpsJpRKcrRfr2nXKDz7rvwK0pg2Jgn3Bh_izro4oPtrx_3ssk4mpsytNbyCQmskj4qSX743cfvcO8cjv1ansifhidXh6DSoebo0gbpx_r1Jtqqc3gmWxxNn61hg45S5uYnk6juP9XMCJepBsjMFn1sh0E&adurl=;js=1;adfxid=2x;4570;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.apontador.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bd62d9a578b8ee9869b94ae6451b790e2dd13004e6f2c1fd315e6fbbcda1ca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4038
expires: -1

GET
DATA 200
OK truncated
/ Frame A1C8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af58a9fc0271e1f8c2124bb8b1cc866e801c64c75f774f718d40a21d6e489bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1F75 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 589a12b4c79a4bb4d3f94d3cf8ca752a8c29c0db2385a61845b7660be03043f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame A1C8 90 KB
39 KB 51ms
51ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 29 Nov 2022 03:03:33 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 1F75 90 KB
39 KB 69ms
68ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 29 Nov 2022 03:03:33 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A1C8 35 B
503 B 41ms
40ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59499586&csi=ciTyOR7NUPy0yQOAt3l3NXlBrezic-vogmXp3mvE5FzrygPkIxxfk_K0a8XuRkig6M-rZX5gGtsRTNSTIIbGhN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11990643.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/ Frame 62D7 40 KB
7 KB 39ms
39ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/11990643.js?ADFassetID=11990643&bv=516
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4050a19d655eea8eed0457110b47f1a06d4e1cb11c7941bc08c0d540e46c5c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000087b760ea119d60a-00637d555a-329373d4-default
etag: W/"e836c9861d3571066e4c2efa52ea20bc"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
track.adform.net/csimpr/ Frame 1F75 35 B
503 B 41ms
40ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59499586&csi=ciTyOR7NUPyDVVEWrjKzMVz-HunHMlEDgmXp3mvE5FzrygPkIxxfk13YDvc1XGMWAzyuIH4oyNMRTNSTIIbGhN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 MazdaType150-Regular.woff2
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/fonts/MazdaType150Regular/ Frame CC3E 42 KB
42 KB 63ms
23ms Font
application/octet-stream 13.32.99.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/fonts/MazdaType150Regular/MazdaType150-Regular.woff2
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-115.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Nov 2022 12:25:52 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 42447
x-cache: Hit from cloudfront
content-length: 42740
last-modified: Thu, 27 Oct 2022 16:50:17 GMT
server: AmazonS3
etag: "3f2a9073b5b7460866937e4cd2251bb8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: fnDArFWKYhYEWC0wXuQ5EkbS0IMK1PRvCC2i9bRQQimhACEBPzT3dQ==

GET
H2 200 11990643.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/ Frame E8B5 40 KB
7 KB 39ms
39ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/11990643.js?ADFassetID=11990643&bv=516
Requested by: Host: www.apontador.com.br
URL: https://www.apontador.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4050a19d655eea8eed0457110b47f1a06d4e1cb11c7941bc08c0d540e46c5c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000087b760ea119d60a-00637d555a-329373d4-default
etag: W/"e836c9861d3571066e4c2efa52ea20bc"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpage_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 55 B
383 B 39ms
38ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpage_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000089c9b0e289d361d9-00637d555a-3293868f-default
etag: "ee980c669c9c9f1f1e9f2db915149942"
x-cache-status: STALE
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55

GET
H2 200 gwdpagedeck_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 731 B
585 B 40ms
39ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpagedeck_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000ea75f7c1a3e56510-00637d555a-32941e2b-default
etag: W/"0c8f2d607364fbbc9f4617373d1a2b2d"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdimage_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 303 B
515 B 40ms
40ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000cc844f3552caa83c-00637d555a-32941e2b-default
etag: W/"39ddb2a4f7c3f5b30beb8796693910d0"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdtaparea_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 157 B
455 B 41ms
40ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdtaparea_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000414645fdd4223d53-00637d555a-3293868f-default
etag: W/"fc6bca4841fd1d769d06a9d31ba74cf4"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwd_webcomponents_v1_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 20 KB
7 KB 39ms
39ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwd_webcomponents_v1_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000e9f40a2881c16b51-00637d555a-32940f80-default
etag: W/"770f88e1f0870d90c27122497413b4d7"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 googbase_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 403 B
635 B 40ms
38ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/googbase_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000bc835315b17d14ea-00637d555a-329354d9-default
etag: W/"949562c4e46f3bf65ccb54226a15f555"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpage_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 3 KB
2 KB 40ms
38ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpage_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000033c1446adbe14050-00637d555a-3293868f-default
etag: W/"bff6d6d081acfb28c5ef62e7927f30ed"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpagedeck_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 8 KB
4 KB 40ms
39ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpagedeck_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000673931471ac145a5-00637d555a-329354d9-default
etag: W/"e96943be53ad05de057baec386dfbe17"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdgenericad_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 3 KB
2 KB 41ms
39ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdgenericad_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5f4f80a6350fd7e6eaff214b3c5cdfb46b0b07123fdf398eb591248a3ee4a54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx000002972a8dca78e530c-00637d555a-329373d4-default
etag: W/"6cdef62b22594c62e8ec944a6200793f"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdimage_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 5 KB
2 KB 41ms
40ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000c08819ffcca89854-00637d555a-3293aae9-default
etag: W/"15309af2f01af7e606d2d5199dd21892"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwd-events-support.1.0.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 7 KB
3 KB 70ms
69ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwd-events-support.1.0.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ef4565eb9e6b1d15cccfd52037ac6734876ee56d0d5146bd452ba422c3d15606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000085538e8b4c1aa97a-00637d555a-32940f80-default
etag: W/"4b53d65810ded5351f53f97be4526613"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdtaparea_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 3 KB
2 KB 71ms
70ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdtaparea_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000040d18b6e76ece0e0-00637d555a-329373d4-default
etag: W/"78432843b54323657f77616a1a4be791"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpage_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 55 B
383 B 69ms
68ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpage_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000089c9b0e289d361d9-00637d555a-3293868f-default
etag: "ee980c669c9c9f1f1e9f2db915149942"
x-cache-status: STALE
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55

GET
H2 200 gwdpagedeck_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 731 B
585 B 69ms
68ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpagedeck_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000ea75f7c1a3e56510-00637d555a-32941e2b-default
etag: W/"0c8f2d607364fbbc9f4617373d1a2b2d"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdimage_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 303 B
515 B 70ms
69ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000cc844f3552caa83c-00637d555a-32941e2b-default
etag: W/"39ddb2a4f7c3f5b30beb8796693910d0"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdtaparea_style.css
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 157 B
455 B 70ms
70ms Stylesheet
text/css 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdtaparea_style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000414645fdd4223d53-00637d555a-3293868f-default
etag: W/"fc6bca4841fd1d769d06a9d31ba74cf4"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwd_webcomponents_v1_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 20 KB
7 KB 70ms
70ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwd_webcomponents_v1_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000e9f40a2881c16b51-00637d555a-32940f80-default
etag: W/"770f88e1f0870d90c27122497413b4d7"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 googbase_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 403 B
635 B 71ms
69ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/googbase_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000bc835315b17d14ea-00637d555a-329354d9-default
etag: W/"949562c4e46f3bf65ccb54226a15f555"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpage_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 3 KB
2 KB 71ms
69ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpage_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000033c1446adbe14050-00637d555a-3293868f-default
etag: W/"bff6d6d081acfb28c5ef62e7927f30ed"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdpagedeck_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 8 KB
4 KB 71ms
70ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdpagedeck_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000673931471ac145a5-00637d555a-329354d9-default
etag: W/"e96943be53ad05de057baec386dfbe17"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdgenericad_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 3 KB
2 KB 72ms
70ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdgenericad_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5f4f80a6350fd7e6eaff214b3c5cdfb46b0b07123fdf398eb591248a3ee4a54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx000002972a8dca78e530c-00637d555a-329373d4-default
etag: W/"6cdef62b22594c62e8ec944a6200793f"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdimage_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 5 KB
2 KB 72ms
71ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx00000c08819ffcca89854-00637d555a-3293aae9-default
etag: W/"15309af2f01af7e606d2d5199dd21892"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwd-events-support.1.0.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 7 KB
3 KB 72ms
72ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwd-events-support.1.0.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ef4565eb9e6b1d15cccfd52037ac6734876ee56d0d5146bd452ba422c3d15606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000085538e8b4c1aa97a-00637d555a-32940f80-default
etag: W/"4b53d65810ded5351f53f97be4526613"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gwdtaparea_min.js Show response
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 3 KB
2 KB 73ms
72ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdtaparea_min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 09:30:08 GMT
server: nginx
x-amz-request-id: tx0000040d18b6e76ece0e0-00637d555a-329373d4-default
etag: W/"78432843b54323657f77616a1a4be791"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Mazda_CX-60_CraftedInJapan_Keyvisual_Design_RGB_12013x8999_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/ Frame CC3E 177 KB
178 KB 81ms
25ms Image
image/jpeg 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/Mazda_CX-60_CraftedInJapan_Keyvisual_Design_RGB_12013x8999_2022_Eur_Engl.jpg
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669594397226292&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDVifHf2DY_TnDays9u8PidWagAaInrzIbZChy9vdELjUsYbTARABINSOmCFglYKAgLAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBPgBT9AgzMJH0IfDrhg-3JUR3UGAvR_XIDk48RYYgyNL83Q5ArivLPAxVHbVGN3VU08T6L3G6y6RUlq2aZrNIg7-I0duanO8ZY71QOdV7spxIyWjGtkqBSTyuztaz7e5QV7Fnj-Af7X_coZjh9m51UfZHK2Lm6ZM9Hyz0XSVVEuGS1h372kNF2xd6P4pAExYSjJNhS8bAwjZj5jd-juYxijfiSsDnkRpeRhg_CLds1eviRWvgys7L8o2Ij8sBaONmsM-XI_puwS3nePyuU6ZJSOn_fFFauCWLWcX_PDPJIiD9tgH8lhFlKjmlLtReghYY8qONyXbg6zgoKXABJHVi72SBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE-jPnxHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT%26sig%3DAOD64_0dX71DOUY1Bja4ohE7jh0S4O4w2Q%26client%3Dca-pub-9083063808846513%26dbm_c%3DAKAmf-AiuUJwB9L-L0Y-4G6PvteZ8Fevk3Md-urZlyWpFnM7pQuy_oQFTKQD0MWFTvTJvZaKPjDTm-vYFt3e8SgpERRxhbBx54VO9yAKRfygmJC7tVQD5EwQ0wSdekzYeeCi2mNFAoitzpbFto1YdswRFTQbb762HnRi2nqAdEnf544RaIi-D3M%26cry%3D1%26dbm_d%3DAKAmf-CZCZUkRttT1jwaPQnOg_P2odSIqmFAS8JFFNFNqaUS6kb2Xl-KPbkM8PD2UPmRPt0XDDPwc65NYS8TP3DcXlZavayj4Picl5XxASJPYbGcnNoyYQFkd0CJYYeQW4WnRjLpdvcoV2ZaUSGMQw-76ufvWw6qggbAtV7JHSN-jlg2txDlMK6XeQXQKhBL6Lsj8FUgIfAe1YtJugLuU0G7QI2RzYAx3EzOZPejzdKZR81CEyQ3gLH745sUZsNNrABfBxumicaSvlEWAvlhdHvDhFQ31c9EVP7re-eDYgmGgTho-I-GKxZbbLy5gJjs-7WwxJzR2tXQm9fj_Elh2JYBT1Q6AS3huJM-Cjp1tPvysLAp8mOss-HSxnjU2nq4TUO5JDwWPGCiyQAOxsswi0Eo_sEC67mwEMS_1u2Md1LxvaIJWtuGCsS-awj7dTttyomM1dY3Rxa98kGxlCh9umnBF7ETZb0hOKtO0WpurCKAaMeYN2aY17XKBG13CmNkF4We_UWeYy471xkcZPrj47r9LPsuB_723626j8dIn-2bDxjKdoRthyw%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_6383fd1ddfed5&adUnitId=2900&jvxSessionId=1669594397.7731&base=1&creativeResolveBeginTime=1669594398000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3baff545a0d5bad4e698b11145e6b1a0b718497b5f6ae60aba8190c1571b9abf

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Nov 2022 01:00:49 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 83593
x-cache: Hit from cloudfront
content-length: 181707
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "58869108e478d8c0a7259253be743655"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: pLCe-XTrzfsfp5CnM38MmBhOHa54k8ip4mPX6whh7LDQyAJueo3psQ==

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MS9iRGltPTk3MHgyNTAvanZ4UmFuZG9tPTAuODMx...
evs.euw1.jivox.com/trk/72/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/ Frame 75CD 43 B
229 B 45ms
45ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/72/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669594397.7731/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxNi9hZGIyLWtleT04MTEvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MS9iRGltPTk3MHgyNTAvanZ4UmFuZG9tPTAuODMxOTYzNzU3MDI1NTg2OS9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2VuZF9EYXlfQm9uZF9yZWRfdjEvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtFbmRfRGF5
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 00:13:18 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 62D7 30 KB
14 KB 44ms
43ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame E8B5 30 KB
14 KB 43ms
43ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_kanonne_maske2_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 6 KB
6 KB 119ms
39ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_kanonne_maske2_300x600.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 178b2bc4b3396814141988acf676e2b02b5556b43ecddcdd2fc895190d725d83

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx0000092e74f2b5462874d-00637d555a-32940f80-default
etag: "057d61d40f81c5625993435ca380593f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5737

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_CTA_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 1 KB
2 KB 41ms
39ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_CTA_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2b712d4dfec80632eb7037cf52759a0e8142dde4f4f25203ad782d6409715068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000008bf08e2b8c4bb628-00637d555a-32940f80-default
etag: "4effc3d687e110afc99b24fdd9bfc8ab"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1426

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Logo_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 2 KB
3 KB 42ms
39ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Logo_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f0322ab56d747cdb41b9ba5652c8153283392895eb30b52379280438b83cf16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000007236f2d422266aad-00637d555a-329373d4-default
etag: "5783fa1e02a1343b8b0a036fc645258f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2447

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_HL1_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 8 KB
8 KB 44ms
41ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_HL1_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12472fa774b18c826349b53eaca1b5d8476b1e82f9ea3f32de23ea94ac6068bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000071af369d859a1ee-00637d555a-32941e2b-default
etag: "442fbc79ecf90f1b74f92247c107702a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7840

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_HL2_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 8 KB
9 KB 46ms
43ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_HL2_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ab7348cc166f8248fcb0a2ded01a5711c1130cf4b2b739d6e8ba8fc23de07e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000f78350bb3e4918b8-00637d555a-3293868f-default
etag: "d31bd817e4f7e4820012112f1b2ab80f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8552

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Stoerer_p2_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 2 KB
3 KB 46ms
44ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Stoerer_p2_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3ca4eb91f7dfdb6aa2b4c2ce9461bdc2844fcd06c71a69079335fde67af0833b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000000bb2b5b754a5bb31-00637d555a-3293aae9-default
etag: "4b81276d76a6390028d72419fbda978a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2332

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Stoerer_p1_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 5 KB
5 KB 47ms
45ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Stoerer_p1_728x90.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5f23fff9711723f0dfc8bfba1f1d4d7891b512c136077f676a6ebbb2f25a85ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000cc4ebb6558aa7de5-00637d555a-329354d9-default
etag: "390cf23b46945f8871e89f696f827960"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5200

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_kanonne_300x600.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 36 KB
37 KB 51ms
49ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_kanonne_300x600.jpg
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: be6ab8ab5e47c84e5a857dfc7ab22bca734fc317f72dd3b07751340a53e54871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000007b350e9ac3d1506d-00637d555a-3293868f-default
etag: "7404a1527224fef247a2e93b493795ba"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37205

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Simon_300x600.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 28 KB
29 KB 80ms
78ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Simon_300x600.jpg
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bfde53f50ce848921cc626be7a39a5b5c61390ff8cd89d8cd11d91e2988f2779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000e787f5827ff27ed9-00637d555a-32941e2b-default
etag: "c6f2cb553d2f4cdcaa33cac64eda36cf"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29022

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Konfetti_Blau_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 9 KB
9 KB 58ms
56ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Konfetti_Blau_300x600.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9387fd1ace87614cf793b71482e6614cb25a213fc46069bf8ed25d080cb57e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000b44453f392b8a4fb-00637d555a-32941e2b-default
etag: "13c0c16423c608568edab0a50443a8d0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8813

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Konfetti_Gold_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 12 KB
12 KB 78ms
76ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Konfetti_Gold_300x600.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f1e593d55e322f110dabd90d040cc9a9c3715bbe6efd2c3e8f404d422b9cfc57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000006ccd06fe5dd9f8e9-00637d555a-3293868f-default
etag: "ef797c06752ecae14dd9d2592dbb915f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12017

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_BG_728x90.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 4 KB
5 KB 79ms
78ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_BG_728x90.jpg
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f1fa7b55e534c91a6aef6d7b0a92c865d8457f0d1f080346f943e2a10e89705c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000a05646147ecf7114-00637d555a-329354d9-default
etag: "93d1cb356c7171125c2cfbc61443d29b"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4367

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_kanonne_maske2_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 6 KB
6 KB 124ms
48ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_kanonne_maske2_300x600.png
Requested by: Host: 1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
URL: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 178b2bc4b3396814141988acf676e2b02b5556b43ecddcdd2fc895190d725d83

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx0000092e74f2b5462874d-00637d555a-32940f80-default
etag: "057d61d40f81c5625993435ca380593f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5737

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_CTA_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 1 KB
2 KB 76ms
74ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_CTA_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2b712d4dfec80632eb7037cf52759a0e8142dde4f4f25203ad782d6409715068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000008bf08e2b8c4bb628-00637d555a-32940f80-default
etag: "4effc3d687e110afc99b24fdd9bfc8ab"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1426

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Logo_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 2 KB
3 KB 76ms
74ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Logo_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f0322ab56d747cdb41b9ba5652c8153283392895eb30b52379280438b83cf16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000007236f2d422266aad-00637d555a-329373d4-default
etag: "5783fa1e02a1343b8b0a036fc645258f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2447

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_HL1_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 8 KB
8 KB 76ms
74ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_HL1_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12472fa774b18c826349b53eaca1b5d8476b1e82f9ea3f32de23ea94ac6068bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000071af369d859a1ee-00637d555a-32941e2b-default
etag: "442fbc79ecf90f1b74f92247c107702a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7840

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_HL2_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 8 KB
9 KB 77ms
74ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_HL2_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ab7348cc166f8248fcb0a2ded01a5711c1130cf4b2b739d6e8ba8fc23de07e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000f78350bb3e4918b8-00637d555a-3293868f-default
etag: "d31bd817e4f7e4820012112f1b2ab80f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8552

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Stoerer_p2_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 2 KB
3 KB 77ms
74ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Stoerer_p2_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3ca4eb91f7dfdb6aa2b4c2ce9461bdc2844fcd06c71a69079335fde67af0833b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000000bb2b5b754a5bb31-00637d555a-3293aae9-default
etag: "4b81276d76a6390028d72419fbda978a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2332

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Stoerer_p1_728x90.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 5 KB
5 KB 77ms
75ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Stoerer_p1_728x90.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5f23fff9711723f0dfc8bfba1f1d4d7891b512c136077f676a6ebbb2f25a85ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000cc4ebb6558aa7de5-00637d555a-329354d9-default
etag: "390cf23b46945f8871e89f696f827960"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5200

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_kanonne_300x600.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 36 KB
37 KB 77ms
75ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_kanonne_300x600.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: be6ab8ab5e47c84e5a857dfc7ab22bca734fc317f72dd3b07751340a53e54871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000007b350e9ac3d1506d-00637d555a-3293868f-default
etag: "7404a1527224fef247a2e93b493795ba"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37205

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Simon_300x600.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 28 KB
29 KB 77ms
75ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Simon_300x600.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bfde53f50ce848921cc626be7a39a5b5c61390ff8cd89d8cd11d91e2988f2779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000e787f5827ff27ed9-00637d555a-32941e2b-default
etag: "c6f2cb553d2f4cdcaa33cac64eda36cf"
x-cache-status: UPDATING
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29022

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Konfetti_Blau_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 9 KB
9 KB 77ms
75ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Konfetti_Blau_300x600.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9387fd1ace87614cf793b71482e6614cb25a213fc46069bf8ed25d080cb57e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000b44453f392b8a4fb-00637d555a-32941e2b-default
etag: "13c0c16423c608568edab0a50443a8d0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8813

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Konfetti_Gold_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 12 KB
12 KB 77ms
76ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Konfetti_Gold_300x600.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f1e593d55e322f110dabd90d040cc9a9c3715bbe6efd2c3e8f404d422b9cfc57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx000006ccd06fe5dd9f8e9-00637d555a-3293868f-default
etag: "ef797c06752ecae14dd9d2592dbb915f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12017

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_BG_728x90.jpg
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 4 KB
5 KB 78ms
77ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_BG_728x90.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/gwdimage_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f1fa7b55e534c91a6aef6d7b0a92c865d8457f0d1f080346f943e2a10e89705c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:18 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000a05646147ecf7114-00637d555a-329354d9-default
etag: "93d1cb356c7171125c2cfbc61443d29b"
x-cache-status: UPDATING
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4367

GET
H2 200 Mazda_CX-60_CraftedInJapan_Sideshot_08_RGB_5000x3750_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame2/ Frame CC3E 155 KB
156 KB 23ms
22ms Image
image/jpeg 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame2/Mazda_CX-60_CraftedInJapan_Sideshot_08_RGB_5000x3750_2022_Eur_Engl.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74f2a9367bd5ebd289242ad156a7dbc076fe0828bff7675ad1932138c6117f1c

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Nov 2022 12:34:50 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 41915
x-cache: Hit from cloudfront
content-length: 158570
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "12693f2293f67c790aa86430165dfcdc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: UzYdVOeziVSw2Y-y1yAm9U4XJnb2zfZKk7jPEDSoYUANwBV80IQUQg==

GET
H2 200 Mazda_CX-60_CraftedInJapan_Sideshot_50_RGB_5000x3750_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame3/ Frame CC3E 100 KB
101 KB 23ms
22ms Image
image/jpeg 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame3/Mazda_CX-60_CraftedInJapan_Sideshot_50_RGB_5000x3750_2022_Eur_Engl.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc403fd213792ac561b626826cc8b415cf6dda6338d122a983e7a2504e4c378c

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Nov 2022 11:33:24 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 45595
x-cache: Hit from cloudfront
content-length: 102386
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "323c5ae63c396f5a46805609231f976d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: NTgUZHkhADgjtYVxKzReW2o9egRSBSCLd8innyofK5sdXwN2tGtHdw==

GET
H2 200 logo.png
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/images/ Frame CC3E 16 KB
16 KB 21ms
21ms Image
image/png 13.32.99.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/images/logo.png?1660821615280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-115.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 27 Nov 2022 12:25:44 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 42454
x-cache: Hit from cloudfront
content-length: 16349
last-modified: Thu, 27 Oct 2022 16:50:18 GMT
server: AmazonS3
etag: "7f0160e79867e7360cc692e067174aeb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3t9yJoz_IgaXDP8PjhEy5b6rYRkDsocqty6vPBfWl4s_ce0SgDsXaw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1C8 42 B
64 B 98ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHzruM7_u5g3Yg06-g2afe1oNhqLPszRhwwe0r5tdAUK_pFBBuMWe8uU9cJq9m10jXjH-0VksNYwIdsrqpXrQ7dnefDCu6cGw-O0b5TQQqxULhWKhrWFVTctkvvCRZ-NFQk_qyvg&sai=AMfl-YR3LzzmIlH-obToK-O_4DY28mOhePVHPwAlZlNLDxfUWWTHx7i1O8CPi8dBXkiywJiCJ-eIBOqcgTVk-Uk-q1oKWasAACtSeiXQ8DrT2jBfuEpuXG_0U1Of3JeKTOqMbg-U9uvmk1jBXHBA9EI6&sig=Cg0ArKJSzARINNeMOhCwEAE&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&id=lidar2&mcvt=1002&p=917,436,1011,1164&mtos=123,1002,1002,1002,1002&tos=123,879,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2876982550&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669594397748&rpt=623&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F75 42 B
64 B 82ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskTYjMVTQXLENE2gxx9CcwmZksPpbY0PYwirBjyLiWDDI6_G3OPkXa3dGQt2PbmzM1uuhsyA6SfihlMq0nKciSQganROkWXzJpxMRXr28_a0ErZB2hAE72rp1P5drNQErz8xkrkA&sai=AMfl-YQmv6U12KEAmCVGV596BtHBkCjDInkcg4ZMLMINeC7W9o-LgDAGrY-NG37JzwbSUNL669y_2Wu0nhV9IQpaKa7iuQ8FIxKZYL_EHQ3-77A84Qr-hn6nH2lNbyH1g0pxoUQLT-KfBBw-zlCuMduS&sig=Cg0ArKJSzOQm39qj3RPKEAE&cid=CAQSTADq26N9cAbHoQfjrD9OqZtvCIKiD3z7bFKY5zRtD5PoX6uZog8P0SluUUgaA0JIlIkXddSsD-8Y2goCOnJK9E1NYqg6PHt6VfgcnyoYASAT&id=lidar2&mcvt=1004&p=0,436,94,1164&mtos=140,1004,1004,1004,1004&tos=140,864,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2471861852&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669594397753&rpt=634&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Simon_Maske_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame 62D7 3 KB
3 KB 41ms
41ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Simon_Maske_300x600.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 737339d61af3049b943b5f7ba99d1a70ca8c639fad790322dc154c93c51983b7

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:19 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000627627c5ec833cd3-00637d555b-329354d9-default
etag: "6171effd72f739da8dc98935ece5836f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2715

GET
H2 200 SIMon_BlackWeek_Motiv_Flug_Simon_Maske_300x600.png
s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/ Frame E8B5 3 KB
3 KB 42ms
41ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2088929/11990643/bvpath_516/SIMon_BlackWeek_Motiv_Flug_Simon_Maske_300x600.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 737339d61af3049b943b5f7ba99d1a70ca8c639fad790322dc154c93c51983b7

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
Origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 00:13:19 GMT
last-modified: Thu, 10 Nov 2022 09:30:09 GMT
server: nginx
x-amz-request-id: tx00000627627c5ec833cd3-00637d555b-329354d9-default
etag: "6171effd72f739da8dc98935ece5836f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2715

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1F75 35 B
503 B 41ms
40ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4951599236061430986@@59499586,1578900650205801372,100|1005|0|0|0|0|0|0|0||34|1|||1005|0|1|0|0|Y_im0i81R79cPlakbYq96d-9djeQ_VvN0jFkKdQDeRixCY00NtYLBPL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A1C8 35 B
503 B 41ms
41ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4081882914894477224@@59499586,3257483074082703383,100|1101|0|0|0|0|0|0|0||38|1|||1101|0|1|0|0|Y_im0i81R79cPlakbYq96fAjREmiAq5mnkL5p6CizhKxCY00NtYLBPL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A1C8 35 B
503 B 42ms
42ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4081882914894477224@@59499586,3257483074082703383,100|3100|0|0|0|0|0|0|0||106|1|||3100|3100|1|0|0|Y_im0i81R79cPlakbYq96fAjREmiAq5mnkL5p6CizhKxCY00NtYLBPL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1F75 35 B
503 B 41ms
40ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4951599236061430986@@59499586,1578900650205801372,100|3099|0|0|0|0|0|0|0||106|1|||3099|3099|1|0|0|Y_im0i81R79cPlakbYq96d-9djeQ_VvN0jFkKdQDeRixCY00NtYLBPL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 00:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.apontador.com.br/	1970-01-20 17:22:34	Name: _ga_NJYMDW4MDH Value: GS1.1.1669594396.1.0.1669594396.0.0.0
.apontador.com.br/	1970-01-20 17:22:34	Name: _ga Value: GA1.3.1430814732.1669594397
.apontador.com.br/	1970-01-20 07:48:00	Name: _gid Value: GA1.3.1221720544.1669594397
.apontador.com.br/	1970-01-20 07:46:34	Name: _gat_UA-2086338-9 Value: 1
.apontador.com.br/	1970-01-20 07:46:34	Name: _gat_UA-2086338-1 Value: 1
.apontador.com.br/	1970-01-20 17:08:10	Name: __gads Value: ID=a23f9e3463455b42:T=1669594397:S=ALNI_Mbt9HQJd1ny_DzKGTIgJ0UvsgpJdQ
.apontador.com.br/	1970-01-20 17:08:10	Name: __gpi Value: UID=00000b8935007139:T=1669594397:RT=1669594397:S=ALNI_MZfQM19dNO0jHmv8pkQe-KKk1oPJA
.doubleclick.net/	1970-01-20 17:08:10	Name: IDE Value: AHWqTUk1_MUt002s_bXrOo4WjKNg-AzKSm4h9rqmRUs6RhjrPT0egieLEfM_G1i0Ooo
.adform.net/	1970-01-20 08:29:46	Name: C Value: 1
.jivox.com/	1970-01-20 09:56:10	Name: jvxsync Value: tor5WBTmLiWS
.casalemedia.com/	1970-01-20 16:32:10	Name: CMID Value: Y4P9HtQOUOOaVvCFuG9JsAAA
.casalemedia.com/	1970-01-20 09:56:10	Name: CMPS Value: 3346
.casalemedia.com/	1970-01-20 09:56:10	Name: CMPRO Value: 3346
.adnxs.com/	1970-01-20 09:56:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVNgT[EG!]tbPl1M>e)ZlrFUfJ+tGXxo@SO$6eY:^pC>q4qEa^IvyZ-WP7[80(UwL%Y>bpRzqF1`*b_B^)usy%
.adnxs.com/	1970-01-20 09:56:10	Name: uuid2 Value: 7813852782743725260
.casalemedia.com/	1970-01-20 09:56:10	Name: CMTS Value: 5166
.adform.net/	1970-01-20 07:56:39	Name: TPC Value: 1669594398320
.adform.net/	1970-01-20 09:12:58	Name: uid Value: 4951599236061430986

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f9ba2eed94964b56c423dde20138f53.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
as.euw1.jivox.com
assets.euw1.jivox.com
cdn.euw1.jivox.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
evs.euw1.jivox.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
newpoi-assets.apontador.com.br
pagead2.googlesyndication.com
playercdn.jivox.com
region1.google-analytics.com
s1.adform.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.apontador.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.22.14.25
104.22.15.25
108.138.5.230
13.32.99.115
142.250.74.194
18.66.112.111
185.80.39.216
185.89.210.46
2001:4860:4802:32::36
2a00:1450:4001:801::2008
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:26f0:480:f::213:7edc
34.249.153.40
37.157.2.247
37.157.4.23
52.17.68.86
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
091887ae3c2985745041d7b515c44eecc810e72a55c6c807ea5e4d0f10af030d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1032cedc0643260906fe96d2abeacf18ef7a7f770f257626ebcc6da4c9ccf20d
11d50a72e991a18151888b01e352da5e21632c98b4a4f8b0cb54421a1bab3ecf
12472fa774b18c826349b53eaca1b5d8476b1e82f9ea3f32de23ea94ac6068bd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
171c971a56aca0293481074de5b5cb6c6c75353ed0221adef1e64fe81ff3e0fa
178b2bc4b3396814141988acf676e2b02b5556b43ecddcdd2fc895190d725d83
1a2b51f303b57a9585fdd0608b1329d41d4025dc674835dbc7a7acb758a0f6b1
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2620d197f316fa24771a3a620ec7d54d3f924bec4e14c2957ed1b2de3ea709e5
2894045981eecef28eb7202a50cc9285c222500cff8f74d7346418e4cc46ad95
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b712d4dfec80632eb7037cf52759a0e8142dde4f4f25203ad782d6409715068
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3453e2cc626685991e8dd7ad565d36c3cced14b4912ab5dc4c1df07aa98bcf4a
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3baff545a0d5bad4e698b11145e6b1a0b718497b5f6ae60aba8190c1571b9abf
3ca4eb91f7dfdb6aa2b4c2ce9461bdc2844fcd06c71a69079335fde67af0833b
3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee
3f8628eca915c8d9c8878277f12009ef247562927ee41a1d765333ffdc8ea58e
4050a19d655eea8eed0457110b47f1a06d4e1cb11c7941bc08c0d540e46c5c77
44097ada1ca37b49fcde0306c47c04261683b631eef57f9d21322aa17dbbe335
4442aa5c3efeebdcb5755c0eaac45d9fbc63c7c1704f8895d1d4d6fa96c65a19
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4694c95ecb2077683d94b6ceff327a4b52afff71b7488e87d05b00e195ac8a1b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51465d68a406d56bccebd9a898fd304b830c85f2d0de75100b7880e143f8ecec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
589a12b4c79a4bb4d3f94d3cf8ca752a8c29c0db2385a61845b7660be03043f2
5aff31211972a6d23379c45387f50b07c35bdd094c0e4aa1ea30a51629381828
5b64e68adfa9b3ded0f9e0aec61bdcaff2c4aea5bf4f6b87f11d0448cd6fecbd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f23fff9711723f0dfc8bfba1f1d4d7891b512c136077f676a6ebbb2f25a85ad
5f4f80a6350fd7e6eaff214b3c5cdfb46b0b07123fdf398eb591248a3ee4a54b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd
68cfd8b56c0181945d8ac52112c1e19d4a4c1c1fca6b03314f93844ed5c3fceb
6ce55f56126915543568b61fd1d387f8e77c6f1d67175d83028a9ec25842090f
6dd0a7c763c10975fa511e608ad14ab9172ef8f6a7cf4149c51795c4be750964
737339d61af3049b943b5f7ba99d1a70ca8c639fad790322dc154c93c51983b7
74f2a9367bd5ebd289242ad156a7dbc076fe0828bff7675ad1932138c6117f1c
782f733c875662dae47650f7c407d57ea697252a593eee55418bb7beb211d371
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c0d8c79e5d189c976b219ae87ace103d5430be3a29bc991dce2b8e543bbe629
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853c3c525cb96f5ef071f167471f65615952343c55ad008304cd365b0b890584
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
870b764f4b5567242d0a21b5500ec59f833961c144b79c418e7732d7b905a055
89cd61a5c22214b9ed4e7b3163fc6a1ea025702038105e689756db6473ffd3a2
8c97b117825c7055886818c7dbac3b5ea22530d429987c3182db0ce218585676
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
928d03569d25f92fde8d90d31c29b954e64a5547f05696f050b7a10bd26e4c25
9387fd1ace87614cf793b71482e6614cb25a213fc46069bf8ed25d080cb57e34
9423269a7f4d0dc276ee47a2b7fa33df3284d350f38792dcba7c45174329fbdb
95615e0dfccdca15e1fc3475548d35d070323c66edf728f8cc8d0eb6670d5650
9bc660cfeed8ed447fa3e750b0b2d62e5bb5ce398baaa24e3e57f24b763a3f1a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a43d4ee4d9440eb84382f7f2dc678e40f09e9d32c5d436bcb4269ca6f7992b5e
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a95dc992194b0df4c2cbbc0643525b91bbc50e6f4abbe0f037ddf4e1c7429aa9
ab7348cc166f8248fcb0a2ded01a5711c1130cf4b2b739d6e8ba8fc23de07e96
ae05b5bf3a0d482b806731854b2f796f184d04960175949628f65f3d401ef1b9
af58a9fc0271e1f8c2124bb8b1cc866e801c64c75f774f718d40a21d6e489bdf
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3bc9be671994481af5196f4df408eb6bc7e93a086573735891514069f52f08a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7eea794757dbbdc1dafd9b045a10823f8c5278bbc6ce5539d1b9239ee34fcf8
b8bf3b267e832ca7a5b927d69a1ab9f250ed9694bea4e3a3ac79b71e41f9646b
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
ba1d6c87a768bb42670f37f6fea855c3e109b1b355dc0d880ec5a35645096d84
bc403fd213792ac561b626826cc8b415cf6dda6338d122a983e7a2504e4c378c
bd62d9a578b8ee9869b94ae6451b790e2dd13004e6f2c1fd315e6fbbcda1ca21
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
be1c137b913a191e72ed7c77b942620911775a5d3bcebe3255e7c45e2d6868e7
be319868af11affa5ffd932e8584d796990bc874e23e463b49037f810670c6f7
be6ab8ab5e47c84e5a857dfc7ab22bca734fc317f72dd3b07751340a53e54871
be7a0e9a24895e9f5a9bfbca5f171d5e0fe020d9e9105fc1a2505146789aa870
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfde53f50ce848921cc626be7a39a5b5c61390ff8cd89d8cd11d91e2988f2779
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d779dcb88e2f428f1662b4b59119dc84428723ffdf6b95bba152914f74b3d929
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f0c80055ab21963d78481dfae7abb423a89f274d6a8cf34998f0364e04d5c2
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
eb5d62ba46d229a38141649735208448abc56bf36ea6e8b54a64533f6ef409f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4565eb9e6b1d15cccfd52037ac6734876ee56d0d5146bd452ba422c3d15606
f0322ab56d747cdb41b9ba5652c8153283392895eb30b52379280438b83cf16c
f1e593d55e322f110dabd90d040cc9a9c3715bbe6efd2c3e8f404d422b9cfc57
f1fa7b55e534c91a6aef6d7b0a92c865d8457f0d1f080346f943e2a10e89705c
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f3a69d904b1d0dc339e42156d9684f90c9636f4c1c04d5a135f293b01798393c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f546c12af25f8d6f303f0b06e90007c74a93fe697a1be5eb08b23dc9b622ba36
f60d14e5ac34d4ef70efde9b4765687786dc13310a4c2ef9ded63968e1156032
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
f7dba8fcdf871b4b0426e7fc15c74cc659e64195c9a7aa7a7d3c703778a481e7
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
fb17db5be3138204f4c89c8c3235ba90cbf728fb2318e9eb80b339690998da1d
fd272b5aa73c5065e6ed4ecff28ebd3dfc590ab88e62bf25571f32faedcb2b24

www.apontador.com.br Open in urlscan Pro 104.22.15.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

94 %HTTPS

57 %IPv6

15 Domains

29 Subdomains

28 IPs

7 Countries

2401 kBTransfer

5595 kBSize

18 Cookies

11 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.apontador.com.br Open in urlscan Pro
104.22.15.25 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

94 %
HTTPS

57 %
IPv6

15
Domains

29
Subdomains

28
IPs

7
Countries

2401 kB
Transfer

5595 kB
Size

18
Cookies

210 HTTP transactions
3 data transactions