urlscan.io logo urlscan.io
SecurityTrails logo

desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br Open in urlscan Pro
177.101.99.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Submission: On January 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 14 countries across 74 domains to perform 365 HTTP transactions. The main IP is 177.101.99.62, located in Blumenau, Brazil and belongs to Unifique Telecomunicacoes SA, BR. The main domain is desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 177.101.99.62 28343 (Unifique ...)
5 2a00:1450:400... 15169 (GOOGLE)
27 195.181.174.138 60068 (CDN77 ^_^)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 142.250.184.226 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 54.207.195.77 16509 (AMAZON-02)
1 3 185.184.10.30 203690 (RTB-HOUSE...)
1 142.250.184.194 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
5 95.101.27.84 20940 (AKAMAI-ASN1)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
2 2a03:2880:f12... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
4 20.85.30.134 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.18.115.97 13335 (CLOUDFLAR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 4 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 18.230.146.239 16509 (AMAZON-02)
1 2 54.229.240.78 16509 (AMAZON-02)
12 33 142.250.186.162 15169 (GOOGLE)
1 3.121.106.122 16509 (AMAZON-02)
3 4 185.33.221.11 29990 (ASN-APPNEX)
1 70.42.32.31 13789 (INTERNAP-...)
1 141.226.228.48 200478 (TABOOLA-AS)
2 3 69.173.144.139 26667 (RUBICONPR...)
1 2 18.203.202.174 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 5 3.126.56.137 16509 (AMAZON-02)
4 4 35.158.233.132 16509 (AMAZON-02)
1 23.57.80.37 16625 (AKAMAI-AS)
2 3 2600:9000:223... 16509 (AMAZON-02)
3 4 18.197.240.17 16509 (AMAZON-02)
3 8 72.247.225.98 16625 (AKAMAI-AS)
2 212.82.100.181 34010 (YAHOO-IRD)
5 34.98.64.218 15169 (GOOGLE)
1 2 54.155.208.14 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
2 95.101.184.154 16625 (AKAMAI-AS)
1 34.102.166.132 15169 (GOOGLE)
1 202.241.208.53 4694 (IDCF IDC ...)
1 124.146.215.5 2514 (INFOSPHER...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
19 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.173.62 29990 (ASN-APPNEX)
4 104.90.104.248 16625 (AKAMAI-AS)
16 138.201.84.245 24940 (HETZNER-AS)
1 4 138.201.63.150 24940 (HETZNER-AS)
1 4 94.130.102.164 24940 (HETZNER-AS)
1 4 88.99.165.19 24940 (HETZNER-AS)
1 4 46.4.10.49 24940 (HETZNER-AS)
4 4 2a0b:4d07:102::1 44239 (PROINITY ...)
4 5.1.80.163 34549 (MEER-AS m...)
4 8 104.92.94.3 16625 (AKAMAI-AS)
4 4 85.239.105.10 16097 (HLKOMM 04...)
20 2606:4700::68... 13335 (CLOUDFLAR...)
8 46.236.13.147 12703 (PULSANT-AS)
4 8 142.250.186.134 15169 (GOOGLE)
1 2 2620:112:f006... 6336 (TURN-US-ASN)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 35.71.131.137 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 216.52.2.48 29791 (VOXEL-DOT...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 151.101.130.49 54113 (FASTLY)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
2 2 37.157.6.246 198622 (ADFORM)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 143.204.215.68 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
2 2 34.236.79.15 14618 (AMAZON-AES)
2 2 76.223.111.18 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 3.248.87.88 16509 (AMAZON-02)
4 54.228.130.197 16509 (AMAZON-02)
365 84
11    177.101.99.62 (Blumenau, Brazil)

ASN28343 (Unifique Telecomunicacoes SA, BR)
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    195.181.174.138 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-195-181-174-138.datapacket.com
ph-cdn3.ecosweb.com.br
7    2a00:1450:4007:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.207.195.77 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-195-77.sa-east-1.compute.amazonaws.com
cdn.pmweb.com.br
3    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    95.101.27.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-84.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2606:4700:20::681a:16d (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
7    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.18.115.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    18.230.146.239 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
df.pmweb.com.br
2    54.229.240.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-240-78.eu-west-1.compute.amazonaws.com
dpm.demdex.net
33    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    3.121.106.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-106-122.eu-central-1.compute.amazonaws.com
crb.kargo.com
4    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.203.202.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-202-174.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    35.158.233.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-233-132.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    23.57.80.37 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-80-37.deploy.static.akamaitechnologies.com
contextual.media.net
3    2600:9000:223f:6c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    18.197.240.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
8    72.247.225.98 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
r.casalemedia.com
dsum-sec.casalemedia.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    54.155.208.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-208-14.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    95.101.184.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-154.deploy.static.akamaitechnologies.com
cw.addthis.com
1    34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
1    202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    124.146.215.5 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
adgen.socdm.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
19    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com
sync.teads.tv
16    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    138.201.63.150 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
4    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
4    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
4    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal90001.redintelligence.net
4    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    5.1.80.163 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)
PTR: s17177.creolineserver.com
adv-srv.office-partner.de
8    104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com
www.awin1.com
4    85.239.105.10 (Leipzig, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
20    2606:4700::6813:ba79 (United States)

ASN13335 (CLOUDFLARENET, US)
singles.parship.de
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
8    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
8019191.fls.doubleclick.net
2    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a05:d018:24:b002:fa9c:f965:fc74:bbd9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    143.204.215.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-68.fra53.r.cloudfront.net
analytics.webgains.io
3    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    34.236.79.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-79-15.compute-1.amazonaws.com
pm.w55c.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
8    3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
api.webgains.io
4    54.228.130.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
Apex Domain
Subdomains		 Transfer
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157
243 KB
48 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
264 KB
32 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal90008.redintelligence.net — Cisco Umbrella Rank: 223642
hal900012.redintelligence.net — Cisco Umbrella Rank: 244519
hal900028.redintelligence.net — Cisco Umbrella Rank: 278642
hal90001.redintelligence.net — Cisco Umbrella Rank: 277782
204 KB
27 ecosweb.com.br
ph-cdn3.ecosweb.com.br
502 KB
20 parship.de
singles.parship.de — Cisco Umbrella Rank: 291354
59 KB
12 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
api.webgains.io — Cisco Umbrella Rank: 60455
205 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
2 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
sslwidget.criteo.com — Cisco Umbrella Rank: 1760
widget.us.criteo.com — Cisco Umbrella Rank: 18087
dis.criteo.com — Cisco Umbrella Rank: 691
17 KB
11 ecosweb.dev.br
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
testing-dbr-ws-site.ecosweb.dev.br Failed
518 KB
8 instana.io
eum.instana.io — Cisco Umbrella Rank: 5597
eum-eu-west-1.instana.io — Cisco Umbrella Rank: 23482
38 KB
8 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
14 KB
8 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
5 KB
8 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 250175
adv-srv.office-partner.de — Cisco Umbrella Rank: 252765
4 KB
8 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1974
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
8 KB
8 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
sp.analytics.yahoo.com — Cisco Umbrella Rank: 818
2 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
8 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
331 KB
7 gstatic.com
fonts.gstatic.com
121 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
6 clarity.ms
j.clarity.ms
c.clarity.ms — Cisco Umbrella Rank: 917
24 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
546 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1300
68 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
21 KB
4 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 250848
4 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
688 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
150 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
797 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
2 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 880
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
1 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
1 KB
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 20790
17 KB
3 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3401
737 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
73 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
957 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
1 KB
2 volvelle.tech
a.volvelle.tech — Cisco Umbrella Rank: 27353
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
829 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
529 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2859
207 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
adgen.socdm.com — Cisco Umbrella Rank: 7393
1 KB
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1338
852 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
896 B
2 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2306
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
851 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
386 B
2 pmweb.com.br
cdn.pmweb.com.br — Cisco Umbrella Rank: 74263
df.pmweb.com.br — Cisco Umbrella Rank: 73673
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
538 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
463 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 19998
526 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
864 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
417 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 3546
599 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 516
782 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1260
231 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
476 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1519
360 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
13 KB
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 14351
474 B
1 t.co
t.co — Cisco Umbrella Rank: 487
337 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
459 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
365 74
Domain Requested by
33 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
27 ph-cdn3.ecosweb.com.br desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
20 singles.parship.de hal900012.redintelligence.net
hal900028.redintelligence.net
hal90001.redintelligence.net
hal90008.redintelligence.net
singles.parship.de
eum.instana.io
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
16 hal9000.redintelligence.net 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
hal900012.redintelligence.net
hal900028.redintelligence.net
hal90001.redintelligence.net
hal90008.redintelligence.net
13 googleads.g.doubleclick.net www.googleadservices.com
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
11 desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
8 api.webgains.io analytics.webgains.io
8 8019191.fls.doubleclick.net 4 redirects desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
8 track.webgains.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
8 www.awin1.com 4 redirects 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
7 www.google.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
tpc.googlesyndication.com
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
7 www.googletagmanager.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
www.googletagmanager.com
adv-srv.office-partner.de
7 fonts.gstatic.com fonts.googleapis.com
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 www.google-analytics.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
www.google-analytics.com
www.googletagmanager.com
5 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
5 us-u.openx.net googleads.g.doubleclick.net
5 ups.analytics.yahoo.com 1 redirects
5 gum.criteo.com 4 redirects static.criteo.net
5 www.google.de desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
5 analytics.tiktok.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
analytics.tiktok.com
5 fonts.googleapis.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
hal900012.redintelligence.net
hal900028.redintelligence.net
hal90001.redintelligence.net
hal90008.redintelligence.net
4 eum-eu-west-1.instana.io eum.instana.io
4 eum.instana.io singles.parship.de
4 analytics.webgains.io track.webgains.com
4 static.cloudflareinsights.com singles.parship.de
4 trf.greatviews.de 4 redirects
4 adv-srv.office-partner.de hal900012.redintelligence.net
hal900028.redintelligence.net
hal90001.redintelligence.net
hal90008.redintelligence.net
4 adv.office-partner.de 4 redirects
4 hal90001.redintelligence.net 1 redirects 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
hal90001.redintelligence.net
4 hal900028.redintelligence.net 1 redirects 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
hal900028.redintelligence.net
4 hal900012.redintelligence.net 1 redirects 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
hal900012.redintelligence.net
4 hal90008.redintelligence.net 1 redirects 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
hal90008.redintelligence.net
4 sync.teads.tv googleads.g.doubleclick.net
4 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
4 www.googletagservices.com 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
4 x.bidswitch.net 3 redirects
4 pixel.advertising.com 4 redirects
4 secure.adnxs.com 3 redirects
4 j.clarity.ms bat.bing.com
j.clarity.ms
4 securepubads.g.doubleclick.net desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
securepubads.g.doubleclick.net
3 s0.2mdn.net 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
3 ap.lijit.com 3 redirects
3 s.ad.smaato.net 2 redirects
3 pixel.rubiconproject.com 2 redirects
3 dis.criteo.com
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 bat.bing.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
bat.bing.com
3 us.creativecdn.com 1 redirects www.googletagmanager.com
2 eb2.3lift.com 2 redirects
2 pm.w55c.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 a.volvelle.tech 2 redirects
2 sync.tidaltv.com 2 redirects
2 match.adsrvr.org 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
2 dclk-match.dotomi.com 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
2 cw.addthis.com
2 pixel.tapad.com 1 redirects
2 partner.mediawallahscript.com 1 redirects
2 sp.analytics.yahoo.com
2 r.casalemedia.com 1 redirects
2 ad.360yield.com 1 redirects
2 dpm.demdex.net 1 redirects
2 c.clarity.ms 1 redirects desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
2 www.facebook.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
2 connect.facebook.net desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
connect.facebook.net
2 cdn.onesignal.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cdn.onesignal.com
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 d.turn.com 1 redirects
1 adservice.google.de securepubads.g.doubleclick.net
1 idsync.rlcdn.com
1 adgen.socdm.com
1 tg.socdm.com
1 ad.tpmn.co.kr
1 contextual.media.net
1 ads.yahoo.com
1 sync-t1.taboola.com
1 sync.outbrain.com
1 crb.kargo.com
1 df.pmweb.com.br cdn.pmweb.com.br
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 static.criteo.net www.googletagmanager.com
1 ipv4.icanhazip.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 c.bing.com 1 redirects
1 t.co desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 analytics.twitter.com static.ads-twitter.com
1 cdnjs.cloudflare.com www.googletagmanager.com
1 static.ads-twitter.com desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 www.googleadservices.com www.googletagmanager.com
1 cdn.pmweb.com.br desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 onesignal.com cdn.onesignal.com
0 google2waycm.netmng.com Failed 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
0 testing-dbr-ws-site.ecosweb.dev.br Failed desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
365 104
Subject Issuer Validity Valid
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ecosweb.com.br
Go Daddy Secure Certificate Authority - G2		 2021-12-20 -
2023-01-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.pmweb.com.br
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
ad.tpmn.co.kr
GTS CA 1D4		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2020-04-24 -
2022-06-02		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
adv-srv.office-partner.de
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
singles.parship.de
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh

This page contains 40 frames:

Primary Page: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Frame ID: 3346D445D812C1DB98A2718D35243421
Requests: 116 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129005&tc=1
Frame ID: 7821EC16B9A50E86F9B9CD41B7AEF868
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129465
Frame ID: 399F01619D0B2FD8AAE50B208A7F1AEF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Frame ID: 724D7196A90A65E5F76F87EC6310E6DD
Requests: 2 HTTP requests in this frame

Frame: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
Frame ID: 9F9B387217A0A9A4524D79114DE520FB
Requests: 30 HTTP requests in this frame

Frame: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34E342FDB64C5894C1AB674B0F0B2A09
Requests: 1 HTTP requests in this frame

Frame: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CD3FBB7FF1A80D5D529B4B5AA516B82
Requests: 17 HTTP requests in this frame

Frame: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 273B348ECB1993BE0D9B5521D4256DD3
Requests: 16 HTTP requests in this frame

Frame: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F0E6F95FC6D5BB6B43211C46D372009
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B639E1CD53521EB093BFFD4003913BF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E40A3D0FD3EA37EAB73B7B4B3D666B00
Requests: 2 HTTP requests in this frame

Frame: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A4684A27B4E2E60D2737D36261158E0E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Frame ID: 09613859037F583B6E61BF47D26B747E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Frame ID: 82B8F6F0D4FBCDD3F6F53C7D90422F41
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Frame ID: 1EC7E4FFE3DA254F39B10D03C7C8278A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Frame ID: 0F27AC8ED5A2624D01E96A6FB6966188
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6855451DECF58D4BAEB3E90D5F8C2523
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 956DE8B56E3A5EA8F09B047991B35768
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37A387FF9B46EEEA642A919C2AA01622
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34EF2ED73942A052D51C2D58511AD609
Requests: 3 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 69A79328B62A958BA63A92EBE7D11F1E
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Frame ID: B36454B3DBA518BD173652FA968F622C
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264
Frame ID: 7A506AC07BD3C42FA8F09737BD312A12
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Frame ID: 67B2CB0B4F498A819C175CE5E430C39F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 30AB361B8C401205A4D1A16778846D6D
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FA0A48F82B4C46806277868573B0F354
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Frame ID: 11587BCAC3804AF6DBFEEAF2CE046A55
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555
Frame ID: A66F8CB09FDAD5206A3A82ED7A3D7841
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Frame ID: 7CC95D997169E775F09DD6893B99B30B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 678B4F34F102FA92CC8D3F4E609B0D90
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 98CC701DF2EA7BE17B348BD311B32DA0
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Frame ID: 97A28A7B2A83BB3BD30B5DAE592CABF1
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135
Frame ID: 4C3EE59560634537E5F990BC64BED27B
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Frame ID: CC5E3306A71CBCC67C615B0E7ED378EF
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 679035599B0DFCC926B834BA14DBB35D
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 704C1421FBF08BA527F96E3CB1BA8416
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Frame ID: 91164582BA605F52D8090C31F2C47FE3
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474
Frame ID: A4219F1D79A33D69D4BFF3347C5F8B8D
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Frame ID: 15B0748377C4B3E55B7AB8BA2F0CE2A4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7060544586D02093462BD803ED3B53D3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Posthaus - Roupas femininas, plus size, infantil e mais!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

365
Requests

83 %
HTTPS

34 %
IPv6

74
Domains

104
Subdomains

84
IPs

14
Countries

3078 kB
Transfer

7069 kB
Size

98
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129005 HTTP 302
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129005&tc=1
Request Chain 63
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&RedC=c.clarity.ms&MXFR=0C7131ECC4856C1C163020D5C085623E HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&MUID=1C6D544FF8736F4037984576F9A16EC4
Request Chain 107
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=VSlgoXxjUUlpaTQwSXRyRmllM3VBMFlDbm9VMmJzbS9rYmFwNmFldkQ3VzEwUGpGMnVlOWZTME5aeGxwekVjMjhDTmU3VTlaSWppdUFPdGlQdVVVeWk3QU9LZTZFNWFDK240OFlBQkFWdXVnYjVWdUFTZytVU3g3UXFJVzdhc1VROEFWYktPVnNSSmVoSElJalF6QVdUOWpqMlVwczEyWFJuOFZReG4yK1F5a1lFcHBFcm5oVUQveUNvSGxIejVLa3hWdnZNZW41S0tJb3ltVERjdDdxTHpkdlNmNGdUcS8xNjFzQm5yS2NIN21EcEY2OFQ5SHpoZjNOWjkyYlFhOUMxYmVncWdUTkVXa2JLWC9SSHdhc0VHTW5VZz09fA&cppv=2
Request Chain 109
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3JtQ01TWDclMkZUQXBwS0RJQTFyTjRCdGhmdU5EbUlCdHg2aXhKdUE1Z2FwckRmT1hEakxXJTJCcVg2bzVFdThlSE1sOE13MjUlMkZqQVh3ZVVIdDY3UnJtc0RJak94c2RqRU5nWjdja2xFYTQ4aFBwQUxwOFNRVHlRJTNEJTNE&tld=ecosweb.dev.br&dtycbr=5247 HTTP 302
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3JtQ01TWDclMkZUQXBwS0RJQTFyTjRCdGhmdU5EbUlCdHg2aXhKdUE1Z2FwckRmT1hEakxXJTJCcVg2bzVFdThlSE1sOE13MjUlMkZqQVh3ZVVIdDY3UnJtc0RJak94c2RqRU5nWjdja2xFYTQ4aFBwQUxwOFNRVHlRJTNEJTNE&tld=ecosweb.dev.br&dtycbr=5247
Request Chain 111
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0zWWY5UjVHQmljTUFBWF9KbGE1RWNrdkI3X3ZiTDctOWlhS3pRUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 114
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7166594213244006150
Request Chain 118
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA
Request Chain 120
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA&verify=true
Request Chain 121
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Request Chain 124
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30
Request Chain 125
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg&C=1
Request Chain 128
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom=&tag_format=img&tag_action=sync&custom=&cb=273bfe5b-540b-4276-a6cc-2134c11f429d HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=273bfe5b-540b-4276-a6cc-2134c11f429d&final=true&reqid=9d779330-7faa-11ec-b4d7-f59829237bf8&timestamp=2022-01-27T19%3A52%3A10.467Z
Request Chain 129
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
Request Chain 134
  • https://pixel.advertising.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Request Chain 135
  • https://pixel.advertising.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Request Chain 137
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=l1-cebYyAcg1Mr7hnYkjrc8h0SrsXP3L
Request Chain 145
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/6dkD_QQF6se3HrtPRXGadd02WK1bEWkk/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3056754456700657024
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
Request Chain 181
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL36ln4NIEuI77HGstC.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
Request Chain 183
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
Request Chain 185
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL36ln4NIEuI77HGstC.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
Request Chain 187
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
Request Chain 213
  • https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 214
  • https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 216
  • https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 217
  • https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 223
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 224
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=78199000213407000710580011852012&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Request Chain 226
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264
Request Chain 231
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 232
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=98604300273699700710584011852028&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Request Chain 234
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555
Request Chain 239
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 240
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=61279900244895500710584011852001&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Request Chain 242
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135
Request Chain 255
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 256
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=94795200234521200710584011852008&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Request Chain 258
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474
Request Chain 270
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1&google_push=AYg5qPKSBMY5-9mb2UF0_5X0jz5quZt3eYvkELUVwBL2F5DcTeyaExzG_VhMcFc1-9k3pv2x2J4bVUYtImkl6I2ZxNuF2lVT01SLkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA1Njc1NDQ1NjcwMDY1NzAyNA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEsMmEVCjuWG7jcZ0g4aaCM&google_cver=1&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf0UTJBN3wbrbeEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf0UTJBN3wbrbeEA
Request Chain 274
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2tGXaB26EqF6mINufkC6s&google_cver=1&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk6unXfaCGcKB8Nw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rEQmQjB7Tn2phVjs6k5Ryw2&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk6unXfaCGcKB8Nw
Request Chain 275
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY- HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY-&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY-&google_hm=533846887b810a15a9d7e681
Request Chain 276
  • https://match.360yield.com/match/ebda?google_gid=CAESEHwM6aGxWE2gZUNIrBkCY2I&google_cver=1&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFu3K_p2xM4KhC5oX1wcNmA&google_cver=1&google_push=AYg5qPLPK_Khm0UiPBVYuEiZw16vGkqy_Se-45GTwxklO9lCVs0u2G9jWMzvwYcZLPUt4-YpbX2UStoyK1fGsjDKeGhJIWXm5Eho HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFu3K_p2xM4KhC5oX1wcNmA&google_push=AYg5qPLPK_Khm0UiPBVYuEiZw16vGkqy_Se-45GTwxklO9lCVs0u2G9jWMzvwYcZLPUt4-YpbX2UStoyK1fGsjDKeGhJIWXm5Eho
Request Chain 281
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOwn_MbIfrV7ljTHn3FjWuo&google_cver=1&google_push=AYg5qPLezF7P_O8wz00G7_U9KsttIIb_JLqGEVkiRBUVjl_GqMb9xhrcxhNKnpsyHmGM3B3dVM8dYI35wBHeHqeeT09VQHdcvKZ_ HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOwn_MbIfrV7ljTHn3FjWuo&google_cver=1&google_push=AYg5qPLezF7P_O8wz00G7_U9KsttIIb_JLqGEVkiRBUVjl_GqMb9xhrcxhNKnpsyHmGM3B3dVM8dYI35wBHeHqeeT09VQHdcvKZ_&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=TTaPOJLQS76OnC6opGK3yQ&gdpr=1&gdpr_consent=
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwymlgs1kwJWieypK_rKTQ&google_cver=1&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn2kQ7jdRT HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=91618c24-fd43-4ed4-89b4-faa0e324f4af HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=91618c24-fd43-4ed4-89b4-faa0e324f4af HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=bad259c7-c3fa-4f53-96e9-d5e35a73fd68&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn2kQ7jdRT&google_hm=kWGMJP1DTtSJtPqg4yT0rw==
Request Chain 283
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdhA1EJv_nUVaOVn1PYxO8&google_cver=1&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye0P40wclLWucc19QwgP_3 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEdhA1EJv_nUVaOVn1PYxO8&google_cver=1&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye0P40wclLWucc19QwgP_3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxODE3MTk1NDMyNTQ0MTY4Ng&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye0P40wclLWucc19QwgP_3
Request Chain 284
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECBFsjaazJXHiqVrvYmIbh8&google_cver=1&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzScN5TASuxqFcJksdx5oIb8iBYs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKTVYtMTgtQU41Wg==&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzScN5TASuxqFcJksdx5oIb8iBYs
Request Chain 324
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBnLJTOFHS0gh4l5kZAvs_0&google_cver=1&google_push=AYg5qPKLRVWRIiOzHkcpZd2UnTwJmKeiB-uXBgliv7gkdq3RmGuYAae00zVivMPl9hg4-E8SoE9YMF5ROczm78fsnvrDWC9PHt8 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBnLJTOFHS0gh4l5kZAvs_0&google_cver=1&google_push=AYg5qPKLRVWRIiOzHkcpZd2UnTwJmKeiB-uXBgliv7gkdq3RmGuYAae00zVivMPl9hg4-E8SoE9YMF5ROczm78fsnvrDWC9PHt8&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=orIpDmczQXaULKXcHUiAVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLRVWRIiOzHkcpZd2UnTwJmKeiB-uXBgliv7gkdq3RmGuYAae00zVivMPl9hg4-E8SoE9YMF5ROczm78fsnvrDWC9PHt8
Request Chain 325
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIXFn3ujovSJU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIXFn3ujovSJU&google_hm=533846887b810a15a9d7e681
Request Chain 326
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_2lnEuuCmIxtZqcrW-ICo&google_cver=1&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSxSmvI1UT1wNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSxSmvI1UT1wNw
Request Chain 337
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qfdz1urStNiIi8fQbwIYY4EC7hnJ99GdoJ_ZlIVa2dQFM1cfuJiGSgb6w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qfdz1urStNiIi8fQbwIYY4EC7hnJ99GdoJ_ZlIVa2dQFM1cfuJiGSgb6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkhwZ0ZNUUgxTmRhT3c1&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qfdz1urStNiIi8fQbwIYY4EC7hnJ99GdoJ_ZlIVa2dQFM1cfuJiGSgb6w
Request Chain 339
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECBFsjaazJXHiqVrvYmIbh8&google_cver=1&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIKgKe4_bzkbEA57gjDmsLdmnL6Rbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKUVotUi1IWVY4&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIKgKe4_bzkbEA57gjDmsLdmnL6Rbg
Request Chain 340
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1
Request Chain 341
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_2lnEuuCmIxtZqcrW-ICo&google_cver=1&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3IR8XkLaDABX5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3IR8XkLaDABX5
Request Chain 342
  • https://match.360yield.com/match/ebda?google_gid=CAESEHwM6aGxWE2gZUNIrBkCY2I&google_cver=1&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q
Request Chain 343
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED8sJ3TlOEz3OpzMzfXqmJA&google_cver=1&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw&google_gid=CAESED8sJ3TlOEz3OpzMzfXqmJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY2OTYyNTM3NzI3NTEyNDUwNDcyOQ%3D%3D&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		106 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
b7f6d2e2d32b2a1ecba92aa38102f655f4add77248ed2071bcdbcc4f370d9ae3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jan 2022 19:52:06 GMT
dbr-company
posthaus
dbr-device
desktop
dbr-orquestrador
true
etag
W/"1a781-f1PwzJZqZGW4E/PpxaxKlvcW7oA"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:21:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:52:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:52:07 GMT
vendors~app.css
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"9254-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
app.8cc034d1d8cf5d7a86d7.bundle.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		615 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
ffc29c6249722385c6d20a999a48d66e4b55e6e465e235f20d54000df3f16b55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"99d00-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
polyfills.6c4275ad25d099142998.bundle.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/polyfills.6c4275ad25d099142998.bundle.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"1eed-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
vendors~app.34695cf0dc5e60fc7077.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		643 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
f40a30e16c70c82abefd586548807814ef7da2563721214af5822f3cbfdf7f92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"a0a96-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
home.fcc9f923176363b12784.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
c48d72e622223e0931e14bf9cd00e5f94e4c5e8a4df2a456d53678a933eb3139
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"3c89-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-home.fcc9f923176363b12784.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-home.fcc9f923176363b12784.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
8e21cd72b0d5aba10024a13614a42e961757d6246c1fb37c8d1879b0f5c43492
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"4d5c-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-product-list.55194cb73643539c1c8e.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
c5592d72f0372c2f237a8ecaaa67eda0064b413098e191140d1da1f41d394d58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"7302-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
product-details.94d0f6349ae3ef70ac80.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
327bec2ec73981fc12954bac138de42bad69d513a432da8f196cf9a40c7deb04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"3ea5-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
ic-navbar-logo.svg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ic-navbar-logo.svg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
gzip
last-modified
Thu, 27 Dec 2018 19:29:01 GMT
server
Apache
etag
"1bb1-57e05f56c3940-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
2614
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-mastercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		853 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-mastercard.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:59 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
853
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-visa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		629 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-visa.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
etag
"275-5b5e51e0f2300"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
629
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-amex.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		534 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-amex.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:54 GMT
server
Apache
age
0
etag
"216-5b5e51db39580"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
534
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-caixa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-caixa.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
876
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-hipercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		771 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-hipercard.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Jul 2018 19:05:44 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
771
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-elo.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		781 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-elo.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
781
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-discover.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		762 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-discover.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
762
expires
Fri, 28 Jan 2022 19:52:08 GMT
img-reclame-aqui.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-reclame-aqui.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:01 GMT
server
Apache
age
0
etag
"480-5b5e51e1e6540"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1152
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:08 GMT
img-ebit.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-ebit.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1139
expires
Fri, 28 Jan 2022 19:52:08 GMT
img-go-daddy.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-go-daddy.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 14:25:14 GMT
server
Apache
age
0
etag
"bc6-5a68ddd21398d"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
3014
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-facebook.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		197 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-facebook.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
etag
"c5-5b5e51dd21a00"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
197
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:08 GMT
ic-instagram.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-instagram.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:58 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3231
expires
Fri, 28 Jan 2022 19:52:08 GMT
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 22:14:22 GMT
x-content-type-options
nosniff
age
596266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 22:14:22 GMT
fontawesome-webfont.woff2
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
content-length
77160
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"12d68-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6436
date
Thu, 27 Jan 2022 18:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 20:04:52 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00edd30b23719772e09df16d129bc66e5ceb8ab383dbab26fb6e37d286514222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85151
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:52:08 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
10
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d44850f1f449182-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:52:08 GMT
vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
73bbcb5588755006ce54da1b4e3c6ea5ef3ce1df8d32ae2ebd89aa3917fcecaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"ecdc-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
11
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d44850f4fe49182-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:52:08 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Jan 2022 20:12:02 GMT
js
www.google-analytics.com/gtm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=1083570406.1643313129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
web
onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d15833e62a5d1a7d95a1a674c40798de6c176602f7f8843852002c90bddbd2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35
cf-polished
origSize=3379
status
200 OK
x-envoy-upstream-service-time
18
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b30525f9-2484-413e-9228-fe6536729dec
x-runtime
0.017401
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2b341dfdea5503df69aa8b8b7e676d27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d44850fa9459182-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 27 Jan 2022 20:52:08 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c7188156e3220b6c96061728d90cb3fd8e8b7a91f16d647c835fcd03efac081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62384
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:52:09 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0391456cb58d16fd3f8689acea40795dfbf77f82f06ed221c8c4703d4328dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62377
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:52:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3faa4a6b6c969b894a28259f0df358fab7c950c7e29855c5146c80ccece26f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27134
x-xss-protection
0
server
sffe
etag
"1115 / 129 of 1000 / last-modified: 1643303763"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jan 2022 19:52:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
OgsFouAx821Kl6MM3gbwESGQrZJbZarQQe/NnMbyWchkhUZ5uzA4GKZc5rkxdA4d1bZYXVIQkhl1djGfrwvleg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 27 Jan 2022 19:52:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
cdn.pmweb.com.br/df/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.207.195.77 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-207-195-77.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 18:34:31 GMT
Server
nginx
ETag
W/"61f042b7-4452"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=300
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
6918
Expires
Thu, 27 Jan 2022 19:57:09 GMT
tags
us.creativecdn.com/ Frame 7821
Redirect Chain
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.d...
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.d...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129005&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Redirect headers

date
Thu, 27 Jan 2022 19:52:09 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129005&tc=1
content-length
0
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14855
x-xss-protection
0
server
cafe
etag
17539559064140624452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 19:52:09 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9541D6D5FA9844339033980559D938EE Ref B: FRAEDGE1207 Ref C: 2022-01-27T19:52:09Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100044-IAD, cache-hhn11556-HHN
events.js
analytics.tiktok.com/i18n/pixel/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202201271952090101130060241C407201
vary
Accept-Encoding
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,92.123.107.84
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b81a14fc413f6bf13d773d67c60aa09fa5e7a09d082025bd5fc0649296f8016136e1168feb69b1761be8e8d2f28efb492f538560520bff6a7a74a5afb25aa048bbb586e880eca8c6c3bf872457971bce9c
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
x-akamai-request-id
7e39a78f
expires
Thu, 27 Jan 2022 19:52:09 GMT
logoLareLazer.svg
ph-cdn3.ecosweb.com.br/imagens01/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/logoLareLazer.svg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 14:14:06 GMT
server
Apache
etag
"1132-5a85c63b5a1fa-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=43200
accept-ranges
bytes
content-length
1521
expires
Fri, 28 Jan 2022 07:52:09 GMT
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
952
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930c-cb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FYOIyrAnEMW5fgzagjV8Um40GC5QeN91RdK8vlVgLnoMUJlWnVJ8YtlxAk5tpnPKgZGhLUlb4Yssrjhdvqzkb9gLNYo9vao1uvusKW7ooGx3ClVG%2B8MKRjk2OfmdhPVNc51H8xvK9cmmYLm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d44851098869106-FRA
expires
Thu, 27 Jan 2022 19:56:17 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
209393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWAD2qhtiZ2AYB5A3bLh0uqvNV21VzXuIndEr8m47JAwFoJ4AW0iJ%2Fw1ss1p73%2Br77u2cVOGJsNd%2FfeZU0DxQhC9HahrFABcpUPp62WBm4LMgX5i467XmlCAB45qoXuSNZP75pFmUE6hQsmWGNeLVqpD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d4485108e5392ae-FRA
expires
Tue, 17 Jan 2023 19:52:09 GMT
1040557206700558
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1040557206700558?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89059
x-xss-protection
0
pragma
public
x-fb-debug
XlTyJjpUEhSyRo0xU6JsAMx6uiKvuJJ7jRdFHwPIad3kZQDY8bkxayp4cyRz4Q+BWbsoxmFalzZR4snee3nzXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 27 Jan 2022 19:52:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9f7a697a-495c-4500-bd61-999374149c42&tw_document_href=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
106
date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bfbb7f7886a28365fce6fd353da741733e4d12220e173fc2e283e5661fe6925e
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9f7a697a-495c-4500-bd61-999374149c42&tw_document_href=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
111
date
Thu, 27 Jan 2022 19:52:08 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e8e7eda6197f8d315d1cd4a227b2e60a6bdc544ba5f3c13e33500d77d42499ac
content-length
43
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=PageView&dl=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313129091&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.2.1643313129090.1570381205&it=1643313129040&coo=false&rqm=GET
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 27 Jan 2022 19:52:09 GMT
4074602.js
bat.bing.com/p/action/ 		684 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4074602.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
223fa73d63f38f8eba504ff1e2f5aa3389e421dfceea85caa5eac14cfb010a84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ADDEA1095E934A68854E086CA41E9FCC Ref B: FRAEDGE1207 Ref C: 2022-01-27T19:52:09Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
588
0
bat.bing.com/action/ 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4074602&Ver=2&mid=81554928-7daf-4d94-b99c-0a3eacf83b03&sid=9ca699b07faa11eca0b51ddbcdbea847&vid=9ca6c4d07faa11eca2e591167eacacfa&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Posthaus%20-%20Roupas%20femininas,%20plus%20size,%20infantil%20e%20mais!&p=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&r=&lt=2907&evt=pageLoad&msclkid=N&sv=1&rn=756129
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 629295307F08494B8A937F0417D00478 Ref B: FRAEDGE1207 Ref C: 2022-01-27T19:52:09Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.min.js
www.artfut.com/static/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930c-686e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGIEGCYFCofqVuicv47v3qWSLs3B2izoCcgKAKmRnxwn2iYoXHr43Db89Dj57UnBggCBogthrHb06h3pZaq%2BY5GNKn4E7xuKOBIiXEee12abRBCZmjdDAGp2N%2Fg9b1e13Ah04ef9tM%2BKY688"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d448510f97b9106-FRA
expires
Thu, 27 Jan 2022 20:12:02 GMT
crossdevice.min.js
www.artfut.com/static/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1199
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930b-655c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWFPO2a32kvrT47agLs5KMUUzY6i96j2NAYBj1E9z6jufrP%2B46FroH%2FKQQ0Pz1tv%2Ft%2Bx%2BnT9wu1pXoBQ%2Fha0dQOL4Z3gfVfKIMoo3QfUIRHDd5PXOzTicf8jDUls0Q10txCP4cuC%2FgSmYmj3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d448510f97d9106-FRA
expires
Thu, 27 Jan 2022 19:52:10 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RF7L3756SK&gtm=2oe1o0&_p=1575269013&sr=1600x1200&ul=en-us&cid=1083570406.1643313129&_s=1&dl=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313128&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313129202&cv=9&fst=1643313129202&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78746cef20b5b4a521b8f1e627490175841da004a8c5ce794b44286fd9fa92b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PL4DYBH48C&gtm=2oe1o0&_p=1575269013&sr=1600x1200&ul=en-us&cid=1083570406.1643313129&_s=1&dl=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313128&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022012502.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
11406d2fe03cea34dcf0b5c178acda7fad399cb1f9b06cea2d55866ab94a20ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 18:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120804
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 18:44:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 18:19:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
710c719d5aacdf358b780daad852cdb5bf80e0fb45a60641852df85d3a8c3e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:52:09 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
a4e73174.7e39a958
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-222-81.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
89,92.123.107.84
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=2, inner; dur=1
pragma
no-cache
server
nginx
x-tt-logid
202201271952090101130062211230F445
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,23.218.222.81
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8f136eedc81eb0cb3e8498f988ffe72eddd9101b27b46f7bd257bdad9f002c24722e70b2bb7235c5f6ccb856941b60b5b274d56f1399d0dad4ffcea8453b1e4d48cc6b3a702f0b379afc8f49fa107cafad48dc38c7faeb82ce0cfccb5d9a565eb
expires
Thu, 27 Jan 2022 19:52:09 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4SF02FPECQ6U88EVT00&hostname=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
db426667.7e39a9a3
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-222-71.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
92,92.123.107.84
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=4, inner; dur=2
content-length
329
pragma
no-cache
server
nginx
x-tt-logid
20220127195209010113006101115E7BFF
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.218.222.71
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8f136eedc81eb0cb3e8498f988ffe72ed85f56e435720636da0da1617c84d13770df559d9db100951b134e0bfe8d93a06471313f7599d1240daf3e304351de842e4057042f8cd591c409dad12ece0ccbca12604105488b63d00dace80133d9c06
expires
Thu, 27 Jan 2022 19:52:09 GMT
clarity.js
j.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/4074602.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
br
etag
"1d8120472a41700"
last-modified
Tue, 25 Jan 2022 15:58:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&RedC=c.clarity.ms&MXFR=0C7131ECC4856C1C163020D5C085623E
  • https://c.clarity.ms/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&MUID=1C6D544FF8736F4037984576F9A16EC4
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&MUID=1C6D544FF8736F4037984576F9A16EC4
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:08 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE260FCFBA3743ED9FDF10440938B73A Ref B: FRAEDGE1207 Ref C: 2022-01-27T19:52:09Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=DD85BEC892154237B92ACC16093E9D95&MUID=1C6D544FF8736F4037984576F9A16EC4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313129202&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2277994867&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313129202&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2277994867&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1575269013&t=pageview&_s=1&dl=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEITQAAAAC~&jid=832735403&gjid=1799057727&cid=1083570406.1643313129&tid=UA-46607966-3&_gid=1473930027.1643313129&_r=1&_slc=1&z=801941636
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv4.icanhazip.com/ 		16 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4529cf4d8f6201bc8e545fd0a15de66d776ed1b29c4164daafa9e9db03b5ad02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
6d448512da009165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
tags
us.creativecdn.com/ Frame 399F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_oZy4y7UtPR7q89ELmSm&su=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313129465
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers
ld.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jan 2022 19:52:09 GMT
/
testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/ 		0
0
img-cadastro-posthaus.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-cadastro-posthaus.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 18 Jan 2022 11:30:58 GMT
server
Apache
age
798
etag
"14515-5d5d99a5dadf1"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
83221
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313129532&cv=9&fst=1643313129532&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67b1cc5123d82aa346bef868c495b214cde69ea2e57f77af86318fb34ba85419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1130
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313129534&cv=9&fst=1643313129534&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2e730c275271ed85c91fadd52a7b44db931157414ced60af5355efa2465b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1188
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313129535&cv=9&fst=1643313129535&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f24c3e42d4b7720cf0bdf4576025fd5a26c23f698cbd14acfbef5688ac23e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/?random=1643313129535&cv=9&fst=1643313129535&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e36f59766564342f7451754492210e3667e49f8cdc05a6319f920fbe5147dfec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1128
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0_0_100199833_1_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_1_1600.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
2
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
51322
expires
Fri, 28 Jan 2022 07:52:09 GMT
0_0_100199833_2_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_2_1600.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
2
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
74087
expires
Fri, 28 Jan 2022 07:52:09 GMT
0_0_100199833_3_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_3_1600.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:06 GMT
server
Apache
age
2
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
66303
expires
Fri, 28 Jan 2022 07:52:09 GMT
img-frete-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-frete-gratis.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"174a-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5962
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:09 GMT
img-troca-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-troca-gratis.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"1415-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5141
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:52:09 GMT
img-payment.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-payment.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5471
expires
Fri, 28 Jan 2022 19:52:09 GMT
img-qrcode-app.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-qrcode-app.png
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Aug 2021 17:36:10 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
15826
expires
Fri, 28 Jan 2022 19:52:09 GMT
0_0_100199837_1_1_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_1_880.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
2
etag
"f1cd-5cf7d697d67e6"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
61901
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:52:09 GMT
0_0_100199837_1_2_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_2_880.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
2
etag
"aa5d-5cf7d69817ec8"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
43613
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:52:09 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
710 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
763a4cf4.7e39abff
date
Thu, 27 Jan 2022 19:52:09 GMT
x-cache-remote
TCP_MISS from a23-218-222-68.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
133,92.123.107.84
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=45, inner; dur=11
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220127195209010113006011013BE30C
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
46,23.218.222.68
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8f136eedc81eb0cb3e8498f988ffe72ed5270ecbbbe92dfbef20b08ea0517a673d142ac8f21d1771e34e98fdeaaa0bc23058612862f458bd3e73e822bdeb5766a088aff514befcbe292a4ae7aafb6e283f0ac5155619ffe78161404734be0a64f
expires
Thu, 27 Jan 2022 19:52:09 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
709 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
17d86e11.7e39ac2c
date
Thu, 27 Jan 2022 19:52:09 GMT
x-cache-remote
TCP_MISS from a23-218-222-74.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
110,92.123.107.84
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=23, inner; dur=11
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202201271952090101131350982629B96C
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,23.218.222.74
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8f136eedc81eb0cb3e8498f988ffe72ed646e6473cfa5b28677684baf000fceaf5b2245fbae5e2c15d0a8466ce5eb7f81c93423c6f1523503e036937b94a108484b50a5d56c0ae63445e0cc206792eee50453f51eb443418601dde8a0d1de8502
expires
Thu, 27 Jan 2022 19:52:09 GMT
0_0_100199837_1_5_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_5_880.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
2
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
27297
expires
Fri, 28 Jan 2022 07:52:09 GMT
0_0_100199837_1_6_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_6_880.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
2
etag
"6107-5cf7d698a8366"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
24839
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:52:09 GMT
0_0_100199837_1_7_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_7_880.jpg
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Apache /
Resource Hash
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
2
etag
"5d02-5cf7d698de2b0"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
23810
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:52:09 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=Microdata&dl=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313129615&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%20%22%2C%22meta%3Adescription%22%3A%22Aqui%20no%20Posthaus%20voc%C3%AA%20encontra%20Roupas%20femininas%2C%20plus%20size%2C%20moda%20infantil%2C%20moda%20masculina%20e%20muito%20mais.%20Confira%20as%20promo%C3%A7%C3%B5es%20da%20moda%20e%20aproveite!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.2.1643313129090.1570381205&it=1643313129040&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 27 Jan 2022 19:52:09 GMT
syncframe
gum.criteo.com/ Frame 724D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2191
date
Thu, 27 Jan 2022 19:52:09 GMT
content-length
5182
strict-transport-security
max-age=31536000; preload;
/
www.google.com/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1053199656/?random=1643313129535&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2126007520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1053199656/?random=1643313129535&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2126007520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313129532&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3039773818&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313129532&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3039773818&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313129535&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3270472976&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313129535&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3270472976&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313129534&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLM3jBqI5vGQ1Yf3P9ch2XNCLu8So4as_G8hFHO66gtrNeZ13-H&random=3934486665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313129534&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLM3jBqI5vGQ1Yf3P9ch2XNCLu8So4as_G8hFHO66gtrNeZ13-H&random=3934486665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 724D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=VSlgoXxjUUlpaTQwSXRyRmllM3VBMFlDbm9VMmJzbS9rYmFwNmFldkQ3VzEwUGpGMnVlOWZTME5aeGxwekVjMjhDTmU3VTlaSWppdUFPdGlQdVVVeWk3QU9LZTZFNWFDK240OFlBQkFWdXVnYjVWdUFTZytVU3g3UXFJVz...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VSlgoXxjUUlpaTQwSXRyRmllM3VBMFlDbm9VMmJzbS9rYmFwNmFldkQ3VzEwUGpGMnVlOWZTME5aeGxwekVjMjhDTmU3VTlaSWppdUFPdGlQdVVVeWk3QU9LZTZFNWFDK240OFlBQkFWdXVnYjVWdUFTZytVU3g3UXFJVzdhc1VROEFWYktPVnNSSmVoSElJalF6QVdUOWpqMlVwczEyWFJuOFZReG4yK1F5a1lFcHBFcm5oVUQveUNvSGxIejVLa3hWdnZNZW41S0tJb3ltVERjdDdxTHpkdlNmNGdUcS8xNjFzQm5yS2NIN21EcEY2OFQ5SHpoZjNOWjkyYlFhOUMxYmVncWdUTkVXa2JLWC9SSHdhc0VHTW5VZz09fA&cppv=2
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
af0fe85dd378b5775b2e91b482295c830e439cce2abbd294338d0eadb4ab0371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:08 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4611
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:08 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=VSlgoXxjUUlpaTQwSXRyRmllM3VBMFlDbm9VMmJzbS9rYmFwNmFldkQ3VzEwUGpGMnVlOWZTME5aeGxwekVjMjhDTmU3VTlaSWppdUFPdGlQdVVVeWk3QU9LZTZFNWFDK240OFlBQkFWdXVnYjVWdUFTZytVU3g3UXFJVzdhc1VROEFWYktPVnNSSmVoSElJalF6QVdUOWpqMlVwczEyWFJuOFZReG4yK1F5a1lFcHBFcm5oVUQveUNvSGxIejVLa3hWdnZNZW41S0tJb3ltVERjdDdxTHpkdlNmNGdUcS8xNjFzQm5yS2NIN21EcEY2OFQ5SHpoZjNOWjkyYlFhOUMxYmVncWdUTkVXa2JLWC9SSHdhc0VHTW5VZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1619
content-length
541
expires
0
collect
j.clarity.ms/ 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:52:09 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3...
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3JtQ01TWDclMkZUQXBwS0RJQTFyTjRCdGhmdU5EbUlCdHg2aXhKdUE1Z2FwckRmT1hEakxXJTJCcVg2bzVFdThlSE1sOE13MjUlMkZqQVh3ZVVIdDY3UnJtc0RJak94c2RqRU5nWjdja2xFYTQ4aFBwQUxwOFNRVHlRJTNEJTNE&tld=ecosweb.dev.br&dtycbr=5247
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
34fbd8b6343fa60aa75b2005feb908459df65d2953b87efb6961a801bc972010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13365822
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3JtQ01TWDclMkZUQXBwS0RJQTFyTjRCdGhmdU5EbUlCdHg2aXhKdUE1Z2FwckRmT1hEakxXJTJCcVg2bzVFdThlSE1sOE13MjUlMkZqQVh3ZVVIdDY3UnJtc0RJak94c2RqRU5nWjdja2xFYTQ4aFBwQUxwOFNRVHlRJTNEJTNE&tld=ecosweb.dev.br&dtycbr=5247
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3423219
timing-allow-origin
*
content-length
0
expires
0
/
df.pmweb.com.br/push/ 		2 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://df.pmweb.com.br/push/?aid=PM-NW3T6C&cid=073141643313129805&sid=784601643313129806&pvw=9d18694d-1b81-4d5b-acae-377099fdde98&v=1.19.0&rs=1600x1200&tt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&ws=1600x1200&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: cdn.pmweb.com.br
URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.230.146.239 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/plain
Access-Control-Allow-Origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
0
demconf.jpg
dpm.demdex.net/ Frame 9F9B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
Protocol
HTTP/1.1
Server
54.229.240.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-240-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-0fa023e15.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
f5uhfmkeTw0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v027-096e6021a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
k3aM2X+/TIw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=unSUtYMJokzdKu7Vng4kVcaFwmB6SFv7
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9F9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0zWWY5UjVHQmljTUFBWF9KbGE1RWNrdkI3X3ZiTDctOWlhS3pRUQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
208718
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Criteo
crb.kargo.com/api/v1/dsync/ Frame 9F9B 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.106.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-106-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9F9B
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.as...
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7166594213244006150
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7166594213244006150
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2513694
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cf0efbca-dddc-454f-a2e2-2f6f01299715
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7166594213244006150
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 9F9B 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-VIa7LpGBicMAAX_Jla5EckvB7_vf1Z-CwPdeOg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:10 GMT
Cache-Control
no-cache
X-TraceId
b3ecd35b579a44041aa7e33c6a2aa8e0
Content-Length
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9F9B 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-N_43NJGBicMAAX_Jla5EckvB7_s8ON-0qks1-g
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13732
tap.php
pixel.rubiconproject.com/ Frame 9F9B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-2G3io5GBicMAAX_Jla5EckvB7_suJDdmSBIjQg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
match
ad.360yield.com/ul_cb/ Frame 9F9B
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA
Protocol
H2
Server
18.203.202.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-202-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 19:52:10 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YF8wmJGBicMAAX_Jla5EckvB7_suA7PWLxz9YA
date
Thu, 27 Jan 2022 19:52:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
ads.yahoo.com/cms/ Frame 9F9B 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame 9F9B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA&verify=true
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Sr2K-JGBicMAAX_Jla5EckvB7_uQGOKNlDizSA&verify=true
date
Thu, 27 Jan 2022 19:52:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55945/ Frame 9F9B
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wiP41ZGBicMAAX_Jla5EckvB7_vBS3lzZGWKqQ&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
date
Thu, 27 Jan 2022 19:52:10 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
contextual.media.net/ Frame 9F9B 		45 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-EqAInpGBicMAAX_Jla5EckvB7_vL0KL5buPH8A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.80.37 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-80-37.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 27 Jan 2022 19:52:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 27 Jan 2022 19:52:10 GMT
/
s.ad.smaato.net/c/ Frame 9F9B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Ofx_K5GBicMAAX_Jla5EckvB7_sBRMydecp6dg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
tnzJ0n347wWNur_Kn0IkD4z7AxviNcnLc02KL5ResPQhTH_sNvC73Q==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame 9F9B
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30
Protocol
HTTP/1.1
Server
18.197.240.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_5pxoZGBicMAAX_Jla5EckvB7_uI1u1FgKmiGg&expires=30
Date
Thu, 27 Jan 2022 19:52:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rum
r.casalemedia.com/ Frame 9F9B
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg&C=1
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:52:10 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Thu, 27 Jan 2022 19:52:10 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 9F9B 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10000569
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:52:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 9F9B 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-9vll75GBicMAAX_Jla5EckvB7_uOr86GOInX3w&c=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
partner.mediawallahscript.com/ Frame 9F9B
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom=&tag_format=img&tag_action=sync&custom=&cb=273bfe5b-540b-4276-a6cc-2134c11...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=273bfe5b-540b-427...
0
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=273bfe5b-540b-4276-a6cc-2134c11f429d&final=true&reqid=9d779330-7faa-11ec-b4d7-f59829237bf8&timestamp=2022-01-27T19%3A52%3A10.467Z
Protocol
HTTP/1.1
Server
54.155.208.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-208-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:10 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:52:10 GMT
Server
nginx/1.18.0
Vary
Accept, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/?account_id=1043&partner_id=1048&uid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=273bfe5b-540b-4276-a6cc-2134c11f429d&final=true&reqid=9d779330-7faa-11ec-b4d7-f59829237bf8&timestamp=2022-01-27T19%3A52%3A10.467Z
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
294
Expires
Sat, 26 Jul 1997 05:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 9F9B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
date
Thu, 27 Jan 2022 19:52:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
t.gif
cw.addthis.com/ Frame 9F9B 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-3Yf9R5GBicMAAX_Jla5EckvB7_vbL7-9iaKzQQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.184.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:10 GMT
pixelCt.tpmn
ad.tpmn.co.kr/ Frame 9F9B 		170 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-e8R4fpGBicMAAX_Jla5EckvB7_tRlYEfNUnd7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:09 GMT
content-encoding
gzip
vary
accept-encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
content-type
image/png;charset=utf-8
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync
tg.socdm.com/aux/ Frame 9F9B 		43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-JPQnZJGBicMAAX_Jla5EckvB7_s0PlvT7kEwnw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
60
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=k-JPQnZJGBicMAAX_Jla5EckvB7_s0PlvT7kEwnw&proto=criteo","cluster_id":60,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL368Co5ucAAGA3P5QAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad99"}
X-SO-Ads-Time
2
X-SO-Key
YfL368Co5ucAAGA3P5QAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad99
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
m-ad99.dc4p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
a-tgng40016.dc2p.scaleout.jp
X-SO-IP
185.213.155.166
sync
adgen.socdm.com/rtb/ Frame 9F9B 		43 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.5 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
35
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?dspid=23&proto=adgen","cluster_id":35,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL368Co8IsAADxEUTsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad204"}
X-SO-Ads-Time
2
X-SO-Key
YfL368Co8IsAADxEUTsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad204
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
m-ad204.dc4p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-ng39.dc4p.scaleout.jp
X-SO-IP
185.213.155.166
sync
ups.analytics.yahoo.com/ups/55945/ Frame 9F9B
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-PIZhupGBicMAAX_Jla5EckvB7_syAiGgDcpwgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
date
Thu, 27 Jan 2022 19:52:10 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55945/ Frame 9F9B
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-OrztjpGBicMAAX_Jla5EckvB7_sa25Ve_FWjgg&_origin=1&apid=UP9d5f2949-7faa-11ec-90d0-021f64d2a608
date
Thu, 27 Jan 2022 19:52:10 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
spp.pl
sp.analytics.yahoo.com/ Frame 9F9B 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:52:10 GMT
397596.gif
idsync.rlcdn.com/ Frame 9F9B
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=l1-cebYyAcg1Mr7hnYkjrc8h0SrsXP3L
42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=l1-cebYyAcg1Mr7hnYkjrc8h0SrsXP3L
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=l1-cebYyAcg1Mr7hnYkjrc8h0SrsXP3L
date
Thu, 27 Jan 2022 19:52:09 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3145
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		77 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3799113561676012&correlator=1564027403676388&output=ldjh&impl=fifs&eid=31063823%2C31064552%2C44752586&vrg=2022012502&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=70779096%2Chomedesktop728x90%2Chomedesktop300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C250x250%7C300x250%2C250x250%7C300x250%2C250x250%7C300x250&didk=4017301742~2688494321~2688494318~2688494319&cookie_enabled=1&bc=31&abxe=1&dt=1643313130502&lmt=1643313130&dlt=1643313127500&idt=2069&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C409%2C675%2C941&adys=2141%2C2153%2C2153%2C2153&adks=1387136263%2C676727686%2C676727687%2C676727684&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&vis=1&scr_x=0&scr_y=0&psz=1600x8%7C1600x16%7C1600x16%7C1600x16&msz=728x0%7C250x0%7C250x0%7C250x0&ga_vid=1083570406.1643313129&ga_sid=1643313131&ga_hid=1575269013&ga_fc=true&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ebba9c526293a4ec60fd51028dc159f30a3c0c6d537145dc2f44c83e3db0ad2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26783
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8221b1eab03eeb3bb30801ce345d8933f8a11b2ff3c1e84648d627a3fb1fcf1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9015
x-xss-protection
0
container.html
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34E3 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 27 Jan 2022 19:52:10 GMT
expires
Fri, 27 Jan 2023 19:52:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
setuid
secure.adnxs.com/ Frame 9F9B 		43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-oMdkHpGBicMAAX_Jla5EckvB7_vlGB3Dsk_8Bg&seg=95287
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:10 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
37fd97b1-c1d3-4936-9810-f013aa7cb848
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t.gif
cw.addthis.com/ Frame 9F9B 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-2G3io5GBicMAAX_Jla5EckvB7_suJDdmSBIjQg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.184.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:10 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 9F9B
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/6dkD_QQF6se3HrtPRXGadd02WK1bEWkk/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3056754456700657024
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3056754456700657024
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1344013
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3056754456700657024
pragma
no-cache
date
Thu, 27 Jan 2022 19:52:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:52:10 GMT
container.html
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CD3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:52:10 GMT
expires
Fri, 27 Jan 2023 19:52:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 273B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:52:10 GMT
expires
Fri, 27 Jan 2023 19:52:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:52:10 GMT
expires
Fri, 27 Jan 2023 19:52:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B639 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:14:47 GMT
expires
Fri, 27 Jan 2023 19:14:47 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E40A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0d2c8634e373089a0edf0c4b418e2d454cd8c846ba0746008756bbee96f091d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YvVQlIYt7iRQi6jO3WRGiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 27 Jan 2022 19:52:10 GMT
date
Thu, 27 Jan 2022 19:52:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YvVQlIYt7iRQi6jO3WRGiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A468 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:52:10 GMT
expires
Fri, 27 Jan 2023 19:52:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame E40A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012502&jk=3799113561676012&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0961 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:52:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 273B 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cx-zGPP_9zU7pG_loHfkIcdNy7B4hwqqVWKQJZmLUySJ24pIKvxfZR4RYjk-O8DTNOUqwUAtZ0Fl1dqQt6ru-AzTyX89VlJ7AUTFRWELC4p4jvWUObDy8HyJfGOD7kHRFMosS8zZojO-H5Rh0Nk61YrZx9MQ&cry=1&dbm_d=AKAmf-DoPhsqQXUpHn2L9WIRcv95iXPYb0xzRBmmUQHZCf3xlXH4YWZ42ezNuOib9V5PbgQC732fXifoZ2ZI9b2ZX4PN_xkv_G_R5NUCuV-7IXIPMaSr6MQBsdBdZts1lczQILeGngReOoBW3_cyYR2lh2xyngiDnwUfsNKmyBOFMUs5Fmi8iBZQwrmNn-KfoRLrVocgEXqIzV9N75drDCppm63fId8B9k_HiPveBZBicfiZVUCOtePwNUFfIpRIE8wv87cMfmA3nogpIeTu8z34s_wZYiIkGqcVrw8ZAlpKjE89nb3042DUBMZ-E0OunRgncdmz5aV8r-rU-h-N4OQAVrgG1eKdnww1jKaYm2otFkPa-rybHeESeMhl8iW8yG5sRt1jOJ7uiFJDdbMrAO4SU6isKFa1RDTKKMvweigMr3yTbIlTFQ6WgGwLqNG8-NytOZVd_3B8pfY77eQE7yp0cuRdnUMiLbtAS3HPABYIQBXKZSrarZD86u5ooWAzfw-JW8D9Wunwf0oGI9QXlfK4k4JG05Ot0V_AaIUo7vkxW9T9GNh3QdfxO09wk55Rrb-QvXrrhqE1G3avhGWRbVAmJkALLEyPQwo1lUjAEBezBdiy6YY-BfOkPPrMfEFziLb463CiJDAMn5UyIPnMS391OIBrcxoKeEAw0fo5stv95xzFWnFe43C5vl-YrE1d3vMGytEsB-K72tjvuHL8DCQ0QmZm30lIFKDbXuHe6Wb5PlM4vxUfXHQqM_Iq4HYhg6hs-zbqJzDsQysuRBz_4vcY2LxHMkvteE8uetAEDesr1pRmLiAbZu8It2W_1XwVbRd-AD_KKW4xQHAreJv95AJlIZahDqIkQJCind0k4WjSjE0d7ZWVid2UvtDpfAnHStPiV1e8Qz9PM4WJcgDTti-jTQYBlt-DL-6J9RbGKeyQrx_HRf0CvU8L2ZFubh43p0aWtrcmU7vmnDJxvOD2Zxge66S9EmXaAQqxOwbSKoRDLPh97v3iVYMRxm_WSFH-mm4llnJ9lVWVX7i9zR0gjlmy9syB65Hr2pMzMbaD1ym8-OX_5HvwU_HZgqYyDW5nj4BIaWlpYu9Hr0JF2Q1Qdi6ExJCCqK3_XBvXBFMwsw5ksXjBknwo0IDSS2qDqOPm2VTF9qITxQDIsWQjc89JZALY9tFYga0DNOAhorvTP_Sa7e4-5-0xx01SzgEuVsWMq2soJPKx9hPRTaNd0MDyGVVdLwzDUc7He5K_JnPu8Xg_SN3FNdL2c0HrftxylZgZNKiK75Rt_FfImUYBsYgKx4GXHLB8XFBeyBUwTR1JHFKGuOgD3WEqIfPSWqo23pKKa7aPa32jwwzwsZyduvDo4VYb5ZDY46QOSknPX5MAnzVdD4SPipA5BQhUqAohOJhNogEF1SMNbU3YiNLs8MTZXn9hmXZUtVlpncUv3WwG-0ZyuRZg9K18-MihDO3f2DqtbT_ZfA-5kvan9F0tG8LFVmvjDRkRD_Gy4yzB3yuWSaAJo6Zbu4QlldhSvZcL4UjsyToe84wHhL4m8rH-aRzW2OWV17mdSfXZxtZdXK79ksKhQn_baYvj0sacBGaH2iZwJaQ-JKCQwh-sCo7OaeJJ8ev3lJmiyMgEHSRG-m1w2R3ndhd8OknKvXjv9Cmx-1kLck5Xvord-gNOUeePW0urXJWZ6NAKkRS1-_oVdcLUb9B0OVGPwZNF1sMxbuFZZH2Vwut5NkuixpCN16bcq4HvLNQ1bJJrar9k-AKSfeaQ3mM1D--lR_emQpQt7ls31ggd-YkT7sObjB7d5llK8RPrfj2QtbxV6NSw3BQAQFfFp6ndswW7IzAQwWQZGP5CNNL1ZzzaLb-h3h5Jv6KG4yG6DRp1psO6g9C1jc73c8ZY6ZVMGasPU7QSq8sUo5QgXZDQOMad3i6GCcievJ3Ci5pkMGbphEVP9wdbEgcSSXwx1ZsS3CaZThmg_DxcRsSrsZPEX4qocU2YIy_aKUShYyUA28DdfKL58vElNqf3moSHXSugzrYq2O9PPPL2HHKCcguGWpdeKcipjuLhkmgylFGIzR__k_W9vU2Cu1u2U4qui3MMCuzsdzINehFBHi9KwL2BDqP3WQjoSG_zIuZWvk6l6nz9UosqXvy2tyMLi0Zx6YodqayPuQ7v1CFPreshvyTkyuZnaWHJwBGOKMxhAYqP06gmMUiFpwXjfNhZAnw-Kt7Ti12n-XK6fMAoXKp5xE_ThX9aBvFku5MRBkP59QH511Co-pWiDVB8UguzCfjlajCNAbHAqEXLUwQhgS-iDGzad6o92LTGQDnXHHYTIXZwAfd4hexTutJrgRRTLAO-WXKc92Uai3HIe6YCVOQDqYJEAgQ95Kv5REk5BfIYFyntoDrWVgRBKUlMQy71V1TkC01MWMZ-rC28FFPv52Mc0qRhWyv5Kx6xhZu2I5IbN1Tf0ChfhKQLv6jTgXqx33TUpSM5u9p41OFjY4XhC8dk1KKlm-u2e_z7KIPSMpopQyj3gp_XGxiA-xu9WhkHJLvr7YbmFkxqV2uAbQzkUF0gAam7FkrreCvjjNUphNmS81214jP0GCVzqhWIbuGF_ickHotL2oT8F0jvSayx2IMrevsTGw24im3lt0fYxSO-SRB75vyQRLdCgrnfiDNPS__gOF_cWBxzAnrAMitQSPbmqkoejRjuhNlxftRKhIapHKM5AIdrRN_lrRavtT1PVeozRlBEZMwjnN6qnkU8OYm2-B_MD5R0pRz_HR6DUWe4GCoSq_EZBnJOY-lFpdJ4ObhnNYj0noC7a8pcwETMGa_L8SJzuIIZy2f5U8xTtYdGQTjDrUGQej4ii1o_-uS1EDp1V82kInxLBRtMNYU1qdlvtrV_zaO60L-8AgSw5qKhsQ4geEmBJ6GvjB4IBp7xx-7l_Vv_PuzxJWv3BCZtpmbC1eMVEU00sXQJGlWsW9bTOrj04Kj6G2DO0_SzAr7h7a7ratTFS7yUkheYBuvDQGPARneAHewNB7eRxo2yp3Z639hBp6df45q5A2p7JJEGTqqBW50NOaq7-E4tyddxtIMTr2R2FXQ6Y9S1ddsSmVIzZH5rrioVpxiyIYCYao_t72VqS-3uEBwiu331XbiKqZ1kuNeS_goUXsjqXMR9nWLXB5ZfXNhy6umQW-c8MeSfygQ6PsaJgZmsoQPV6ubzh8SbzmFE13rOxRbuxZpyY8iXhYVNDOyN4IQvrw4AKzvqybzPHaWtsjb0zIrYoKSF58NLeJ7eaezO9yu6Fsls10HzNxKupTbKuqemj7WvlEtCyL9RsIrxrdLJDnnKZ3g4lU9VPvTDB28ziKatp3UntoJgABAlnMSEMiZJxLZRvYC4NQTTj81HBMI8kW3AaJ_7zZOIYA0c0wonjTiXBUinZBdiK9L3q0Yh-pptsEMaPg&cid=CAASEuRoDGWj5BBvES9A6VJT1DwhRw&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
392d0d29d1ccfbccda24a87348117da8580280ae39c2906566eeb5b60b208778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14799
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 273B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLObmtcQWrV8vQbTuvBrgBKMJfLQc-Xw3Xv3OnO_TGSep9KpPiu2e7CKyIZMWpc23OoRCJhpQyvd_UOdreCyTUC4BCr6C0rzg9N2oEqhsZhF8is9I
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 273B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:51:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 273B 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:52:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 273B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:08 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 82B8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:52:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4CD3 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHZ6he_nnQF-P6A4M4C8k8wKzMuprsDtQ_5p6V25VGPuieUMq5KIoNpnIOyfE26MKXIPGUYCPnGzFfpq83B6LqJarhMP2auCQmowVV3LyFnkN9Yjm1-ywvfeQn0KDIjFZwB6CeTOFD9P0I5atR0trfEeoFdA&cry=1&dbm_d=AKAmf-AM6tMrK_SWcYhQlQfvI4He4hEcyq11lVv0cGbiIXwzE9pxWgYuf9Djugrvv_UJRCp8xRju1YD0Z-b14MWqtpmx07PQl3lR8f9JPEtEBsYPSfGR3UUWiQcZMJqq4_mdkhZ7vRTVLyc0nq0iPmF75rKeL318mC0yL6JJ6gj1DKapNXn_LKwuCoW4dfHVfu-tGu-_yHA8AHEVH3H5uoZrQ1Jyq2G8JxiiXYkjdC49ONnYVyo2ZpcUPKWbSflBy1XGM68pagZs6SspVn0cF_5Ik2SpulblINWrQ9B1GoNGfyTIx8-dFRs1p58P0p_8mrzz_-JhF2Gglaj4zVdzBTTPHefeYUBN_E6nbVP5al7ESWFaPL6PGyYF5nF23NdElxKOvJjyEbnFcmaplsrKDu6oF3PhiAvsLimIulQtcP8LjN76GpQN0uvLzlWn4z5ajdeFgQPVry5pX9uQqy75zAKRVc0UXsRBFzSXQQUFc9FbNxbymPy3dxbRxsbWmuoCfPb9riQnvsaBRVVup9xdKEbJARFjXEGylJ-xIE1WtMhG_fHL0lisae3OJZTvm5j-GkbFNVg6vDf1o33E4h0LEykuTwCo0mU3dqKe03KCV_4_b_y03dkNNvlnHUrruuFOMPRrzd1llPoCJ6MDvegPaWAqFKyKNeuNlMP2T1KCgMZ6e-4LpCzLHRx2KayWfRtOMf4nBDxIUcbTCBt8mGITB7vf6Z4E9rxJvuAfYx0sVpYkXF7i_4CyIavw0RMjGRI8sWUmeA3qgGuBhneoFu5YAQsUeJ6N2sHXT0gWxQeoUR0hhEj_4oGTF_lVt4oNJ3wan116krso_FWYNj3lYgOIlu-Q0jNB5Ug60K4yXXnqrHSq3NaeSmsA9Iu9_v-8OFoow17gKkNk2Zan9Ux5moubyb0bBH3_A7nqi3kfj-S1n5DvECjMONgg3ZYNzD_42cfLboueIA_EFuT8evm3JI-ZZn7SX-74_RWZ-y6QRHZuIK2JF_Qzyk1lv1VYPLuaz8rIqH6xqShFjW0qIOEF0ZYmC2csUdyR4NnhUjdV-fz3QiKVYCVgERmIbsvLu29JbQK1Gl-mqYmGZNbRS_C5dxQAvQ__2K-TL9RaWX32lr9nBjgFonkkio5zXTYW2l-EVXbK3RUQVqXvUi6jMEV1Y_0577qp1mzin7BGkTX-v7aRVIpVcEx9At7V_oh1l84b_OIvIenhNmns17GgMT_zKQsIks7oVMPdMVRiYyQEbyqst6O8BFY2VA4IRtOZ3brukllox3O-Ao61iSlRx6I7jIGpbS6POJ5XXfVB_jzjoKKubvEgJVZfG5-dBsnXgXhlYuQwuv3rvFns8OLL31RD6j32xeTK_o8Wel9zaTM4GZT6rUGACmwoVl3OuXKksObrRLMlfqI9pwi03Ea0gsGr7OC16MheXb3wM6tEBHL0ZnxVz9jQiD1WK8pOxcCU3DmZVCbQxHt6Y7byNID9fA-qyP_gNnwPPvtW6x5OSGaakzm4sCLGeHbxnz9wesiZ82cY-Rd3clGokq6g4ToTg76fEiTzD8Knv23gH-GNC0F4W3tkVr6uOz6GhMUZS5yEyVnNlIrHHFWjDA_PFFOFxLvMxkHMHdChHtWUirzBfDfEIfVwiuVfsu1i6F__lHmxaN0OtWFURQQqer_21_b1PxbV7JFvVPkk0xKddE4PpzOowrdZ-XXCPffXrhIgMZbnKo6zeXpdaZS22JJMIPDCfAejc2LliARwhcBLPyV8gm07AU9Ngevvu4rQmA1BgO97pPVm9AEfXBaoGQdxE7_BUOWXScMnIdEF2NWMvPJfMdjkMFRtxp0AyB5oi37wzvICERAqygbDHNWQPCHKSYrm6IgLuizLNvTOSZ8zk15IpMRAlcmXNenriMBaoHDAitFDzrvg_ZcSi3mPZ-OzZYD9qS4LGKRlhzu6SZeQzzaggr5EDGMhkpOnCIQAK87LlKy_puufLbMMMAk30cHqIHd5hNBIB6A60OlZyR8k4f-Ipf5v3kQykwgteYtRDE4Z30DCLZBq2WkM78jkkGX58IW5Wu7_u2eDMROOrsgFQMXJrLDQ1kEJZWX1usnoqtZxxcepfWH_69y98uPlbNySkommx_oqSSRsmnCnzzm61dTRKAih29P-KC4ZlH1pGJITpil50DYIWmJwmnOGM7dlwoBfzKDmzxf_L5Jq2dgklkgdTTheVV7iF5Wv49M7YpaGJDtTH-6jOXZ6I9V9pfNjy_o3aI8QRO0dv-SjYNx7IEvRYKMxeSY16UFZBeUxAtff4ZdQbIDVdpduej8j0FGjqJvQlkP7XQZuTI-azvf2mM47NUzq66JMM2SsWnqZwtQH5ICZljZbcsLRcIhw7uzZjCmZY21pmlSdEA2Y62dgPQcqasPTS4rsW_9_JBx_tsKpm9sVm14bj76d0mlWjVnBCk6P9buqpPW_J-JNF1kjnaniBbBUdo5rLCdZRrngttDYtCPKOaAZxseLwK2H1C26UswefsN6t7LpQ_l5jplxZyDfrXVsS2fZfIggAYY0_szHyS8JNDlqOxh-bX_uyL68LY2Nc1fd-ysCuCMrbaFo2elKuBfwEef72of0El2KRCIrmiDrIsDKIjoAZ7R4wyOfijjoZEh_TSLGkeWFcYHWWlrWQMljaBW-G-wo3lu4iQSRf8lj7xlhL9hxureDDeBS65VTLk6Bz2Lli0Oyyvbep2HOULYizk8zhtesfEMZKUfcA1rgD54qoJF78GU4rmfmrAWjAbisd5bcF6irU8K3BoY5V6jKxJZLhRCJxT2neuYXN5kYxw5IFtZOQdRVWyPBsOvPRgz8IQ-7dSrreGoq5MukPnjzypObcOiSkIHDZvqpEleCXtKb5lF03IIr8ZDKcpSi8wwFsMH9gVUC31WvTSigDgbT9Kgt8P5GTwa8QMF9jRxFixwYy1OrvWPNpYrgatA44bNaPa4zSE4NCOyzO1M9kVowO64IDnTJI3_zY7QW6JcestaIVDxwSgzoJnXbtENyXhpIW8DZgU5zvAC5Faxq176WUfepHlKPVw69yEMmGErW9Z-3hb772uk4VyEkcrI58xXPMzZ4T3-mVJZYUkNx1ahh1-UNnMB1l2i5aqIbQn_w2cdhLcVzquCo3VMDV2t8tNHmdnzd_eoYoNP_UJ3xh2wnHp1wsJHn7LCFqxGPzggnR_2E9GrB43EMm-r8mXpMERX-hkO02oAY53jacU7mAnwn-WG0xEHtNi4S0pk6r3IlMfafLi62-iy_1iTv7HaqCUOST00VAwQtOQglBYynbMN2FfxNyfi5LKdnqqNHyWARWesJAfXbNDBFTN_olpMH6LLaWDPx45TRysZTldkhKi56wrVayoEzf7u4wPP-Q0FOJoRojqXewRJDt9Inko3Q&cid=CAASEuRondYhR15W1lRrpKxOaOZlDQ&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f12632b3e13792198585ae1eb64243e3f57be50f997c752dfd8ab6bb65f0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14727
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CD3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzpV0DXyxmdE-ceB5_VfEAhkxdJGRIG9irwJzkKMfmiDZoDSsiX6VROoDbL3XF14h7WhcFbB5XNRHzGJ2wFTRc0Ewj7-k3EMHdkbAg-k2SM0n1u2M
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4CD3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:51:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4CD3 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:52:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4CD3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:08 GMT
l
www.google.com/ads/measurement/ Frame 4CD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQf_l0FOzA2W-NEUe9YC-1aH_tFNF_WJnnfYlIugl28HY3zHfT80Waf2sAWMnJtvdF3fdUITNhWZLbrWnKOyN7vZhgu4g
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1EC7 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:52:11 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5F0E 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag-_r_UtXVSgxQopLskmlT6mXiB99MyCYS_ruGcebOnazOksj7emDCx67Wj_m9nlX6eBYIs4q-Q0Ww4QuOp94cbkEXWS8j6b6C7Ar8AA8q3xlgZBQT_eZXqo3jpI23ZpaJJBnGLGRMpdyuR6qTFPHaqMjWFA&cry=1&dbm_d=AKAmf-BH3Tx7fzrVuQCZcqTJw1Cp9MhED63V0umZH9NgQRNlveyBp_6nE1sGEe6Ss1t214nUpCbcUcmRBGB-zWOSPRKXtBGz1QvTH2RF8Lh6oS9o4YxKvw4UXunJNDAotIi4xFRV0W2oQkcwhF_MqLeJtEDa1iuoQEKJQKNrSGJxd-y3iUoXdeJjvjLcdjP_hm7WJGfdItXbQ_TvekjY6F-KW8OMH1jdHpHEZYEOZJDfUM6Y7_KhYs75PNTNbMabgvC-hgutBSjCBTCvUkqwJ25fcfpHjRtHae0pjcsa3ZEs0Nuyfc0kRIbQQJVYA3cxRURfvMnvTNnCeayRfFSkcXqvRdMz3BFDkJjPZu6gGCc8-6nikqarXi3zgI9VgLJJF9pHAizTr1gYhyLYFjd_hyFtwP8BMOotjxy8IQ4207vSw3TgkMgXlcp1L6eoOS-ntXoSz00Jalwrm5RnAA_qMbPaj4ljDBG_ww9TlpItteH1M-vaPiDrRGXs-zUqmZqA0BRhHqoElqKTePYUZnDRX05TSxLZDjW4HyDTt8nRORpPrKfcd2jpKQfJfTuWh7_esoPNSoV_qpoKc_G7-4_kWyTqxEpbxsVXvrapSzPbjvbRA_7kTt6aTZAgMD6bo7jMytOx5TxYWoyHNs6JkskqVR1Z_30m6lEPAHuFTPYYd3iaeOO3JX6G9xlUvb5QPLkmCD8ReD6bPy3DcKWmjk1ctKPo0cIsnhxp6Qfxv8d05l2Mzj8jDeq5_UC6IDheDYFQKIu2L0MmecJAPTJW0_lvKlOeAFkZbsQuP3TukffYAQ3ClPnnPFbQDXCVT0LJv-JuKjQdVQnYccRwHutG0ma5oxLk2IFqERVS-411RW5ORxXCZmTTpeylsnUHGYIktGZOvJg53Gc2Us-nBwcx4lHGjUmI6SdQDfySWoQDy-Z0yzI5bjXd7_P-7ViVFOBzFi8nXmHfeuNXXFvzq_CL3mMjiBARfU41aSn1H-YH_vRcD4ciZ4DfR8oXr1tMaT5jQuEXPDpAVDDWn75iwCJAQpy6bx9gGDemMag265FPCiA1EQBTDcDRixwM79W0EALtpfplP44TjRP0SoYpX5nesFz-xtNzYTkNnSQH835ZiPkETbzCv8775pnjCXqOQydxwU6afLenvvBGXY5f_JiYoLaUK4CHG2pnhDBUBvOz7YFOzDpwv0Yz3T-ihPUxXQkTnabOpx--uIBzzIBa2o67-BHrw1-zhmW2m_xCVBsTKj3AWHaH8SRihte6OSB7WlSkzhH0pCbcZUzitP8WnW-RyWOCzRod5pZ_o3d4dE_RLsmmWAtBbVwZhKYTcddvwTfAp4uG7ZGLnO5Gx7lRrrRY3_YJLGPoerysLZbusJnWQDgwdYdZb_Jm3RHG3kt2R4qwH3O2wPi8ZXXBMrDW_JoQ_dAQk51drwAOiPThn1R7jrngFQqaf_JwuzpKCq9K3_0RPv6eCh_NV-BOj5vcBt1B7gIDi1lyCAFCX4BJ9m83plXChY6sNjl6IfBUIM6lsQMv86A5vc0jVfJ27EpHliQOX1lzxV_7YzVsgdZ4T8yc5ZlC-KL5ZjPSoIcsvbNgAGY8AhOb7vnP01QVbW05Vz0X7uAAS9QWJF1rbnIjFlvFmF2_DF0RidwTmjlf03LyXmAO05wLexeU9j4RIHN4PAFq21lpawn-NPRSeZC5FECx6EQzvb06AHOg5Db_EsPq2cycK0Yip9gqlrLCCteeb9rN6FQ2_EgPZ0_TFfEzSUNtBHvEKbk4acSdpGY4YpSu9WKI-0gCqh73oxwNuk9s_sUjpoU0vHHec4hom0Iez8jOlQ7a89CddqNKac3_A667kHOZnM9wdvCxHAxZTg8EhREFPev7bvcoYM0uKEVc0bfTQm1-wC-9q3MA_ONCMcjbj1XFozObqfkbqRtZ5ovzZv3vswhDliFMC_tMNkyLNhick9bMjIsUoxnjo3--pMzWAIB-0Rvl-3Mrts8UKSiK-c7qc7l0oKL2-r75e2kzS-ythTpy2-4FXHCq0R4-nLKMuFv8NkNi6uGfpLJZ190_pqIF_CZRDhpx4RIOoI5-UDOISn9T4CO0FviYCheD8NCRn6KWb1ZKedhPChmnSby4hYsv90auY__zgXygkjCa4lzZRGin0LRa0deYxUMr_BgAxgGaPWW0UAi6-0ihErdyOW5HQ97kbFTcNaHdQBwI1YUJmW73_Ft2JRWdHO-YtwYXP0IgJKW5SsSX_pqlZSU8HYAD9byTIQrlKbQ9Y1f3jKBahMlOwC1inVV4B9HuzCyEZcMiN7WsyUnnvpbFWKys5TQNXrWf38Xkj9VSU3LMEwGZkhwrbLhiqzZ0YD5-6-lOcy9uC0O5KSCd116ZmjpB6Tg5OmpP3boafPBUNoCTq9hP6uXRyCg740HWLajNv4HSJ2Nyk29dYcfsz210RbfOiwf6qzv5mvAYv2PZfZpqnh6tLxoRDOAT0D5iwzlh03IPCOcnZ0Aq-gGzoPjsyj1d0B8jJfzcLymhvezAqdvWHXQBrZdlXWDqH_sh-Wh6MLpYtkhO0jTwypT_n4uwiTtbz_4t8YNYQHEFLPjhQmx0r9pyejO-fNLOXYBcEYzITUFChLNDRwQNEzRWqfZFTEUetldbuFs-2kZV0C72QFWkt63S_6yt5onCtxpVShA_tWCKJLvqd2bN-eLx0fO7frhezX4ArFvJtIM8E3oyzWPuYJ1DnIWV7DDkkFSO09M_jB1y59RSysUPBgGBuM5tz77ZpL6fzQwSnJdB5G9DFlSFefxuJffewEbwm6J-kGzF4Edcgep-FUGFZf4Gi57gnHFY5mO1ThI-K35N3OoXinHU2JrrcFZ2PzMNbY5pJRXr1qffj75aLNk82kF_7RpEf68EMf0pYSwxwgYb24aKKoXYYgtyFB1JXlBA6FnICaZ6XsYIqVhDHWoOfIxsCWpNNOB8Y2rodTRosIkE1mP5aIPl2Ip37G0ML39aorcvuNr2O9qmnW3lE3EajwBOe5FB0nxWrOrQFugomP4OBGKNZYobtkIMabN75D4DgwdGLNSZkWq98KKWoevxmJfT5D8-cxImK0B3cieItaWQgEMD_pUWR_VMEbzY47DNysc311jCFBE4ncMbTHGk8pFHx26E0zO80HZgHm4NHSXCvK2Wm6dD0Atm_qtr9-wQZqo2YDWvW4_ON3LHPSC7T-n1cjOKaE0YnT84eIjlYcATFylCjcB-7ySurupjQGimkBbvaH13l2FKgtVpsQHwHfdhfMZwdnIyWhYPGdWQARtuxSl5B24wB_jZGgNoyIIgtxtktP34P1YE2B8j641WFLS3g7xV4F0j5sq20yN-XYMTX4kOqcQireZquDWro9Vc6vgfscmvSpSUso87JEKm3FQT6rRU_Y_R2aCEfk_tMVVABoKtEbQdEg&cid=CAASEuRoZh8Cr9rhA1eVdqBoFi0bMg&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43756d67b9b42d6114e390f5fb95a31b75c8434d9036c67737959796d190c84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14693
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F0E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAWoKbs_5cG2nVM3DfNynUpqErjeWdvRkllOTRvz8XGHqLMsv97k4KrRt8vcSe4Waxk4zAX5HclmqJ5nuDYrY8ZX6kEsXVLNzVEShAsXNbR_n-qiQ
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 5F0E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:51:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F0E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:52:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 5F0E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:08 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0F27 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:52:11 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A468 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaP388q4jusCy1g7XXHY-HmymIZ7u7boCZ90GNUVRsrpM5zeZ13MX3JEc5gBmCqumlufSB6tylgdUGjM2wFKn9FEo9hypkTJMaZSWe1azthPVlihzRJ76308Kaw9XOzn2WU63yVF3UasmYhXPMFLGIcHEGA&cry=1&dbm_d=AKAmf-AO8ZI5Gn5DwtqpmAlqgYPFWhJ78ymvf8d8_0Ik89Ow7Et9mA-SA4IEzrv7p8PwlhhXnlX44lyAeYYDPl3SgqnS0tOZfh4J_9OCt1xEZBC1bukcjj3ocMNBGLs9hFLVOu1eRhShV5mGatoDQDvM1_4zk6ul_7Mgdq7aA2mw0Cm3Tksf7EHg9v9cL4pVODFzOgqz8r1vwoDpCgzMBsDaMPU7A3EGVhNS4z7xPUSxiwCzQyFjBMGNQotWADRUVMj5h2ebH-h3nvKddf9izVm7bUPoW-kkuiEubnjNmCAdSaWKu_iU-BaOtmpOUzX6_hLgdQAE9e2ZrHz7gFfCJa_FmAPswBZ2ffeAadJXmdcYCsRE550nHz16zNi6kKOx5Z8usrT8bN1FUKE-YjE4k3PoFNMU7CvnuEVI9ERz-rhYA0c_6OMTmR-8mA9YSUsHzH31tt2u_boSrpTAZ6m9x33ZhE1M8_j9pxjfn4D0pf_KteCXb6GERYuJwuIowEU7cae9BqzE2ttkoNPzsq4WE--6M2f6hmMaGpMjtcT4T8zLgD6pr1ssk_VNSqXRcw3LHXsW9bqnaNaJ6hEpaM2Kp0FbYZBBqw_qpHbX2yyHvKfk_11cJ3HvW-pLgzecWe7cqJU_LEzZ4hZseH6P63Yz4pITqQMWGvBtB_endSASGf17lRWJW7dt7NcfzNsi8ErrvU26c7Lu-6ymexyTfO4mTrQ4jc8ozltUC4S3XJ-EWFVuDyffu4rkuREr__-KuysjKqlPZMACNfL9-oZsWF-hXHVYkazFdModtfsZLIP2HlJuZ2e2ItW3gq7fGp4Msie2Nys53QERzKetOPDc7lhc0JdC5coUzGbOLsQbWQ6Uq2rXZFlEHegeohxabe32AnW-zc-xt2IUhw5lD-CXLpD1H13sEVi7GZoVS893lxh7CizVQZw52WfijbFisaq3fpke0XUq4Pc8glLPiVlsHHL8kAsQAqaywrRYt10Ju30VrFV4EhAmL5CNEy23dA2bVPl1bSv81MQezJCr6nD0b5luYZyHhFId1ssEOSGOqqfT9btoV6lMQhsG-4weyeZQK63AEFlJ6ZASsH507tk8APKUSI5dsGIG-_4rhs3wq5ei8NR-gGXa3jjMS4a5b1qDrn9uuqDwkzUXT0CJXSWDBsO_jhYm_IMFuI2Q15s6-sI4yISPj6V8x--ovhbejslJlVmh6QG6tBYqyClQbT0uHVuxIKeyU6jt2x8KavsJ3y5M2_yUHWvbISvYyl2fp1brYGTqxtZj506VeODmvJ_rF1zp-umXFUZp89-UDHM3JZfRumicJlb2D-Tn07qx9Fow3QWzEN9Gd6fpFDQznhAkJV4s4YFytMqjDvcwacx32M0Uq6DZlY4ueAR3stUB-iToMDvxsolKQmuFxwH--Gh3NOr09WyDmfQDBL6ueMYbMPORtTIftFb0qIMO2d_xZN9Ae7w3OTmSJ0p84M_lhpvytd0ia5o-fgJ2NYFtWTdfQwvDAav9R_Tpaw0JERj8J5stD2HYOa7CUYJ8uDUD6IhepJauoRnDibDKFB9o2iAS2Jp0_UjuolEV9o6FYIQuDUPnbtrdEAjcFW_KLrkQTFU74O_piU0n7EB4G4JIbGth9AMfkPttwCcAhO3hchZKMA0ZbHjVviX8YsoqxXYbPQpcu5-zVuXTDICDVmHvEdQj9jyAnKrxUXBEbyVGBpV1IcBwKQr6CmHybPPsRmXaB9WxL5DEjAuuGlBRR-SGxbBKup38DqHFvsN7JjOzoVHduiJj3JQvlTeTzf3tTvBRKTJeJ4jYzXzCbFthdpF9hE5HQIT2LHMK_QD8n7btDClwcLHiDy5KJcLaipgnaa6GMCFOdz3o1YAOLcdrhzEqYuq7k1McOpvBQawqJkvYD100xT108qwPjjlB_hUJ3D78tDDBCHA83jAkrH8IWkg-Gj-83se4ccn6mrflfc9xZCAlnn5Wut7fPjIKI8wUIu5H0D_J4B2W-fVigR4MsZIo3e3lPgz-odRy5Q6_J6LxEo8KywTBNtYHdGhHhdqq_JB9feDwQvV9iye8lnuOyfFZnvc5azr8CsPX131_oD01PkstZOkwaRYt73DlOr5pwbhUytacIpaHvqfVbYlyGQqKmBpgk5xo9THPzGD0byn2cjcIa3zJud-JsXqCe5nw4TJsSVCgJrckBL65YJfIHSlDU5nHKpcCbSw_TkikfRrPbmeVyyHEJtn_a_vILVPFKhgGfRtwzz7lAOW7ceLNVGMaxriAkI8nzKjikAr5tPdMCC7ENhk45WVXM63xWt6JTnB0X5TCihE5vT7nafFA8Ll5nGKbjeZoa4G2NYhvm8R0yBXNmv848Yc2VF9xTGn9qUvkcbRZsoCWCZHXatO3Dd4RWaatwpzKOYIeKCCX86bdg3oUih27PbkTQFJC3vm8ScO3Nch5SxpLM1LBvFz1xazm6kdN_9HBrr7rJZLutojnIOjbNGamqy06oUmapqhtHVgETkAH39YM9_6qtxeAUn-JtDHaNiIYB5CB5hkTtDq673RpsCWXhUzg5FKDEz_GcjPSJYVHqef940RV9DnW6SvVmzs6fFKARyaDzC_1yohv49biOd1GhfGd1SkOZrtdlbI_OF_spB5cVi8Z0-DDVtAstozEf_zlJ53GisBae8Hp1xgfRzCB49aNxwbR3Mi8xmJBdlaX0p_G3BDwdiOOPHJIet9x-yVonLrNffy-PM8tbNCiLUQ_r6_Tf4cR6R0il8-mbwg046sFWIO2Ezsavtcd9WqxwL572BEBPxZyRKBu2FW4Gf1U3W_cgrui6jdRk1Nu8TAaJsEQSeCElEHO6xUexZao2mexTrsSiNhrlxlT0R8lXQ8WopSbYVTC_7hU_GtRkxawqGwZVvZXCzS2KSZE2hyo_0Tb1DlyGufNEN_srCAmeLSXaNMbVvjhcfMLEJy4N2nthoH-AH4udeIWgUNnMkuGo3XB6V5y-vwDo0gl-QO8oRUPAHmAfrAsf8Xy7c0Y1_yeNyyf8dNqB2h436UHDgz6MzdiDx0ODVi7ngtHyG7DE0RcNRHmkTNG5UvJ9bjsObhx7zGk5Y3UT6i4kDuwFv5I7_O03D6mWwbq-UpymUK997_fwzlw5jhPzMAeezA5gli7FSLlayWkOV9FPIUu6Xsjv_4MstsYxUjYpvj-OE8DxrSKFyJ5m2X4arARgTKsUCsykSL1YBL9hv1ThZis6-I3ILx131_VT--6EaFqddpto_B8wi7IoVC6qb9hFe5tY9vWjwksIUmEctKaB5snZkR5Zofluw5HJbm-h0slrNW49WTTiUDzQQzKWH59-EHCuWMZTbYJC7eGVseahmdb9GMPawV8sPgeGTQGnef5VZHiG3oecI7k8Sc3zfAGlAmEdqSPMa2_a1hP8rKzK3lPFQ&cid=CAASEuRoI-1EuehZs8GkAODLIFpgqA&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7608c1f04a80ace55d05fe973a472002630d36bb699150578e87fb3d47225b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14538
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A468 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADW0Ypk4v0gRSOlsAGXJO4j-5m5HOlZob1WudbHtZCXgsEXN1zRpcENWHc10fM59VamQWQ2Z0JJNo2XURtupL6T8WHsXUWuW7b4QDuFIt5aavuCHo
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A468 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:51:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A468 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:52:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A468 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:08 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame B639 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
rum
dsum-sec.casalemedia.com/ Frame 0961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:52:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0961
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL36ln4NIEuI77HGstC.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:52:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
96e69b6c-2e1c-4a62-881a-b331722fb2e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0961
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNU14tRVp6ctz_JiDoLCITirSKoWtnRSXmODOp_f7RbS6_EVAAUFlFgdyUPFXn6y6dVYYDXAVShy8hLHvGy_mqzhiXa7dx0QyMP3e24NW25MS3QZhP5UEZ-kDH890DRnLvOhwLD0kYcnstSB19FC-V6eMYu9F5yGOdK541NpnQBvTGIOYE8
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6e9647ca-81d2-4ca1-9f92-7f907d8063bd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:52:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL36ln4NIEuI77HGstC.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:52:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEU8kGq258uxRfcHokPIFh0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 82B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8be459c1-c365-4e70-9d16-04d730f54812
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECgi3X_F-6j5LDrSAx-iSHo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 82B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXPVw2SxaUWMty9l-0CU-AIzlBRf-5qn6bL2eUVsrarBXmYjUHllq8CYWj_xxVY9L8ZNYQ-KxKxkp7kyVLfJVxWDgZeAB6peAGaEzjwtVMxCRrqntEHrtLz4zOBmJ65uJipeq4NCPOx_NXb_UnhLvG9_jGhZDSVVPYDeqXHSKlAUoncQps
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26ab0d82-a1e2-4b76-a042-66caf7836b80
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NjU5NDIxMzI0NDAwNjE1MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1EC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1EC7 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1EC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:11 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1EC7 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUyQVUgQnhiGVdpKHYcvShNX5kTWO1ucLfROvC55KKuO9jFG4Rxi9qP843Y3IPgm-DvRA4ZcVBjXCuzD6JR3Wwx22517DyIdbID-B_0WLgxzBVVJSogwSxINlMctkOVpb8genTpmXTBzb1HFrZjxTWyE1cbKkN0XklriHpvqr2wCshV2Vo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:11 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 0F27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIeIfZPbsemTyUHv1mE7jk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0F27 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 0F27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:11 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFZ9Voc_9FPDq3DXcEm3vsQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0F27 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWppIZsKzhMRuabNCRp6HC9f-QEgbrfhKGD3qZ7afNDi8Gaj4iYIvEedWHgTtB15lxWm4mPUA8nIA6q6kWIhMT_ngS0yI5I_st4Og-0dSsWUh0DYnJSpjHnjjX-MlpcL_FNwwuujWxY-bpHKyM3pGSp_OUeA3j96YTD3v7EXPUyMeXldEI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:52:11 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 273B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cx-zGPP_9zU7pG_loHfkIcdNy7B4hwqqVWKQJZmLUySJ24pIKvxfZR4RYjk-O8DTNOUqwUAtZ0Fl1dqQt6ru-AzTyX89VlJ7AUTFRWELC4p4jvWUObDy8HyJfGOD7kHRFMosS8zZojO-H5Rh0Nk61YrZx9MQ&cry=1&dbm_d=AKAmf-DoPhsqQXUpHn2L9WIRcv95iXPYb0xzRBmmUQHZCf3xlXH4YWZ42ezNuOib9V5PbgQC732fXifoZ2ZI9b2ZX4PN_xkv_G_R5NUCuV-7IXIPMaSr6MQBsdBdZts1lczQILeGngReOoBW3_cyYR2lh2xyngiDnwUfsNKmyBOFMUs5Fmi8iBZQwrmNn-KfoRLrVocgEXqIzV9N75drDCppm63fId8B9k_HiPveBZBicfiZVUCOtePwNUFfIpRIE8wv87cMfmA3nogpIeTu8z34s_wZYiIkGqcVrw8ZAlpKjE89nb3042DUBMZ-E0OunRgncdmz5aV8r-rU-h-N4OQAVrgG1eKdnww1jKaYm2otFkPa-rybHeESeMhl8iW8yG5sRt1jOJ7uiFJDdbMrAO4SU6isKFa1RDTKKMvweigMr3yTbIlTFQ6WgGwLqNG8-NytOZVd_3B8pfY77eQE7yp0cuRdnUMiLbtAS3HPABYIQBXKZSrarZD86u5ooWAzfw-JW8D9Wunwf0oGI9QXlfK4k4JG05Ot0V_AaIUo7vkxW9T9GNh3QdfxO09wk55Rrb-QvXrrhqE1G3avhGWRbVAmJkALLEyPQwo1lUjAEBezBdiy6YY-BfOkPPrMfEFziLb463CiJDAMn5UyIPnMS391OIBrcxoKeEAw0fo5stv95xzFWnFe43C5vl-YrE1d3vMGytEsB-K72tjvuHL8DCQ0QmZm30lIFKDbXuHe6Wb5PlM4vxUfXHQqM_Iq4HYhg6hs-zbqJzDsQysuRBz_4vcY2LxHMkvteE8uetAEDesr1pRmLiAbZu8It2W_1XwVbRd-AD_KKW4xQHAreJv95AJlIZahDqIkQJCind0k4WjSjE0d7ZWVid2UvtDpfAnHStPiV1e8Qz9PM4WJcgDTti-jTQYBlt-DL-6J9RbGKeyQrx_HRf0CvU8L2ZFubh43p0aWtrcmU7vmnDJxvOD2Zxge66S9EmXaAQqxOwbSKoRDLPh97v3iVYMRxm_WSFH-mm4llnJ9lVWVX7i9zR0gjlmy9syB65Hr2pMzMbaD1ym8-OX_5HvwU_HZgqYyDW5nj4BIaWlpYu9Hr0JF2Q1Qdi6ExJCCqK3_XBvXBFMwsw5ksXjBknwo0IDSS2qDqOPm2VTF9qITxQDIsWQjc89JZALY9tFYga0DNOAhorvTP_Sa7e4-5-0xx01SzgEuVsWMq2soJPKx9hPRTaNd0MDyGVVdLwzDUc7He5K_JnPu8Xg_SN3FNdL2c0HrftxylZgZNKiK75Rt_FfImUYBsYgKx4GXHLB8XFBeyBUwTR1JHFKGuOgD3WEqIfPSWqo23pKKa7aPa32jwwzwsZyduvDo4VYb5ZDY46QOSknPX5MAnzVdD4SPipA5BQhUqAohOJhNogEF1SMNbU3YiNLs8MTZXn9hmXZUtVlpncUv3WwG-0ZyuRZg9K18-MihDO3f2DqtbT_ZfA-5kvan9F0tG8LFVmvjDRkRD_Gy4yzB3yuWSaAJo6Zbu4QlldhSvZcL4UjsyToe84wHhL4m8rH-aRzW2OWV17mdSfXZxtZdXK79ksKhQn_baYvj0sacBGaH2iZwJaQ-JKCQwh-sCo7OaeJJ8ev3lJmiyMgEHSRG-m1w2R3ndhd8OknKvXjv9Cmx-1kLck5Xvord-gNOUeePW0urXJWZ6NAKkRS1-_oVdcLUb9B0OVGPwZNF1sMxbuFZZH2Vwut5NkuixpCN16bcq4HvLNQ1bJJrar9k-AKSfeaQ3mM1D--lR_emQpQt7ls31ggd-YkT7sObjB7d5llK8RPrfj2QtbxV6NSw3BQAQFfFp6ndswW7IzAQwWQZGP5CNNL1ZzzaLb-h3h5Jv6KG4yG6DRp1psO6g9C1jc73c8ZY6ZVMGasPU7QSq8sUo5QgXZDQOMad3i6GCcievJ3Ci5pkMGbphEVP9wdbEgcSSXwx1ZsS3CaZThmg_DxcRsSrsZPEX4qocU2YIy_aKUShYyUA28DdfKL58vElNqf3moSHXSugzrYq2O9PPPL2HHKCcguGWpdeKcipjuLhkmgylFGIzR__k_W9vU2Cu1u2U4qui3MMCuzsdzINehFBHi9KwL2BDqP3WQjoSG_zIuZWvk6l6nz9UosqXvy2tyMLi0Zx6YodqayPuQ7v1CFPreshvyTkyuZnaWHJwBGOKMxhAYqP06gmMUiFpwXjfNhZAnw-Kt7Ti12n-XK6fMAoXKp5xE_ThX9aBvFku5MRBkP59QH511Co-pWiDVB8UguzCfjlajCNAbHAqEXLUwQhgS-iDGzad6o92LTGQDnXHHYTIXZwAfd4hexTutJrgRRTLAO-WXKc92Uai3HIe6YCVOQDqYJEAgQ95Kv5REk5BfIYFyntoDrWVgRBKUlMQy71V1TkC01MWMZ-rC28FFPv52Mc0qRhWyv5Kx6xhZu2I5IbN1Tf0ChfhKQLv6jTgXqx33TUpSM5u9p41OFjY4XhC8dk1KKlm-u2e_z7KIPSMpopQyj3gp_XGxiA-xu9WhkHJLvr7YbmFkxqV2uAbQzkUF0gAam7FkrreCvjjNUphNmS81214jP0GCVzqhWIbuGF_ickHotL2oT8F0jvSayx2IMrevsTGw24im3lt0fYxSO-SRB75vyQRLdCgrnfiDNPS__gOF_cWBxzAnrAMitQSPbmqkoejRjuhNlxftRKhIapHKM5AIdrRN_lrRavtT1PVeozRlBEZMwjnN6qnkU8OYm2-B_MD5R0pRz_HR6DUWe4GCoSq_EZBnJOY-lFpdJ4ObhnNYj0noC7a8pcwETMGa_L8SJzuIIZy2f5U8xTtYdGQTjDrUGQej4ii1o_-uS1EDp1V82kInxLBRtMNYU1qdlvtrV_zaO60L-8AgSw5qKhsQ4geEmBJ6GvjB4IBp7xx-7l_Vv_PuzxJWv3BCZtpmbC1eMVEU00sXQJGlWsW9bTOrj04Kj6G2DO0_SzAr7h7a7ratTFS7yUkheYBuvDQGPARneAHewNB7eRxo2yp3Z639hBp6df45q5A2p7JJEGTqqBW50NOaq7-E4tyddxtIMTr2R2FXQ6Y9S1ddsSmVIzZH5rrioVpxiyIYCYao_t72VqS-3uEBwiu331XbiKqZ1kuNeS_goUXsjqXMR9nWLXB5ZfXNhy6umQW-c8MeSfygQ6PsaJgZmsoQPV6ubzh8SbzmFE13rOxRbuxZpyY8iXhYVNDOyN4IQvrw4AKzvqybzPHaWtsjb0zIrYoKSF58NLeJ7eaezO9yu6Fsls10HzNxKupTbKuqemj7WvlEtCyL9RsIrxrdLJDnnKZ3g4lU9VPvTDB28ziKatp3UntoJgABAlnMSEMiZJxLZRvYC4NQTTj81HBMI8kW3AaJ_7zZOIYA0c0wonjTiXBUinZBdiK9L3q0Yh-pptsEMaPg&cid=CAASEuRoDGWj5BBvES9A6VJT1DwhRw&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:48:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 273B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cx-zGPP_9zU7pG_loHfkIcdNy7B4hwqqVWKQJZmLUySJ24pIKvxfZR4RYjk-O8DTNOUqwUAtZ0Fl1dqQt6ru-AzTyX89VlJ7AUTFRWELC4p4jvWUObDy8HyJfGOD7kHRFMosS8zZojO-H5Rh0Nk61YrZx9MQ&cry=1&dbm_d=AKAmf-DoPhsqQXUpHn2L9WIRcv95iXPYb0xzRBmmUQHZCf3xlXH4YWZ42ezNuOib9V5PbgQC732fXifoZ2ZI9b2ZX4PN_xkv_G_R5NUCuV-7IXIPMaSr6MQBsdBdZts1lczQILeGngReOoBW3_cyYR2lh2xyngiDnwUfsNKmyBOFMUs5Fmi8iBZQwrmNn-KfoRLrVocgEXqIzV9N75drDCppm63fId8B9k_HiPveBZBicfiZVUCOtePwNUFfIpRIE8wv87cMfmA3nogpIeTu8z34s_wZYiIkGqcVrw8ZAlpKjE89nb3042DUBMZ-E0OunRgncdmz5aV8r-rU-h-N4OQAVrgG1eKdnww1jKaYm2otFkPa-rybHeESeMhl8iW8yG5sRt1jOJ7uiFJDdbMrAO4SU6isKFa1RDTKKMvweigMr3yTbIlTFQ6WgGwLqNG8-NytOZVd_3B8pfY77eQE7yp0cuRdnUMiLbtAS3HPABYIQBXKZSrarZD86u5ooWAzfw-JW8D9Wunwf0oGI9QXlfK4k4JG05Ot0V_AaIUo7vkxW9T9GNh3QdfxO09wk55Rrb-QvXrrhqE1G3avhGWRbVAmJkALLEyPQwo1lUjAEBezBdiy6YY-BfOkPPrMfEFziLb463CiJDAMn5UyIPnMS391OIBrcxoKeEAw0fo5stv95xzFWnFe43C5vl-YrE1d3vMGytEsB-K72tjvuHL8DCQ0QmZm30lIFKDbXuHe6Wb5PlM4vxUfXHQqM_Iq4HYhg6hs-zbqJzDsQysuRBz_4vcY2LxHMkvteE8uetAEDesr1pRmLiAbZu8It2W_1XwVbRd-AD_KKW4xQHAreJv95AJlIZahDqIkQJCind0k4WjSjE0d7ZWVid2UvtDpfAnHStPiV1e8Qz9PM4WJcgDTti-jTQYBlt-DL-6J9RbGKeyQrx_HRf0CvU8L2ZFubh43p0aWtrcmU7vmnDJxvOD2Zxge66S9EmXaAQqxOwbSKoRDLPh97v3iVYMRxm_WSFH-mm4llnJ9lVWVX7i9zR0gjlmy9syB65Hr2pMzMbaD1ym8-OX_5HvwU_HZgqYyDW5nj4BIaWlpYu9Hr0JF2Q1Qdi6ExJCCqK3_XBvXBFMwsw5ksXjBknwo0IDSS2qDqOPm2VTF9qITxQDIsWQjc89JZALY9tFYga0DNOAhorvTP_Sa7e4-5-0xx01SzgEuVsWMq2soJPKx9hPRTaNd0MDyGVVdLwzDUc7He5K_JnPu8Xg_SN3FNdL2c0HrftxylZgZNKiK75Rt_FfImUYBsYgKx4GXHLB8XFBeyBUwTR1JHFKGuOgD3WEqIfPSWqo23pKKa7aPa32jwwzwsZyduvDo4VYb5ZDY46QOSknPX5MAnzVdD4SPipA5BQhUqAohOJhNogEF1SMNbU3YiNLs8MTZXn9hmXZUtVlpncUv3WwG-0ZyuRZg9K18-MihDO3f2DqtbT_ZfA-5kvan9F0tG8LFVmvjDRkRD_Gy4yzB3yuWSaAJo6Zbu4QlldhSvZcL4UjsyToe84wHhL4m8rH-aRzW2OWV17mdSfXZxtZdXK79ksKhQn_baYvj0sacBGaH2iZwJaQ-JKCQwh-sCo7OaeJJ8ev3lJmiyMgEHSRG-m1w2R3ndhd8OknKvXjv9Cmx-1kLck5Xvord-gNOUeePW0urXJWZ6NAKkRS1-_oVdcLUb9B0OVGPwZNF1sMxbuFZZH2Vwut5NkuixpCN16bcq4HvLNQ1bJJrar9k-AKSfeaQ3mM1D--lR_emQpQt7ls31ggd-YkT7sObjB7d5llK8RPrfj2QtbxV6NSw3BQAQFfFp6ndswW7IzAQwWQZGP5CNNL1ZzzaLb-h3h5Jv6KG4yG6DRp1psO6g9C1jc73c8ZY6ZVMGasPU7QSq8sUo5QgXZDQOMad3i6GCcievJ3Ci5pkMGbphEVP9wdbEgcSSXwx1ZsS3CaZThmg_DxcRsSrsZPEX4qocU2YIy_aKUShYyUA28DdfKL58vElNqf3moSHXSugzrYq2O9PPPL2HHKCcguGWpdeKcipjuLhkmgylFGIzR__k_W9vU2Cu1u2U4qui3MMCuzsdzINehFBHi9KwL2BDqP3WQjoSG_zIuZWvk6l6nz9UosqXvy2tyMLi0Zx6YodqayPuQ7v1CFPreshvyTkyuZnaWHJwBGOKMxhAYqP06gmMUiFpwXjfNhZAnw-Kt7Ti12n-XK6fMAoXKp5xE_ThX9aBvFku5MRBkP59QH511Co-pWiDVB8UguzCfjlajCNAbHAqEXLUwQhgS-iDGzad6o92LTGQDnXHHYTIXZwAfd4hexTutJrgRRTLAO-WXKc92Uai3HIe6YCVOQDqYJEAgQ95Kv5REk5BfIYFyntoDrWVgRBKUlMQy71V1TkC01MWMZ-rC28FFPv52Mc0qRhWyv5Kx6xhZu2I5IbN1Tf0ChfhKQLv6jTgXqx33TUpSM5u9p41OFjY4XhC8dk1KKlm-u2e_z7KIPSMpopQyj3gp_XGxiA-xu9WhkHJLvr7YbmFkxqV2uAbQzkUF0gAam7FkrreCvjjNUphNmS81214jP0GCVzqhWIbuGF_ickHotL2oT8F0jvSayx2IMrevsTGw24im3lt0fYxSO-SRB75vyQRLdCgrnfiDNPS__gOF_cWBxzAnrAMitQSPbmqkoejRjuhNlxftRKhIapHKM5AIdrRN_lrRavtT1PVeozRlBEZMwjnN6qnkU8OYm2-B_MD5R0pRz_HR6DUWe4GCoSq_EZBnJOY-lFpdJ4ObhnNYj0noC7a8pcwETMGa_L8SJzuIIZy2f5U8xTtYdGQTjDrUGQej4ii1o_-uS1EDp1V82kInxLBRtMNYU1qdlvtrV_zaO60L-8AgSw5qKhsQ4geEmBJ6GvjB4IBp7xx-7l_Vv_PuzxJWv3BCZtpmbC1eMVEU00sXQJGlWsW9bTOrj04Kj6G2DO0_SzAr7h7a7ratTFS7yUkheYBuvDQGPARneAHewNB7eRxo2yp3Z639hBp6df45q5A2p7JJEGTqqBW50NOaq7-E4tyddxtIMTr2R2FXQ6Y9S1ddsSmVIzZH5rrioVpxiyIYCYao_t72VqS-3uEBwiu331XbiKqZ1kuNeS_goUXsjqXMR9nWLXB5ZfXNhy6umQW-c8MeSfygQ6PsaJgZmsoQPV6ubzh8SbzmFE13rOxRbuxZpyY8iXhYVNDOyN4IQvrw4AKzvqybzPHaWtsjb0zIrYoKSF58NLeJ7eaezO9yu6Fsls10HzNxKupTbKuqemj7WvlEtCyL9RsIrxrdLJDnnKZ3g4lU9VPvTDB28ziKatp3UntoJgABAlnMSEMiZJxLZRvYC4NQTTj81HBMI8kW3AaJ_7zZOIYA0c0wonjTiXBUinZBdiK9L3q0Yh-pptsEMaPg&cid=CAASEuRoDGWj5BBvES9A6VJT1DwhRw&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4CD3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHZ6he_nnQF-P6A4M4C8k8wKzMuprsDtQ_5p6V25VGPuieUMq5KIoNpnIOyfE26MKXIPGUYCPnGzFfpq83B6LqJarhMP2auCQmowVV3LyFnkN9Yjm1-ywvfeQn0KDIjFZwB6CeTOFD9P0I5atR0trfEeoFdA&cry=1&dbm_d=AKAmf-AM6tMrK_SWcYhQlQfvI4He4hEcyq11lVv0cGbiIXwzE9pxWgYuf9Djugrvv_UJRCp8xRju1YD0Z-b14MWqtpmx07PQl3lR8f9JPEtEBsYPSfGR3UUWiQcZMJqq4_mdkhZ7vRTVLyc0nq0iPmF75rKeL318mC0yL6JJ6gj1DKapNXn_LKwuCoW4dfHVfu-tGu-_yHA8AHEVH3H5uoZrQ1Jyq2G8JxiiXYkjdC49ONnYVyo2ZpcUPKWbSflBy1XGM68pagZs6SspVn0cF_5Ik2SpulblINWrQ9B1GoNGfyTIx8-dFRs1p58P0p_8mrzz_-JhF2Gglaj4zVdzBTTPHefeYUBN_E6nbVP5al7ESWFaPL6PGyYF5nF23NdElxKOvJjyEbnFcmaplsrKDu6oF3PhiAvsLimIulQtcP8LjN76GpQN0uvLzlWn4z5ajdeFgQPVry5pX9uQqy75zAKRVc0UXsRBFzSXQQUFc9FbNxbymPy3dxbRxsbWmuoCfPb9riQnvsaBRVVup9xdKEbJARFjXEGylJ-xIE1WtMhG_fHL0lisae3OJZTvm5j-GkbFNVg6vDf1o33E4h0LEykuTwCo0mU3dqKe03KCV_4_b_y03dkNNvlnHUrruuFOMPRrzd1llPoCJ6MDvegPaWAqFKyKNeuNlMP2T1KCgMZ6e-4LpCzLHRx2KayWfRtOMf4nBDxIUcbTCBt8mGITB7vf6Z4E9rxJvuAfYx0sVpYkXF7i_4CyIavw0RMjGRI8sWUmeA3qgGuBhneoFu5YAQsUeJ6N2sHXT0gWxQeoUR0hhEj_4oGTF_lVt4oNJ3wan116krso_FWYNj3lYgOIlu-Q0jNB5Ug60K4yXXnqrHSq3NaeSmsA9Iu9_v-8OFoow17gKkNk2Zan9Ux5moubyb0bBH3_A7nqi3kfj-S1n5DvECjMONgg3ZYNzD_42cfLboueIA_EFuT8evm3JI-ZZn7SX-74_RWZ-y6QRHZuIK2JF_Qzyk1lv1VYPLuaz8rIqH6xqShFjW0qIOEF0ZYmC2csUdyR4NnhUjdV-fz3QiKVYCVgERmIbsvLu29JbQK1Gl-mqYmGZNbRS_C5dxQAvQ__2K-TL9RaWX32lr9nBjgFonkkio5zXTYW2l-EVXbK3RUQVqXvUi6jMEV1Y_0577qp1mzin7BGkTX-v7aRVIpVcEx9At7V_oh1l84b_OIvIenhNmns17GgMT_zKQsIks7oVMPdMVRiYyQEbyqst6O8BFY2VA4IRtOZ3brukllox3O-Ao61iSlRx6I7jIGpbS6POJ5XXfVB_jzjoKKubvEgJVZfG5-dBsnXgXhlYuQwuv3rvFns8OLL31RD6j32xeTK_o8Wel9zaTM4GZT6rUGACmwoVl3OuXKksObrRLMlfqI9pwi03Ea0gsGr7OC16MheXb3wM6tEBHL0ZnxVz9jQiD1WK8pOxcCU3DmZVCbQxHt6Y7byNID9fA-qyP_gNnwPPvtW6x5OSGaakzm4sCLGeHbxnz9wesiZ82cY-Rd3clGokq6g4ToTg76fEiTzD8Knv23gH-GNC0F4W3tkVr6uOz6GhMUZS5yEyVnNlIrHHFWjDA_PFFOFxLvMxkHMHdChHtWUirzBfDfEIfVwiuVfsu1i6F__lHmxaN0OtWFURQQqer_21_b1PxbV7JFvVPkk0xKddE4PpzOowrdZ-XXCPffXrhIgMZbnKo6zeXpdaZS22JJMIPDCfAejc2LliARwhcBLPyV8gm07AU9Ngevvu4rQmA1BgO97pPVm9AEfXBaoGQdxE7_BUOWXScMnIdEF2NWMvPJfMdjkMFRtxp0AyB5oi37wzvICERAqygbDHNWQPCHKSYrm6IgLuizLNvTOSZ8zk15IpMRAlcmXNenriMBaoHDAitFDzrvg_ZcSi3mPZ-OzZYD9qS4LGKRlhzu6SZeQzzaggr5EDGMhkpOnCIQAK87LlKy_puufLbMMMAk30cHqIHd5hNBIB6A60OlZyR8k4f-Ipf5v3kQykwgteYtRDE4Z30DCLZBq2WkM78jkkGX58IW5Wu7_u2eDMROOrsgFQMXJrLDQ1kEJZWX1usnoqtZxxcepfWH_69y98uPlbNySkommx_oqSSRsmnCnzzm61dTRKAih29P-KC4ZlH1pGJITpil50DYIWmJwmnOGM7dlwoBfzKDmzxf_L5Jq2dgklkgdTTheVV7iF5Wv49M7YpaGJDtTH-6jOXZ6I9V9pfNjy_o3aI8QRO0dv-SjYNx7IEvRYKMxeSY16UFZBeUxAtff4ZdQbIDVdpduej8j0FGjqJvQlkP7XQZuTI-azvf2mM47NUzq66JMM2SsWnqZwtQH5ICZljZbcsLRcIhw7uzZjCmZY21pmlSdEA2Y62dgPQcqasPTS4rsW_9_JBx_tsKpm9sVm14bj76d0mlWjVnBCk6P9buqpPW_J-JNF1kjnaniBbBUdo5rLCdZRrngttDYtCPKOaAZxseLwK2H1C26UswefsN6t7LpQ_l5jplxZyDfrXVsS2fZfIggAYY0_szHyS8JNDlqOxh-bX_uyL68LY2Nc1fd-ysCuCMrbaFo2elKuBfwEef72of0El2KRCIrmiDrIsDKIjoAZ7R4wyOfijjoZEh_TSLGkeWFcYHWWlrWQMljaBW-G-wo3lu4iQSRf8lj7xlhL9hxureDDeBS65VTLk6Bz2Lli0Oyyvbep2HOULYizk8zhtesfEMZKUfcA1rgD54qoJF78GU4rmfmrAWjAbisd5bcF6irU8K3BoY5V6jKxJZLhRCJxT2neuYXN5kYxw5IFtZOQdRVWyPBsOvPRgz8IQ-7dSrreGoq5MukPnjzypObcOiSkIHDZvqpEleCXtKb5lF03IIr8ZDKcpSi8wwFsMH9gVUC31WvTSigDgbT9Kgt8P5GTwa8QMF9jRxFixwYy1OrvWPNpYrgatA44bNaPa4zSE4NCOyzO1M9kVowO64IDnTJI3_zY7QW6JcestaIVDxwSgzoJnXbtENyXhpIW8DZgU5zvAC5Faxq176WUfepHlKPVw69yEMmGErW9Z-3hb772uk4VyEkcrI58xXPMzZ4T3-mVJZYUkNx1ahh1-UNnMB1l2i5aqIbQn_w2cdhLcVzquCo3VMDV2t8tNHmdnzd_eoYoNP_UJ3xh2wnHp1wsJHn7LCFqxGPzggnR_2E9GrB43EMm-r8mXpMERX-hkO02oAY53jacU7mAnwn-WG0xEHtNi4S0pk6r3IlMfafLi62-iy_1iTv7HaqCUOST00VAwQtOQglBYynbMN2FfxNyfi5LKdnqqNHyWARWesJAfXbNDBFTN_olpMH6LLaWDPx45TRysZTldkhKi56wrVayoEzf7u4wPP-Q0FOJoRojqXewRJDt9Inko3Q&cid=CAASEuRondYhR15W1lRrpKxOaOZlDQ&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:48:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4CD3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHZ6he_nnQF-P6A4M4C8k8wKzMuprsDtQ_5p6V25VGPuieUMq5KIoNpnIOyfE26MKXIPGUYCPnGzFfpq83B6LqJarhMP2auCQmowVV3LyFnkN9Yjm1-ywvfeQn0KDIjFZwB6CeTOFD9P0I5atR0trfEeoFdA&cry=1&dbm_d=AKAmf-AM6tMrK_SWcYhQlQfvI4He4hEcyq11lVv0cGbiIXwzE9pxWgYuf9Djugrvv_UJRCp8xRju1YD0Z-b14MWqtpmx07PQl3lR8f9JPEtEBsYPSfGR3UUWiQcZMJqq4_mdkhZ7vRTVLyc0nq0iPmF75rKeL318mC0yL6JJ6gj1DKapNXn_LKwuCoW4dfHVfu-tGu-_yHA8AHEVH3H5uoZrQ1Jyq2G8JxiiXYkjdC49ONnYVyo2ZpcUPKWbSflBy1XGM68pagZs6SspVn0cF_5Ik2SpulblINWrQ9B1GoNGfyTIx8-dFRs1p58P0p_8mrzz_-JhF2Gglaj4zVdzBTTPHefeYUBN_E6nbVP5al7ESWFaPL6PGyYF5nF23NdElxKOvJjyEbnFcmaplsrKDu6oF3PhiAvsLimIulQtcP8LjN76GpQN0uvLzlWn4z5ajdeFgQPVry5pX9uQqy75zAKRVc0UXsRBFzSXQQUFc9FbNxbymPy3dxbRxsbWmuoCfPb9riQnvsaBRVVup9xdKEbJARFjXEGylJ-xIE1WtMhG_fHL0lisae3OJZTvm5j-GkbFNVg6vDf1o33E4h0LEykuTwCo0mU3dqKe03KCV_4_b_y03dkNNvlnHUrruuFOMPRrzd1llPoCJ6MDvegPaWAqFKyKNeuNlMP2T1KCgMZ6e-4LpCzLHRx2KayWfRtOMf4nBDxIUcbTCBt8mGITB7vf6Z4E9rxJvuAfYx0sVpYkXF7i_4CyIavw0RMjGRI8sWUmeA3qgGuBhneoFu5YAQsUeJ6N2sHXT0gWxQeoUR0hhEj_4oGTF_lVt4oNJ3wan116krso_FWYNj3lYgOIlu-Q0jNB5Ug60K4yXXnqrHSq3NaeSmsA9Iu9_v-8OFoow17gKkNk2Zan9Ux5moubyb0bBH3_A7nqi3kfj-S1n5DvECjMONgg3ZYNzD_42cfLboueIA_EFuT8evm3JI-ZZn7SX-74_RWZ-y6QRHZuIK2JF_Qzyk1lv1VYPLuaz8rIqH6xqShFjW0qIOEF0ZYmC2csUdyR4NnhUjdV-fz3QiKVYCVgERmIbsvLu29JbQK1Gl-mqYmGZNbRS_C5dxQAvQ__2K-TL9RaWX32lr9nBjgFonkkio5zXTYW2l-EVXbK3RUQVqXvUi6jMEV1Y_0577qp1mzin7BGkTX-v7aRVIpVcEx9At7V_oh1l84b_OIvIenhNmns17GgMT_zKQsIks7oVMPdMVRiYyQEbyqst6O8BFY2VA4IRtOZ3brukllox3O-Ao61iSlRx6I7jIGpbS6POJ5XXfVB_jzjoKKubvEgJVZfG5-dBsnXgXhlYuQwuv3rvFns8OLL31RD6j32xeTK_o8Wel9zaTM4GZT6rUGACmwoVl3OuXKksObrRLMlfqI9pwi03Ea0gsGr7OC16MheXb3wM6tEBHL0ZnxVz9jQiD1WK8pOxcCU3DmZVCbQxHt6Y7byNID9fA-qyP_gNnwPPvtW6x5OSGaakzm4sCLGeHbxnz9wesiZ82cY-Rd3clGokq6g4ToTg76fEiTzD8Knv23gH-GNC0F4W3tkVr6uOz6GhMUZS5yEyVnNlIrHHFWjDA_PFFOFxLvMxkHMHdChHtWUirzBfDfEIfVwiuVfsu1i6F__lHmxaN0OtWFURQQqer_21_b1PxbV7JFvVPkk0xKddE4PpzOowrdZ-XXCPffXrhIgMZbnKo6zeXpdaZS22JJMIPDCfAejc2LliARwhcBLPyV8gm07AU9Ngevvu4rQmA1BgO97pPVm9AEfXBaoGQdxE7_BUOWXScMnIdEF2NWMvPJfMdjkMFRtxp0AyB5oi37wzvICERAqygbDHNWQPCHKSYrm6IgLuizLNvTOSZ8zk15IpMRAlcmXNenriMBaoHDAitFDzrvg_ZcSi3mPZ-OzZYD9qS4LGKRlhzu6SZeQzzaggr5EDGMhkpOnCIQAK87LlKy_puufLbMMMAk30cHqIHd5hNBIB6A60OlZyR8k4f-Ipf5v3kQykwgteYtRDE4Z30DCLZBq2WkM78jkkGX58IW5Wu7_u2eDMROOrsgFQMXJrLDQ1kEJZWX1usnoqtZxxcepfWH_69y98uPlbNySkommx_oqSSRsmnCnzzm61dTRKAih29P-KC4ZlH1pGJITpil50DYIWmJwmnOGM7dlwoBfzKDmzxf_L5Jq2dgklkgdTTheVV7iF5Wv49M7YpaGJDtTH-6jOXZ6I9V9pfNjy_o3aI8QRO0dv-SjYNx7IEvRYKMxeSY16UFZBeUxAtff4ZdQbIDVdpduej8j0FGjqJvQlkP7XQZuTI-azvf2mM47NUzq66JMM2SsWnqZwtQH5ICZljZbcsLRcIhw7uzZjCmZY21pmlSdEA2Y62dgPQcqasPTS4rsW_9_JBx_tsKpm9sVm14bj76d0mlWjVnBCk6P9buqpPW_J-JNF1kjnaniBbBUdo5rLCdZRrngttDYtCPKOaAZxseLwK2H1C26UswefsN6t7LpQ_l5jplxZyDfrXVsS2fZfIggAYY0_szHyS8JNDlqOxh-bX_uyL68LY2Nc1fd-ysCuCMrbaFo2elKuBfwEef72of0El2KRCIrmiDrIsDKIjoAZ7R4wyOfijjoZEh_TSLGkeWFcYHWWlrWQMljaBW-G-wo3lu4iQSRf8lj7xlhL9hxureDDeBS65VTLk6Bz2Lli0Oyyvbep2HOULYizk8zhtesfEMZKUfcA1rgD54qoJF78GU4rmfmrAWjAbisd5bcF6irU8K3BoY5V6jKxJZLhRCJxT2neuYXN5kYxw5IFtZOQdRVWyPBsOvPRgz8IQ-7dSrreGoq5MukPnjzypObcOiSkIHDZvqpEleCXtKb5lF03IIr8ZDKcpSi8wwFsMH9gVUC31WvTSigDgbT9Kgt8P5GTwa8QMF9jRxFixwYy1OrvWPNpYrgatA44bNaPa4zSE4NCOyzO1M9kVowO64IDnTJI3_zY7QW6JcestaIVDxwSgzoJnXbtENyXhpIW8DZgU5zvAC5Faxq176WUfepHlKPVw69yEMmGErW9Z-3hb772uk4VyEkcrI58xXPMzZ4T3-mVJZYUkNx1ahh1-UNnMB1l2i5aqIbQn_w2cdhLcVzquCo3VMDV2t8tNHmdnzd_eoYoNP_UJ3xh2wnHp1wsJHn7LCFqxGPzggnR_2E9GrB43EMm-r8mXpMERX-hkO02oAY53jacU7mAnwn-WG0xEHtNi4S0pk6r3IlMfafLi62-iy_1iTv7HaqCUOST00VAwQtOQglBYynbMN2FfxNyfi5LKdnqqNHyWARWesJAfXbNDBFTN_olpMH6LLaWDPx45TRysZTldkhKi56wrVayoEzf7u4wPP-Q0FOJoRojqXewRJDt9Inko3Q&cid=CAASEuRondYhR15W1lRrpKxOaOZlDQ&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A468 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaP388q4jusCy1g7XXHY-HmymIZ7u7boCZ90GNUVRsrpM5zeZ13MX3JEc5gBmCqumlufSB6tylgdUGjM2wFKn9FEo9hypkTJMaZSWe1azthPVlihzRJ76308Kaw9XOzn2WU63yVF3UasmYhXPMFLGIcHEGA&cry=1&dbm_d=AKAmf-AO8ZI5Gn5DwtqpmAlqgYPFWhJ78ymvf8d8_0Ik89Ow7Et9mA-SA4IEzrv7p8PwlhhXnlX44lyAeYYDPl3SgqnS0tOZfh4J_9OCt1xEZBC1bukcjj3ocMNBGLs9hFLVOu1eRhShV5mGatoDQDvM1_4zk6ul_7Mgdq7aA2mw0Cm3Tksf7EHg9v9cL4pVODFzOgqz8r1vwoDpCgzMBsDaMPU7A3EGVhNS4z7xPUSxiwCzQyFjBMGNQotWADRUVMj5h2ebH-h3nvKddf9izVm7bUPoW-kkuiEubnjNmCAdSaWKu_iU-BaOtmpOUzX6_hLgdQAE9e2ZrHz7gFfCJa_FmAPswBZ2ffeAadJXmdcYCsRE550nHz16zNi6kKOx5Z8usrT8bN1FUKE-YjE4k3PoFNMU7CvnuEVI9ERz-rhYA0c_6OMTmR-8mA9YSUsHzH31tt2u_boSrpTAZ6m9x33ZhE1M8_j9pxjfn4D0pf_KteCXb6GERYuJwuIowEU7cae9BqzE2ttkoNPzsq4WE--6M2f6hmMaGpMjtcT4T8zLgD6pr1ssk_VNSqXRcw3LHXsW9bqnaNaJ6hEpaM2Kp0FbYZBBqw_qpHbX2yyHvKfk_11cJ3HvW-pLgzecWe7cqJU_LEzZ4hZseH6P63Yz4pITqQMWGvBtB_endSASGf17lRWJW7dt7NcfzNsi8ErrvU26c7Lu-6ymexyTfO4mTrQ4jc8ozltUC4S3XJ-EWFVuDyffu4rkuREr__-KuysjKqlPZMACNfL9-oZsWF-hXHVYkazFdModtfsZLIP2HlJuZ2e2ItW3gq7fGp4Msie2Nys53QERzKetOPDc7lhc0JdC5coUzGbOLsQbWQ6Uq2rXZFlEHegeohxabe32AnW-zc-xt2IUhw5lD-CXLpD1H13sEVi7GZoVS893lxh7CizVQZw52WfijbFisaq3fpke0XUq4Pc8glLPiVlsHHL8kAsQAqaywrRYt10Ju30VrFV4EhAmL5CNEy23dA2bVPl1bSv81MQezJCr6nD0b5luYZyHhFId1ssEOSGOqqfT9btoV6lMQhsG-4weyeZQK63AEFlJ6ZASsH507tk8APKUSI5dsGIG-_4rhs3wq5ei8NR-gGXa3jjMS4a5b1qDrn9uuqDwkzUXT0CJXSWDBsO_jhYm_IMFuI2Q15s6-sI4yISPj6V8x--ovhbejslJlVmh6QG6tBYqyClQbT0uHVuxIKeyU6jt2x8KavsJ3y5M2_yUHWvbISvYyl2fp1brYGTqxtZj506VeODmvJ_rF1zp-umXFUZp89-UDHM3JZfRumicJlb2D-Tn07qx9Fow3QWzEN9Gd6fpFDQznhAkJV4s4YFytMqjDvcwacx32M0Uq6DZlY4ueAR3stUB-iToMDvxsolKQmuFxwH--Gh3NOr09WyDmfQDBL6ueMYbMPORtTIftFb0qIMO2d_xZN9Ae7w3OTmSJ0p84M_lhpvytd0ia5o-fgJ2NYFtWTdfQwvDAav9R_Tpaw0JERj8J5stD2HYOa7CUYJ8uDUD6IhepJauoRnDibDKFB9o2iAS2Jp0_UjuolEV9o6FYIQuDUPnbtrdEAjcFW_KLrkQTFU74O_piU0n7EB4G4JIbGth9AMfkPttwCcAhO3hchZKMA0ZbHjVviX8YsoqxXYbPQpcu5-zVuXTDICDVmHvEdQj9jyAnKrxUXBEbyVGBpV1IcBwKQr6CmHybPPsRmXaB9WxL5DEjAuuGlBRR-SGxbBKup38DqHFvsN7JjOzoVHduiJj3JQvlTeTzf3tTvBRKTJeJ4jYzXzCbFthdpF9hE5HQIT2LHMK_QD8n7btDClwcLHiDy5KJcLaipgnaa6GMCFOdz3o1YAOLcdrhzEqYuq7k1McOpvBQawqJkvYD100xT108qwPjjlB_hUJ3D78tDDBCHA83jAkrH8IWkg-Gj-83se4ccn6mrflfc9xZCAlnn5Wut7fPjIKI8wUIu5H0D_J4B2W-fVigR4MsZIo3e3lPgz-odRy5Q6_J6LxEo8KywTBNtYHdGhHhdqq_JB9feDwQvV9iye8lnuOyfFZnvc5azr8CsPX131_oD01PkstZOkwaRYt73DlOr5pwbhUytacIpaHvqfVbYlyGQqKmBpgk5xo9THPzGD0byn2cjcIa3zJud-JsXqCe5nw4TJsSVCgJrckBL65YJfIHSlDU5nHKpcCbSw_TkikfRrPbmeVyyHEJtn_a_vILVPFKhgGfRtwzz7lAOW7ceLNVGMaxriAkI8nzKjikAr5tPdMCC7ENhk45WVXM63xWt6JTnB0X5TCihE5vT7nafFA8Ll5nGKbjeZoa4G2NYhvm8R0yBXNmv848Yc2VF9xTGn9qUvkcbRZsoCWCZHXatO3Dd4RWaatwpzKOYIeKCCX86bdg3oUih27PbkTQFJC3vm8ScO3Nch5SxpLM1LBvFz1xazm6kdN_9HBrr7rJZLutojnIOjbNGamqy06oUmapqhtHVgETkAH39YM9_6qtxeAUn-JtDHaNiIYB5CB5hkTtDq673RpsCWXhUzg5FKDEz_GcjPSJYVHqef940RV9DnW6SvVmzs6fFKARyaDzC_1yohv49biOd1GhfGd1SkOZrtdlbI_OF_spB5cVi8Z0-DDVtAstozEf_zlJ53GisBae8Hp1xgfRzCB49aNxwbR3Mi8xmJBdlaX0p_G3BDwdiOOPHJIet9x-yVonLrNffy-PM8tbNCiLUQ_r6_Tf4cR6R0il8-mbwg046sFWIO2Ezsavtcd9WqxwL572BEBPxZyRKBu2FW4Gf1U3W_cgrui6jdRk1Nu8TAaJsEQSeCElEHO6xUexZao2mexTrsSiNhrlxlT0R8lXQ8WopSbYVTC_7hU_GtRkxawqGwZVvZXCzS2KSZE2hyo_0Tb1DlyGufNEN_srCAmeLSXaNMbVvjhcfMLEJy4N2nthoH-AH4udeIWgUNnMkuGo3XB6V5y-vwDo0gl-QO8oRUPAHmAfrAsf8Xy7c0Y1_yeNyyf8dNqB2h436UHDgz6MzdiDx0ODVi7ngtHyG7DE0RcNRHmkTNG5UvJ9bjsObhx7zGk5Y3UT6i4kDuwFv5I7_O03D6mWwbq-UpymUK997_fwzlw5jhPzMAeezA5gli7FSLlayWkOV9FPIUu6Xsjv_4MstsYxUjYpvj-OE8DxrSKFyJ5m2X4arARgTKsUCsykSL1YBL9hv1ThZis6-I3ILx131_VT--6EaFqddpto_B8wi7IoVC6qb9hFe5tY9vWjwksIUmEctKaB5snZkR5Zofluw5HJbm-h0slrNW49WTTiUDzQQzKWH59-EHCuWMZTbYJC7eGVseahmdb9GMPawV8sPgeGTQGnef5VZHiG3oecI7k8Sc3zfAGlAmEdqSPMa2_a1hP8rKzK3lPFQ&cid=CAASEuRoI-1EuehZs8GkAODLIFpgqA&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:48:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A468 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaP388q4jusCy1g7XXHY-HmymIZ7u7boCZ90GNUVRsrpM5zeZ13MX3JEc5gBmCqumlufSB6tylgdUGjM2wFKn9FEo9hypkTJMaZSWe1azthPVlihzRJ76308Kaw9XOzn2WU63yVF3UasmYhXPMFLGIcHEGA&cry=1&dbm_d=AKAmf-AO8ZI5Gn5DwtqpmAlqgYPFWhJ78ymvf8d8_0Ik89Ow7Et9mA-SA4IEzrv7p8PwlhhXnlX44lyAeYYDPl3SgqnS0tOZfh4J_9OCt1xEZBC1bukcjj3ocMNBGLs9hFLVOu1eRhShV5mGatoDQDvM1_4zk6ul_7Mgdq7aA2mw0Cm3Tksf7EHg9v9cL4pVODFzOgqz8r1vwoDpCgzMBsDaMPU7A3EGVhNS4z7xPUSxiwCzQyFjBMGNQotWADRUVMj5h2ebH-h3nvKddf9izVm7bUPoW-kkuiEubnjNmCAdSaWKu_iU-BaOtmpOUzX6_hLgdQAE9e2ZrHz7gFfCJa_FmAPswBZ2ffeAadJXmdcYCsRE550nHz16zNi6kKOx5Z8usrT8bN1FUKE-YjE4k3PoFNMU7CvnuEVI9ERz-rhYA0c_6OMTmR-8mA9YSUsHzH31tt2u_boSrpTAZ6m9x33ZhE1M8_j9pxjfn4D0pf_KteCXb6GERYuJwuIowEU7cae9BqzE2ttkoNPzsq4WE--6M2f6hmMaGpMjtcT4T8zLgD6pr1ssk_VNSqXRcw3LHXsW9bqnaNaJ6hEpaM2Kp0FbYZBBqw_qpHbX2yyHvKfk_11cJ3HvW-pLgzecWe7cqJU_LEzZ4hZseH6P63Yz4pITqQMWGvBtB_endSASGf17lRWJW7dt7NcfzNsi8ErrvU26c7Lu-6ymexyTfO4mTrQ4jc8ozltUC4S3XJ-EWFVuDyffu4rkuREr__-KuysjKqlPZMACNfL9-oZsWF-hXHVYkazFdModtfsZLIP2HlJuZ2e2ItW3gq7fGp4Msie2Nys53QERzKetOPDc7lhc0JdC5coUzGbOLsQbWQ6Uq2rXZFlEHegeohxabe32AnW-zc-xt2IUhw5lD-CXLpD1H13sEVi7GZoVS893lxh7CizVQZw52WfijbFisaq3fpke0XUq4Pc8glLPiVlsHHL8kAsQAqaywrRYt10Ju30VrFV4EhAmL5CNEy23dA2bVPl1bSv81MQezJCr6nD0b5luYZyHhFId1ssEOSGOqqfT9btoV6lMQhsG-4weyeZQK63AEFlJ6ZASsH507tk8APKUSI5dsGIG-_4rhs3wq5ei8NR-gGXa3jjMS4a5b1qDrn9uuqDwkzUXT0CJXSWDBsO_jhYm_IMFuI2Q15s6-sI4yISPj6V8x--ovhbejslJlVmh6QG6tBYqyClQbT0uHVuxIKeyU6jt2x8KavsJ3y5M2_yUHWvbISvYyl2fp1brYGTqxtZj506VeODmvJ_rF1zp-umXFUZp89-UDHM3JZfRumicJlb2D-Tn07qx9Fow3QWzEN9Gd6fpFDQznhAkJV4s4YFytMqjDvcwacx32M0Uq6DZlY4ueAR3stUB-iToMDvxsolKQmuFxwH--Gh3NOr09WyDmfQDBL6ueMYbMPORtTIftFb0qIMO2d_xZN9Ae7w3OTmSJ0p84M_lhpvytd0ia5o-fgJ2NYFtWTdfQwvDAav9R_Tpaw0JERj8J5stD2HYOa7CUYJ8uDUD6IhepJauoRnDibDKFB9o2iAS2Jp0_UjuolEV9o6FYIQuDUPnbtrdEAjcFW_KLrkQTFU74O_piU0n7EB4G4JIbGth9AMfkPttwCcAhO3hchZKMA0ZbHjVviX8YsoqxXYbPQpcu5-zVuXTDICDVmHvEdQj9jyAnKrxUXBEbyVGBpV1IcBwKQr6CmHybPPsRmXaB9WxL5DEjAuuGlBRR-SGxbBKup38DqHFvsN7JjOzoVHduiJj3JQvlTeTzf3tTvBRKTJeJ4jYzXzCbFthdpF9hE5HQIT2LHMK_QD8n7btDClwcLHiDy5KJcLaipgnaa6GMCFOdz3o1YAOLcdrhzEqYuq7k1McOpvBQawqJkvYD100xT108qwPjjlB_hUJ3D78tDDBCHA83jAkrH8IWkg-Gj-83se4ccn6mrflfc9xZCAlnn5Wut7fPjIKI8wUIu5H0D_J4B2W-fVigR4MsZIo3e3lPgz-odRy5Q6_J6LxEo8KywTBNtYHdGhHhdqq_JB9feDwQvV9iye8lnuOyfFZnvc5azr8CsPX131_oD01PkstZOkwaRYt73DlOr5pwbhUytacIpaHvqfVbYlyGQqKmBpgk5xo9THPzGD0byn2cjcIa3zJud-JsXqCe5nw4TJsSVCgJrckBL65YJfIHSlDU5nHKpcCbSw_TkikfRrPbmeVyyHEJtn_a_vILVPFKhgGfRtwzz7lAOW7ceLNVGMaxriAkI8nzKjikAr5tPdMCC7ENhk45WVXM63xWt6JTnB0X5TCihE5vT7nafFA8Ll5nGKbjeZoa4G2NYhvm8R0yBXNmv848Yc2VF9xTGn9qUvkcbRZsoCWCZHXatO3Dd4RWaatwpzKOYIeKCCX86bdg3oUih27PbkTQFJC3vm8ScO3Nch5SxpLM1LBvFz1xazm6kdN_9HBrr7rJZLutojnIOjbNGamqy06oUmapqhtHVgETkAH39YM9_6qtxeAUn-JtDHaNiIYB5CB5hkTtDq673RpsCWXhUzg5FKDEz_GcjPSJYVHqef940RV9DnW6SvVmzs6fFKARyaDzC_1yohv49biOd1GhfGd1SkOZrtdlbI_OF_spB5cVi8Z0-DDVtAstozEf_zlJ53GisBae8Hp1xgfRzCB49aNxwbR3Mi8xmJBdlaX0p_G3BDwdiOOPHJIet9x-yVonLrNffy-PM8tbNCiLUQ_r6_Tf4cR6R0il8-mbwg046sFWIO2Ezsavtcd9WqxwL572BEBPxZyRKBu2FW4Gf1U3W_cgrui6jdRk1Nu8TAaJsEQSeCElEHO6xUexZao2mexTrsSiNhrlxlT0R8lXQ8WopSbYVTC_7hU_GtRkxawqGwZVvZXCzS2KSZE2hyo_0Tb1DlyGufNEN_srCAmeLSXaNMbVvjhcfMLEJy4N2nthoH-AH4udeIWgUNnMkuGo3XB6V5y-vwDo0gl-QO8oRUPAHmAfrAsf8Xy7c0Y1_yeNyyf8dNqB2h436UHDgz6MzdiDx0ODVi7ngtHyG7DE0RcNRHmkTNG5UvJ9bjsObhx7zGk5Y3UT6i4kDuwFv5I7_O03D6mWwbq-UpymUK997_fwzlw5jhPzMAeezA5gli7FSLlayWkOV9FPIUu6Xsjv_4MstsYxUjYpvj-OE8DxrSKFyJ5m2X4arARgTKsUCsykSL1YBL9hv1ThZis6-I3ILx131_VT--6EaFqddpto_B8wi7IoVC6qb9hFe5tY9vWjwksIUmEctKaB5snZkR5Zofluw5HJbm-h0slrNW49WTTiUDzQQzKWH59-EHCuWMZTbYJC7eGVseahmdb9GMPawV8sPgeGTQGnef5VZHiG3oecI7k8Sc3zfAGlAmEdqSPMa2_a1hP8rKzK3lPFQ&cid=CAASEuRoI-1EuehZs8GkAODLIFpgqA&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 5F0E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag-_r_UtXVSgxQopLskmlT6mXiB99MyCYS_ruGcebOnazOksj7emDCx67Wj_m9nlX6eBYIs4q-Q0Ww4QuOp94cbkEXWS8j6b6C7Ar8AA8q3xlgZBQT_eZXqo3jpI23ZpaJJBnGLGRMpdyuR6qTFPHaqMjWFA&cry=1&dbm_d=AKAmf-BH3Tx7fzrVuQCZcqTJw1Cp9MhED63V0umZH9NgQRNlveyBp_6nE1sGEe6Ss1t214nUpCbcUcmRBGB-zWOSPRKXtBGz1QvTH2RF8Lh6oS9o4YxKvw4UXunJNDAotIi4xFRV0W2oQkcwhF_MqLeJtEDa1iuoQEKJQKNrSGJxd-y3iUoXdeJjvjLcdjP_hm7WJGfdItXbQ_TvekjY6F-KW8OMH1jdHpHEZYEOZJDfUM6Y7_KhYs75PNTNbMabgvC-hgutBSjCBTCvUkqwJ25fcfpHjRtHae0pjcsa3ZEs0Nuyfc0kRIbQQJVYA3cxRURfvMnvTNnCeayRfFSkcXqvRdMz3BFDkJjPZu6gGCc8-6nikqarXi3zgI9VgLJJF9pHAizTr1gYhyLYFjd_hyFtwP8BMOotjxy8IQ4207vSw3TgkMgXlcp1L6eoOS-ntXoSz00Jalwrm5RnAA_qMbPaj4ljDBG_ww9TlpItteH1M-vaPiDrRGXs-zUqmZqA0BRhHqoElqKTePYUZnDRX05TSxLZDjW4HyDTt8nRORpPrKfcd2jpKQfJfTuWh7_esoPNSoV_qpoKc_G7-4_kWyTqxEpbxsVXvrapSzPbjvbRA_7kTt6aTZAgMD6bo7jMytOx5TxYWoyHNs6JkskqVR1Z_30m6lEPAHuFTPYYd3iaeOO3JX6G9xlUvb5QPLkmCD8ReD6bPy3DcKWmjk1ctKPo0cIsnhxp6Qfxv8d05l2Mzj8jDeq5_UC6IDheDYFQKIu2L0MmecJAPTJW0_lvKlOeAFkZbsQuP3TukffYAQ3ClPnnPFbQDXCVT0LJv-JuKjQdVQnYccRwHutG0ma5oxLk2IFqERVS-411RW5ORxXCZmTTpeylsnUHGYIktGZOvJg53Gc2Us-nBwcx4lHGjUmI6SdQDfySWoQDy-Z0yzI5bjXd7_P-7ViVFOBzFi8nXmHfeuNXXFvzq_CL3mMjiBARfU41aSn1H-YH_vRcD4ciZ4DfR8oXr1tMaT5jQuEXPDpAVDDWn75iwCJAQpy6bx9gGDemMag265FPCiA1EQBTDcDRixwM79W0EALtpfplP44TjRP0SoYpX5nesFz-xtNzYTkNnSQH835ZiPkETbzCv8775pnjCXqOQydxwU6afLenvvBGXY5f_JiYoLaUK4CHG2pnhDBUBvOz7YFOzDpwv0Yz3T-ihPUxXQkTnabOpx--uIBzzIBa2o67-BHrw1-zhmW2m_xCVBsTKj3AWHaH8SRihte6OSB7WlSkzhH0pCbcZUzitP8WnW-RyWOCzRod5pZ_o3d4dE_RLsmmWAtBbVwZhKYTcddvwTfAp4uG7ZGLnO5Gx7lRrrRY3_YJLGPoerysLZbusJnWQDgwdYdZb_Jm3RHG3kt2R4qwH3O2wPi8ZXXBMrDW_JoQ_dAQk51drwAOiPThn1R7jrngFQqaf_JwuzpKCq9K3_0RPv6eCh_NV-BOj5vcBt1B7gIDi1lyCAFCX4BJ9m83plXChY6sNjl6IfBUIM6lsQMv86A5vc0jVfJ27EpHliQOX1lzxV_7YzVsgdZ4T8yc5ZlC-KL5ZjPSoIcsvbNgAGY8AhOb7vnP01QVbW05Vz0X7uAAS9QWJF1rbnIjFlvFmF2_DF0RidwTmjlf03LyXmAO05wLexeU9j4RIHN4PAFq21lpawn-NPRSeZC5FECx6EQzvb06AHOg5Db_EsPq2cycK0Yip9gqlrLCCteeb9rN6FQ2_EgPZ0_TFfEzSUNtBHvEKbk4acSdpGY4YpSu9WKI-0gCqh73oxwNuk9s_sUjpoU0vHHec4hom0Iez8jOlQ7a89CddqNKac3_A667kHOZnM9wdvCxHAxZTg8EhREFPev7bvcoYM0uKEVc0bfTQm1-wC-9q3MA_ONCMcjbj1XFozObqfkbqRtZ5ovzZv3vswhDliFMC_tMNkyLNhick9bMjIsUoxnjo3--pMzWAIB-0Rvl-3Mrts8UKSiK-c7qc7l0oKL2-r75e2kzS-ythTpy2-4FXHCq0R4-nLKMuFv8NkNi6uGfpLJZ190_pqIF_CZRDhpx4RIOoI5-UDOISn9T4CO0FviYCheD8NCRn6KWb1ZKedhPChmnSby4hYsv90auY__zgXygkjCa4lzZRGin0LRa0deYxUMr_BgAxgGaPWW0UAi6-0ihErdyOW5HQ97kbFTcNaHdQBwI1YUJmW73_Ft2JRWdHO-YtwYXP0IgJKW5SsSX_pqlZSU8HYAD9byTIQrlKbQ9Y1f3jKBahMlOwC1inVV4B9HuzCyEZcMiN7WsyUnnvpbFWKys5TQNXrWf38Xkj9VSU3LMEwGZkhwrbLhiqzZ0YD5-6-lOcy9uC0O5KSCd116ZmjpB6Tg5OmpP3boafPBUNoCTq9hP6uXRyCg740HWLajNv4HSJ2Nyk29dYcfsz210RbfOiwf6qzv5mvAYv2PZfZpqnh6tLxoRDOAT0D5iwzlh03IPCOcnZ0Aq-gGzoPjsyj1d0B8jJfzcLymhvezAqdvWHXQBrZdlXWDqH_sh-Wh6MLpYtkhO0jTwypT_n4uwiTtbz_4t8YNYQHEFLPjhQmx0r9pyejO-fNLOXYBcEYzITUFChLNDRwQNEzRWqfZFTEUetldbuFs-2kZV0C72QFWkt63S_6yt5onCtxpVShA_tWCKJLvqd2bN-eLx0fO7frhezX4ArFvJtIM8E3oyzWPuYJ1DnIWV7DDkkFSO09M_jB1y59RSysUPBgGBuM5tz77ZpL6fzQwSnJdB5G9DFlSFefxuJffewEbwm6J-kGzF4Edcgep-FUGFZf4Gi57gnHFY5mO1ThI-K35N3OoXinHU2JrrcFZ2PzMNbY5pJRXr1qffj75aLNk82kF_7RpEf68EMf0pYSwxwgYb24aKKoXYYgtyFB1JXlBA6FnICaZ6XsYIqVhDHWoOfIxsCWpNNOB8Y2rodTRosIkE1mP5aIPl2Ip37G0ML39aorcvuNr2O9qmnW3lE3EajwBOe5FB0nxWrOrQFugomP4OBGKNZYobtkIMabN75D4DgwdGLNSZkWq98KKWoevxmJfT5D8-cxImK0B3cieItaWQgEMD_pUWR_VMEbzY47DNysc311jCFBE4ncMbTHGk8pFHx26E0zO80HZgHm4NHSXCvK2Wm6dD0Atm_qtr9-wQZqo2YDWvW4_ON3LHPSC7T-n1cjOKaE0YnT84eIjlYcATFylCjcB-7ySurupjQGimkBbvaH13l2FKgtVpsQHwHfdhfMZwdnIyWhYPGdWQARtuxSl5B24wB_jZGgNoyIIgtxtktP34P1YE2B8j641WFLS3g7xV4F0j5sq20yN-XYMTX4kOqcQireZquDWro9Vc6vgfscmvSpSUso87JEKm3FQT6rRU_Y_R2aCEfk_tMVVABoKtEbQdEg&cid=CAASEuRoZh8Cr9rhA1eVdqBoFi0bMg&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:48:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5F0E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag-_r_UtXVSgxQopLskmlT6mXiB99MyCYS_ruGcebOnazOksj7emDCx67Wj_m9nlX6eBYIs4q-Q0Ww4QuOp94cbkEXWS8j6b6C7Ar8AA8q3xlgZBQT_eZXqo3jpI23ZpaJJBnGLGRMpdyuR6qTFPHaqMjWFA&cry=1&dbm_d=AKAmf-BH3Tx7fzrVuQCZcqTJw1Cp9MhED63V0umZH9NgQRNlveyBp_6nE1sGEe6Ss1t214nUpCbcUcmRBGB-zWOSPRKXtBGz1QvTH2RF8Lh6oS9o4YxKvw4UXunJNDAotIi4xFRV0W2oQkcwhF_MqLeJtEDa1iuoQEKJQKNrSGJxd-y3iUoXdeJjvjLcdjP_hm7WJGfdItXbQ_TvekjY6F-KW8OMH1jdHpHEZYEOZJDfUM6Y7_KhYs75PNTNbMabgvC-hgutBSjCBTCvUkqwJ25fcfpHjRtHae0pjcsa3ZEs0Nuyfc0kRIbQQJVYA3cxRURfvMnvTNnCeayRfFSkcXqvRdMz3BFDkJjPZu6gGCc8-6nikqarXi3zgI9VgLJJF9pHAizTr1gYhyLYFjd_hyFtwP8BMOotjxy8IQ4207vSw3TgkMgXlcp1L6eoOS-ntXoSz00Jalwrm5RnAA_qMbPaj4ljDBG_ww9TlpItteH1M-vaPiDrRGXs-zUqmZqA0BRhHqoElqKTePYUZnDRX05TSxLZDjW4HyDTt8nRORpPrKfcd2jpKQfJfTuWh7_esoPNSoV_qpoKc_G7-4_kWyTqxEpbxsVXvrapSzPbjvbRA_7kTt6aTZAgMD6bo7jMytOx5TxYWoyHNs6JkskqVR1Z_30m6lEPAHuFTPYYd3iaeOO3JX6G9xlUvb5QPLkmCD8ReD6bPy3DcKWmjk1ctKPo0cIsnhxp6Qfxv8d05l2Mzj8jDeq5_UC6IDheDYFQKIu2L0MmecJAPTJW0_lvKlOeAFkZbsQuP3TukffYAQ3ClPnnPFbQDXCVT0LJv-JuKjQdVQnYccRwHutG0ma5oxLk2IFqERVS-411RW5ORxXCZmTTpeylsnUHGYIktGZOvJg53Gc2Us-nBwcx4lHGjUmI6SdQDfySWoQDy-Z0yzI5bjXd7_P-7ViVFOBzFi8nXmHfeuNXXFvzq_CL3mMjiBARfU41aSn1H-YH_vRcD4ciZ4DfR8oXr1tMaT5jQuEXPDpAVDDWn75iwCJAQpy6bx9gGDemMag265FPCiA1EQBTDcDRixwM79W0EALtpfplP44TjRP0SoYpX5nesFz-xtNzYTkNnSQH835ZiPkETbzCv8775pnjCXqOQydxwU6afLenvvBGXY5f_JiYoLaUK4CHG2pnhDBUBvOz7YFOzDpwv0Yz3T-ihPUxXQkTnabOpx--uIBzzIBa2o67-BHrw1-zhmW2m_xCVBsTKj3AWHaH8SRihte6OSB7WlSkzhH0pCbcZUzitP8WnW-RyWOCzRod5pZ_o3d4dE_RLsmmWAtBbVwZhKYTcddvwTfAp4uG7ZGLnO5Gx7lRrrRY3_YJLGPoerysLZbusJnWQDgwdYdZb_Jm3RHG3kt2R4qwH3O2wPi8ZXXBMrDW_JoQ_dAQk51drwAOiPThn1R7jrngFQqaf_JwuzpKCq9K3_0RPv6eCh_NV-BOj5vcBt1B7gIDi1lyCAFCX4BJ9m83plXChY6sNjl6IfBUIM6lsQMv86A5vc0jVfJ27EpHliQOX1lzxV_7YzVsgdZ4T8yc5ZlC-KL5ZjPSoIcsvbNgAGY8AhOb7vnP01QVbW05Vz0X7uAAS9QWJF1rbnIjFlvFmF2_DF0RidwTmjlf03LyXmAO05wLexeU9j4RIHN4PAFq21lpawn-NPRSeZC5FECx6EQzvb06AHOg5Db_EsPq2cycK0Yip9gqlrLCCteeb9rN6FQ2_EgPZ0_TFfEzSUNtBHvEKbk4acSdpGY4YpSu9WKI-0gCqh73oxwNuk9s_sUjpoU0vHHec4hom0Iez8jOlQ7a89CddqNKac3_A667kHOZnM9wdvCxHAxZTg8EhREFPev7bvcoYM0uKEVc0bfTQm1-wC-9q3MA_ONCMcjbj1XFozObqfkbqRtZ5ovzZv3vswhDliFMC_tMNkyLNhick9bMjIsUoxnjo3--pMzWAIB-0Rvl-3Mrts8UKSiK-c7qc7l0oKL2-r75e2kzS-ythTpy2-4FXHCq0R4-nLKMuFv8NkNi6uGfpLJZ190_pqIF_CZRDhpx4RIOoI5-UDOISn9T4CO0FviYCheD8NCRn6KWb1ZKedhPChmnSby4hYsv90auY__zgXygkjCa4lzZRGin0LRa0deYxUMr_BgAxgGaPWW0UAi6-0ihErdyOW5HQ97kbFTcNaHdQBwI1YUJmW73_Ft2JRWdHO-YtwYXP0IgJKW5SsSX_pqlZSU8HYAD9byTIQrlKbQ9Y1f3jKBahMlOwC1inVV4B9HuzCyEZcMiN7WsyUnnvpbFWKys5TQNXrWf38Xkj9VSU3LMEwGZkhwrbLhiqzZ0YD5-6-lOcy9uC0O5KSCd116ZmjpB6Tg5OmpP3boafPBUNoCTq9hP6uXRyCg740HWLajNv4HSJ2Nyk29dYcfsz210RbfOiwf6qzv5mvAYv2PZfZpqnh6tLxoRDOAT0D5iwzlh03IPCOcnZ0Aq-gGzoPjsyj1d0B8jJfzcLymhvezAqdvWHXQBrZdlXWDqH_sh-Wh6MLpYtkhO0jTwypT_n4uwiTtbz_4t8YNYQHEFLPjhQmx0r9pyejO-fNLOXYBcEYzITUFChLNDRwQNEzRWqfZFTEUetldbuFs-2kZV0C72QFWkt63S_6yt5onCtxpVShA_tWCKJLvqd2bN-eLx0fO7frhezX4ArFvJtIM8E3oyzWPuYJ1DnIWV7DDkkFSO09M_jB1y59RSysUPBgGBuM5tz77ZpL6fzQwSnJdB5G9DFlSFefxuJffewEbwm6J-kGzF4Edcgep-FUGFZf4Gi57gnHFY5mO1ThI-K35N3OoXinHU2JrrcFZ2PzMNbY5pJRXr1qffj75aLNk82kF_7RpEf68EMf0pYSwxwgYb24aKKoXYYgtyFB1JXlBA6FnICaZ6XsYIqVhDHWoOfIxsCWpNNOB8Y2rodTRosIkE1mP5aIPl2Ip37G0ML39aorcvuNr2O9qmnW3lE3EajwBOe5FB0nxWrOrQFugomP4OBGKNZYobtkIMabN75D4DgwdGLNSZkWq98KKWoevxmJfT5D8-cxImK0B3cieItaWQgEMD_pUWR_VMEbzY47DNysc311jCFBE4ncMbTHGk8pFHx26E0zO80HZgHm4NHSXCvK2Wm6dD0Atm_qtr9-wQZqo2YDWvW4_ON3LHPSC7T-n1cjOKaE0YnT84eIjlYcATFylCjcB-7ySurupjQGimkBbvaH13l2FKgtVpsQHwHfdhfMZwdnIyWhYPGdWQARtuxSl5B24wB_jZGgNoyIIgtxtktP34P1YE2B8j641WFLS3g7xV4F0j5sq20yN-XYMTX4kOqcQireZquDWro9Vc6vgfscmvSpSUso87JEKm3FQT6rRU_Y_R2aCEfk_tMVVABoKtEbQdEg&cid=CAASEuRoZh8Cr9rhA1eVdqBoFi0bMg&rfl=1%2Chttps%253A%252F%252Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 273B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5cbe3aba3f9dd99c39e0af3e828011120a6b5b77897bc18c3739d8d54eaf4bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3972
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6855 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
117678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
k87fl8jofdhz
hal9000.redintelligence.net/zone/ Frame 4CD3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/k87fl8jofdhz?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3ccbfd7548101a76b9f14504dfa658ce0f4e0dca96cc08652d682ad347c5c8a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3966
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 956D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
117678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame A468 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7ec9f31293d7cf5e23a5b31cfc5086223cc06e1f683e75c03a2fd7057b1afb3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3967
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 37A3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
117678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame B639 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I2SnLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 5F0E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3a9b818b083d4934815a51037deb08832ce1f31764a5cc97c4798410f333c933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3972
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 34EF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
117678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal90008.redintelligence.net/ Frame 273B
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4da86342e08a065e6135eb06015c91f5dc9492d9701253a342046e3a20b6639d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
94795200234521200710584011852008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1264
Expires
Thu, 27 Jan 2022 19:52:11 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
request.php
hal900012.redintelligence.net/ Frame 4CD3
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
a829729f5a7966b16e9be4907c2779317f76aaac73e9c47959bd7caca69adcca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
78199000213407000710580011852012
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1261
Expires
Thu, 27 Jan 2022 19:52:11 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:52:10 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
request.php
hal900028.redintelligence.net/ Frame A468
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
15ec7956d2e50165f7a50c3e8db4c42458ec3df43dee73b3995c6d4b2fc0df97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
98604300273699700710584011852028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1266
Expires
Thu, 27 Jan 2022 19:52:11 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
request.php
hal90001.redintelligence.net/ Frame 5F0E
Redirect Chain
  • https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
af185904d2ea6e77477c9cd770cdc619ec4320bb60841a06d526db16ae0d278d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
61279900244895500710584011852001
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1262
Expires
Thu, 27 Jan 2022 19:52:11 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012502&jk=3799113561676012&bg=!n5ylnNjNAAY6OBv_Ojg7ACkAdvg8WklIU5l329VJ28iMJtsRq9AdkTDvRt7xyXuXZ2WGOcBN_H2c8wIAAACDUgAAAANoAQeZAt2nF2VWznnX_SX5hxunmKSfKIEzR7xwTDpoAO8N6qk7gfZNSlt6CX9bCV0O3zydCB7BQ7oXvxXhDJ_XfeT5--NdHi-6_f9pQHuouvU69U-her05DuIgZV2qVLoZjfrE_GSB1gZBxkzFtNIUdXk7gKpFJSOcMjd6y_tjoqGL6pu19yIgJMZUtkEnu_P2wHDGksCCzSr8pMbHKYIp5v26WdI6n4RB2xQFj9Asy31oI8g4WuenWZcR-RzbFqt4761RXoiSyZVaO9llKd2m6_rMGABKCf0a4VcPjODiJW16sQojNFCwEHU0X-_eNZ-vU0rBossOdkHTOX1MbF57qIhoIwfQ_yj-_ande0Jre5ltfMnWHd6OMXFrhbDt_WMvtLZKy8T_ac7xRY1KyP8e-YeKtF1x0oy1TFOz4sLDQZT9AzrMFORBE3Ao9geC7qIww1G90iao6TnH0GUdLFVSdx1Wqsy_dDJvBktsgq1cuPYyun6ChZB83wA9qBsO74QFt7KICYMHE-ylrtI3NrsqEfXoS4aRFCtKGUv449oFnFf-PtLSrw45bb4yYIZAThObHrA26lDYxvycdJg6-uyi9fRikgVVfUVt07jwwWuN2OROpd05eV1HdiG_fUN9F76P0etCtGtByOmicDnpAuONx1zrtPMspSj88tBZ8AdZb60alEj4XLpslN3qKeGdiUkip-a96rY5UxXkSdHFns-YXmlcWRHpd5QD_BDEwPSHeuNKKKkpmua8xIQuljJLd1NjMy2fgaHfHjcqPMeiJhernDDi96ZfuNildvzn6hBC5f6AtsnPh8uYzPrK1EkcG8_y5Ew6ZcBC8uj6rCCsvc1BODHoC66hXbh9qgoaTY1y35LeV0fs5ovNmjDk8hY4y4B5H31y5RozJMV4FcXirOQOvz79_qUaRdXr2WDUshARVaSmsNp9fqigbOIOclTT7b1ZMJ0Wvbsy72dcP1PhaelCc5Ss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 6855 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 956D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 37A3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 34EF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
/
adv-srv.office-partner.de/ Frame 69A7
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:52:11 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame B364
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=78199000213407000710580011852012&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
914 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67aaf8ee30a1f1a0c3aa8575d4f2e5eb9106c1bc20a288342b2c10424661a2b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d4485210ca09290-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 4CD3 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=78199000213407000710580011852012&nw=1
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6d25d30531ca11f0e527217e9bddac631c3c2538ac72dd7bfac7b383425138e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264
8019191.fls.doubleclick.net/ Frame 7A50
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264?
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
6a8d18abfc32572712e1abd071ef87c615806c864cc03e3bf63901135bd89522
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
expires
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900012.redintelligence.net/ Frame 67B2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=2174dd0d2d&subid=&uid=61eb8fb0cba5c0b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWAzl6vfyYe6dIpu07_UPq_WL4A2P4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSsAk_QvxS6k73DY-4Hy1HtArPwG0gNtHK8fPO0FlcozcT606Xzg3ZTr8iqnnb5lWM1iJXsZvbw7WM9Brh1N5jZtJdPU5uvUUknhTvusOVMrzJVJAMLc41p3h0FLamzEKvAG1l_CNPXZ1lXjSAANSTKx4grKSBqfc8cWxF29IaXIKwIXvKXQJkcLgQqSrVfF6IBFz7kV0XM9qbItXRtNJ-0HawZ1j7Os-xHnQ1rdVQF_SJ_v1tuHTxuT-GQqYAIZyk4GbVpjYRitT9J-hOAuPkJ4eG8r_vS8TjOnaNPDxOZTiUJNYJqW5y2yw11ohjv0Aex8oW4ibEvV2oUIkbh0XPrqlsSrxHx5LQO07Ki_gyaOv9t-roIRkfTfHpSvXsiUr9Rwv0vYDgq_M280IafcsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRondYhR15W1lRrpKxOaOZlDQ%26sig%3DAOD64_1nKnG2GKyq3IRBAKM-_G5zJTHtsQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-ACDDLRehpeSd6b9hKEOPZTpf6DsqnPjphNs-dascnnkFgRSwjo2sJWPIaoNgURy1VA7bqMu_n_e6ipneVEhTqMWs6Gck1K96JcqgqthAG-i9Qt6L1tIPNyrQF95zwBwZNzEmU4713LHOVWnJaHxpJy94_2oQ%26cry%3D1%26dbm_d%3DAKAmf-C1lyBopECaEevij1amtw0kymksFFc9tCJbKVioxw4itm5h1baJsLAOZbHNQtMNTZfPtNwTV34LXQYb-oTRdfAj8VeoGQhgtMnIN-0v3i2a66PD952BAp7WWhkYGdkbx5ZsZnYAOJ30F8_aZNjEjoGmyQ6MJIDpq8VmQw3pxArY7f1xTJMaThw0lO5USxaw7ZQ97Qq6THXc58t4hwdh5Wbxe9xLhUYw-GE8ymbYSrWjQeIwa7TCq3grCfwN_IjoXVszIDETliH6xuZKJ0Roq-cFAWSqlYlYKDZcP0McNVsJzkGLkBZMfUYh3CM9se3viczUziUjbkYJl3m1t7aqD7bviHvZByIXsOQu4KI5m30mZCzlCO4fa8yyGssUtqJhvDIKvqOGbx6723hlhEtbR5557yJ1uSyXMnsyQJ3DW3HI7BxzFymE6srBNEH7OCeaK46YmqNV%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=385025708755&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
99b178e9a84d593e7cc5cda40c4bf318b0179ccb0c8e9dd884037419a7756f0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2104
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 4CD3 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=78199000213407000710580011852012&pv=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 30AB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23159
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4CD3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95629df35774d3990c35fedafe92447187e33c589b70e0f185af1240b2181e21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv-srv.office-partner.de/ Frame FA0A
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:52:11 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 1158
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=98604300273699700710584011852028&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
914 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de7f978ba76a35a123755cecec2aa252ff278bd5308a4713e75415f6eae650a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d4485210ca39290-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame A468 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=98604300273699700710584011852028&nw=1
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
cba56950a5098ca95571fb05315cb8b90861b368d713197ed8160be7d688ecd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555
8019191.fls.doubleclick.net/ Frame A66F
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555?
392 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555?
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
2cdbc0521e67a8bbf80d09850ad776f220aaf5bbcaddd153f508f72c938995d0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
expires
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900028.redintelligence.net/ Frame 7CC9 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=196a6be019&subid=&uid=5aa27389235f5443&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbEM76vfyYfGdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QdQB8ygyxerP9mmu0v0zzeD93sHgbzaQJe6U0Wnt77KO8ilKdfIp0FnHGjSX3eAAjGc9JVOjfD8VxwzL6d85xopHFvxfN0oTitfWTt-CBWIXCPJvDm5_YLUA4UYcyQKE6qmSEMAztj4TRg16hZ90C5Ffs_4tu6X5g3I8ZcauGBRLS3K9Qv4N9BGprXBKtkxxmfp74Ub95e41HpOlXwi4bicFErus9hAMn9_AOjyDRKisTRLln65THKBCe6FHX4TFqlXE4s2a765pUOxRsCimkQ2ThSnwTF3g7FCk8AeDePO5HU21bY6UZdBBsLJ-O3bCa3BsdgjbV0PngJRtfkQd82v7w60mTutzMgP8gE3CS1FmDZorAt3pOHrEPcAw6ecoMAztXZHeDA3J_fa0F8ybVNvjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoI-1EuehZs8GkAODLIFpgqA%26sig%3DAOD64_2umeAuBZCvwKhGPNnSOBVd5zspQA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DRQoOkr5wBurLrb7JrdEaWQeS-H5XnjTlP-aHJ70xVzbFJQw80uUlz588RI1O1TV0hBx_koHdq5jVCwfXmv4NQEvnIEl6WVKsS5pHuEgcFdaTm49lLtDT2sO_R0ceWrClknPpq7NQSUqhaI54eyRfDvTFgeQ%26cry%3D1%26dbm_d%3DAKAmf-ApIpkao3cchFdUr3UEsAi5amACgAIB8XXq-Qv8WCLamOA_SOkW471ZqTOKRfD-chQxFD_e6Hq2bCr70qp3qipgqYr241kg6hUAO-KLKOzSqzTgmrEZyzxB_y8ROXov1DycJUNp-VjUtDa6eW5_ciLjOQgDX86z-3FXpl6bihLAejgq-t8WJ6-Pqm3cO-rEI--jdqnEOymetPvJ9Z1BkI0wigUM9gyleCl8vKjtD2IBQppQbFbPYw-ZYjCJ4YMGjyVx1GRtpbJYPUnNCTSWMvyRyFCiZsKlHT7eEEgfQOhel2Ba2mdhsgNfqX-RgzBJalO-kXTNZeMAQOhfsEvzr9p2e2Rb3vj5oocrnLxgaXDZL-odtP_RwFk24T_iEc3KW1SHsS-9hcvJrPUVrI0X7K8sdo5xXl8o_YkUeZW22AK0TuqZ5qK8Wnhd2nk9Jma0rJoPecPx%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8596307841422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
55efcb908acabb913227d573bc6c4ff836076d4b1f5b3eae6a4b8cbad4aa4db6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2084
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame A468 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=98604300273699700710584011852028&pv=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 678B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23159
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A468 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b320c0cda67e56c55a728781806fe2640478828f1224bf0cb4988184cab53e24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv-srv.office-partner.de/ Frame 98CC
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:52:11 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 97A2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=61279900244895500710584011852001&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
914 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee55e93ab60b2be24bafa897690bfa7eeef8b6ed02bc55024485b0f36d7983bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d4485210ca59290-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 5F0E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61279900244895500710584011852001&nw=1
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
528f2cccbcb715d8b978b30e42e26aa8d819781ecbfa8ad4f8b469c792d57fe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135
8019191.fls.doubleclick.net/ Frame 4C3E
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135?
392 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135?
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
ca3b22abc3d707146aed5ae860108e0bbc51d320d86c5f42037c1bb8a8d00e08
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
expires
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90001.redintelligence.net/ Frame CC5E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=ff0008e3c8&subid=&uid=d5056c60a07594ef&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVubS6vfyYfCdIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QwNp7VEcgdyxsRauHuOlcOC8cD8K92gGgK7JWvJI4EJBNmyXkxg9Y7l8o-YOGPEu9qPIgpGiHk0s0h9L7FjdVdOBjyIJqm8YtN4Cv23tSM0axde3EdXAK3d9onKQ-s-L86JVRCoooQAsecqQye8DNn3HK8wlPK7jIoCa3uJIPZCteiF2z_ue3e4fScS1YdzVctYyRQ6f-VA5mWksDCZ9pRmZSgX0gXYGXgBO4mDj6WkUP0jlg1eMCuVjFJ0s0tRvpGoyGwYE6bx3eALdFEiah4d8gq6C0TDgeVTyQd_nP_iQjZRd0Z3nJdMozTYyvhIOjt16M2AUoZ77SXnywJjVZq88RBXHw4oIOzP_awDdrNYj8vK6Q3TXgae3c1BJRUHAwaRtfmA2uM7XKhSCd-zz4EXjABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZh8Cr9rhA1eVdqBoFi0bMg%26sig%3DAOD64_0UrM8OUo7G72tRxqooB9xK0yl7gA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CNdJGzm6oxL95r_LggWVBgoyffGgaPNWnF6nbC4xkaXSWQS2rF3nvZJ9wpWZUIvOZDbrYUs3gIw-45vsocHG8GwnJNeQGWW7K5HKTrCA9hoJ7s8IH-qwUtRwcmQfjopRWz94oQZ3wCQ2Uyd30o516n9jkvoQ%26cry%3D1%26dbm_d%3DAKAmf-AQ2iTooZuRC56qIcVRH8BTZvD_CUQbz5N0CGQpGqm1z4UjZXYplz72_z015pRVsx5xu4wHHCoVt7KRzv6Ttl1atDBsX1ghyafMJStfLRFngZ9b7rqSB9kBmbmkCpn01LLSilcf8WUacjhNqFDHgK2WJ6OgEUz-ILqhgdj_4im6lRiNH2aKw9VDUXSg6zQOWx8k4Dpt_yF3cl_i-22U10hGizmH4yUgXshXkvZjemg0bFxnJs0wp33dkNMRhNdIekD2JkTRB5Ectx027xaAfWDpad1qnwdn6yeCcku-OoNdJxcwahV9hvjnMXBLmXwJhPADyBz0yEwF9ZOekY4NXYs3mI7upMCTK06bX_XiwTfwOl-z2iWVObsUcovuId91IEn-gWliXkPP81j4xVHh-e4OGdT5QhtRQzazIH65D8pZOeFmk3OgAWhscT7MR87t21g6I5m3%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=2835147803389&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
214c97788c9b6e6f6b4d871cb34076bc2ddfe68de650e3ecf9978febc89cb7ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2074
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 5F0E 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=61279900244895500710584011852001&pv=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6790 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23159
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5F0E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6c7399c96c48c1eee283662fa055d9b1e3512df7147b213cf58bb70851a9309

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 67B2 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:19:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:52:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:52:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 67B2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06db0843f2751dd0f37d17b6591ef653579c55479f9960e52504417ccf0c2c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16532
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 67B2 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2c008ee9f312abf45f4b2d0b73e37cd75cb35fb5a04b70f73bc2cb15f9508e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 67B2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
612d2d776acca8497d2399e34c897f75cc5dd564b50e945bfaba7dea7835a93b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 7CC9 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:19:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:52:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:52:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 7CC9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06db0843f2751dd0f37d17b6591ef653579c55479f9960e52504417ccf0c2c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16532
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7CC9 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2c008ee9f312abf45f4b2d0b73e37cd75cb35fb5a04b70f73bc2cb15f9508e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7CC9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
612d2d776acca8497d2399e34c897f75cc5dd564b50e945bfaba7dea7835a93b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
/
adv-srv.office-partner.de/ Frame 704C
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:52:11 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 9116
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=94795200234521200710584011852008&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
914 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ff9105530aec310609925006e362a84fa0b49bd72fbcc1f5fea8c4ce9dae2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d4485214d0d9290-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:52:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 273B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94795200234521200710584011852008&nw=1
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5dcc48a95dc8d4d5fc5fc5d00808acfa15af5a5b5e48f4d2935ba9ddd2715b45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474
8019191.fls.doubleclick.net/ Frame A421
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474?
392 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474?
Requested by
Host: desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
60de30879c516528f75166406a86264df9a0797112e4b09067128ba9a3b8a20d
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
expires
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:52:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90008.redintelligence.net/ Frame 15B0 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3abec9a13c&subid=&uid=6c7d5fe497dde09a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh5Ty6vfyYe-dIpu07_UPq_WL4A2P4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAs6i7-CtsLI-qAMBqgSzAk_QppxwM6kBSc9Sl5vE30yo1YYDWEihL0RNqCsyF8QLf9ZF1rYrEKEQSMqSrB3uCz-0Dj8OBtbOsrwww5E9ssFieVU9vBvBAOAsk3FKBkPW_iWgetQnJCbLAf1NFWN9JiwoPvyGEEFn8jqWCsPAXYGfvzPli5s_LjtCGz8mBOWhmrX8a2aPZ9zhMcEA4BcjvpUWgpPiUgtuN5G7odh1ovxfwrUt5QxezaKqtny-m3b9prWv5BzfmIRJ4DC3vdFMl1zQqQzIi1_wzVyBf8sc-_rO9opqyDj7O7M8NOhK3lsrmkkhcuLYVamXKsqZTz885hr7t-9eeKWSr8AKbZIqZx5IVPm0IYekXaGNgB03TS1bdYY2DF8R-Xb5_jnTmtmiFbusrxx629oYcSSaCtHyOb5VgTTABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDGWj5BBvES9A6VJT1DwhRw%26sig%3DAOD64_2d33LxBIfvSMNXUaTS3ffXonPBVA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BN00Y9wR4CpcXBkEDD4TAzrlTWSs6I2gPxKqONLqBF1DcSqpAnI1a-2zAutyAiHGLCaNcNtUi6mVGOPaUYtY8uhMovLHXkd5oOGox8Q48O9VbrrTr0M7fCQ-hRy6ouBoA2Klpl-mf7reJM8_AUbAiQStkucg%26cry%3D1%26dbm_d%3DAKAmf-CZTzHAJYVb4gWfcZ4QlXY3dfuQOehJok9x7PL6Fv9LL4WWQRo9FKHlV_EO4NKj7sWVvpOfC6RDnUArgm-odIAtjSUEe59vNeB7tSp_O2gBbW4FGPEWmWuKak_0e0cBP2oq7-8zAUbjvF6YCNfm4hNZUK3EJlB1EYHuwWZGbXUU994YylQjkbrnRp8Kkv02mAO9NLdosqsEuHixVppyq-bn2G66ocb0ZTDcLY6eChf_YuhObfKGBDcEDZeemoFROO9_Hgc15hWmOEydtnu-QXpxE-UZ8g_7AYy_A4CZGsnv_jyd5vdf-d-tqM6G6yVGr8Y3E4StRPKncGRwdV9YFLvYn8S18iCZI17L76msSvKZP8QRcg1ZcgF0DMs35DiezrDy3SPAd_7bDfPT3BNsIIQbfxXBzsiCow9nKFVzwFufFWvA92Da0nsEKR4Da3wNICEVlnHX%26adurl%3D&documentReferer=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Fdesktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=5603290441972&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ef551a053c454a36b62b52071bf90316989647b1749c0138625890ec43992ad4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:52:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2061
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 273B 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=94795200234521200710584011852008&pv=1
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7060 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23159
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 273B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36dc1f6e4f5bf379a210cfc4359c0b53a18c8d5867eda07555ca4614a687c83b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame FA0A 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9d9a742fbfb92e5cb9d4d5a806b9826c0384534c510bd2384c9d60a67a1c16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31993
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:52:11 GMT
gtm.js
www.googletagmanager.com/ Frame 69A7 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31994
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:52:11 GMT
css
fonts.googleapis.com/ Frame CC5E 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:18:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:52:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:52:11 GMT
/
hal9000.redintelligence.net/scale/ Frame CC5E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06db0843f2751dd0f37d17b6591ef653579c55479f9960e52504417ccf0c2c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16532
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame CC5E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2c008ee9f312abf45f4b2d0b73e37cd75cb35fb5a04b70f73bc2cb15f9508e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame CC5E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
612d2d776acca8497d2399e34c897f75cc5dd564b50e945bfaba7dea7835a93b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 98CC 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31994
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:52:11 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 30AB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1&google_push=AYg5qPKSBMY5-9mb2UF0_5X0jz5quZt3eYvkELUVwBL2F5DcTeyaExzG_VhMcFc1-9k3pv2x2J4bVUYtImkl6I2ZxNuF2lVT01SLkg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA1Njc1NDQ1NjcwMDY1NzAyNA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1
Protocol
H2
Server
2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECdFrJIcB1E66nKF2igd1T0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 30AB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECT7_TQ4oDlsxRs6KkdiMJw&google_cver=1&google_push=AYg5qPJXmWOKLXYzlA24I8mkliA9O8hUGjXQAXO0vwPlCbIQcINovC0T70c9K3IHoJ_pEK_YsVLaYkTS1BWZ0jqNiUpAJ0fc575aKw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 30AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEsMmEVCjuWG7jcZ0g4aaCM&google_cver=1&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf0UTJBN3wbrbeEA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf0UTJBN3wbrbeEA
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
MT3 4133 baa842e master cdg-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLdSiZ8dCuPspH4lQqRGyaUmXqE0Il5aUoSlTJfF9Fpi7x_aQA2Y2KVDquDLsZG10Ynm-oB5peYeQhwj1Bf0UTJBN3wbrbeEA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 19:52:10 GMT
google
match.adsrvr.org/track/cmf/ Frame 30AB 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEARdgtKhwMHueJOi3nxVt6s&google_cver=1&google_push=AYg5qPImw4IOduTsWO9J1xWJbRH0_AZ5G-Zqqz1n34dWbih4QC1e487oG5FdoV-K8LJf2uLFd6HePV_US8wf3GHQmYsKzmXxu3pM
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 30AB
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2tGXaB26EqF6mINufkC6s&google_cver=1&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rEQmQjB7Tn2phVjs6k5Ryw2&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk6unXfaCGcKB8Nw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rEQmQjB7Tn2phVjs6k5Ryw2&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk6unXfaCGcKB8Nw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rEQmQjB7Tn2phVjs6k5Ryw2&google_push=AYg5qPKgZEvs7vRdiRmiCkKF_uZR7NKuCsNdFOoqH5YU5BiJTok46OxMqCDm9ZPhYB1JJGwNmWFBJKXKawdEXUjk6unXfaCGcKB8Nw
x-host
tde-deliveryengine-production-655df8fcc8-cwcpz
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 30AB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY-&google_hm=533846887b810a15a9d7e681
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY-&google_hm=533846887b810a15a9d7e681
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:52:12 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrl9g2z41NxZeg517fMJBe-OjhImgyWe3vpxbY2Opu36toOm-S9f-lFvRb7t1r3zfjbCZK5fEICPK8T5HoJBQ2hUh5EQY-&google_hm=533846887b810a15a9d7e681
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 30AB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHwM6aGxWE2gZUNIrBkCY2I&google_cver=1&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCw...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 30AB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kb7gtGZgMne7pfYOF6zzZ_5B4OGxQm8AL7D1-BdvTdVUFeG9zK7xsdwVhLxgvgG4cdH6lQ
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 678B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMuZUzYrf0F8UOL6cDP8JQc&google_cver=1&google_push=AYg5qPJKMJHxrKwa9-bMYYJ9RYVQZZJ5lEH1rOSP3aCzf38LFkMEWl_AtSMElHmUrRSjBk1nbQPXXAyex5YQgZyLN6NqNTzD7XDw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 678B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFu3K_p2xM4KhC5oX1wcNmA&google_push=AYg5qPLPK_Khm0UiPBVYuEiZw16vGkqy_Se-45GTwxklO9lCVs0u2G9jWM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFu3K_p2xM4KhC5oX1wcNmA&google_push=AYg5qPLPK_Khm0UiPBVYuEiZw16vGkqy_Se-45GTwxklO9lCVs0u2G9jWMzvwYcZLPUt4-YpbX2UStoyK1fGsjDKeGhJIWXm5Eho
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643313132.843452,VS0,VE89
x-served-by
cache-hhn4077-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFu3K_p2xM4KhC5oX1wcNmA&google_push=AYg5qPLPK_Khm0UiPBVYuEiZw16vGkqy_Se-45GTwxklO9lCVs0u2G9jWMzvwYcZLPUt4-YpbX2UStoyK1fGsjDKeGhJIWXm5Eho
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 678B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEARdgtKhwMHueJOi3nxVt6s&google_cver=1&google_push=AYg5qPKL7rXxu37jwi5qeAWYbup8FAsR82ka5Hq1rGRXNxQMLRX1L2_FfwWcDZFEd09_-twoHnHNA06Ejz8WdtUGqaxxDdLt-Fxp
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 678B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOwn_MbIfrV7ljTHn3FjWuo&google_cver=1&google_push=AYg5qPLezF7P_O8wz00G7_U9KsttIIb_JLqGEVkiRBUVjl_GqMb9xhrcxhNKnpsyHmGM3B3dVM8...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOwn_MbIfrV7ljTHn3FjWuo&google_cver=1&google_push=AYg5qPLezF7P_O8wz00G7_U9KsttIIb_JLqGEVkiRBUVjl_GqMb9xhrcxhNKnpsyHmGM3B3dVM8...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=TTaPOJLQS76OnC6opGK3yQ&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=TTaPOJLQS76OnC6opGK3yQ&gdpr=1&gdpr_consent=
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=TTaPOJLQS76OnC6opGK3yQ&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 678B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwymlgs1kwJWieypK_rKTQ&google_cver=1&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn...
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=91618c24-fd43-4ed4-89b4-faa0e324f4af
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=91618c24-fd43-4ed4-89b4-faa0e324f4af
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=bad259c7-c3fa-4f53-96e9-d5e35a73fd68&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn2kQ7jdRT&google_hm=kWGMJP1DTtSJtPqg4yT0rw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn2kQ7jdRT&google_hm=kWGMJP1DTtSJtPqg4yT0rw==
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK18ENRzBPAPA2dVgAEBgqQooExfVCholCbcpo7g0iAP3_fZU327q01yAJOGV6mOBP-M9ag-Ji02F6OkpsjEOmn2kQ7jdRT&google_hm=kWGMJP1DTtSJtPqg4yT0rw==
Date
Thu, 27 Jan 2022 19:52:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 678B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdhA1EJv_nUVaOVn1PYxO8&google_cver=1&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEdhA1EJv_nUVaOVn1PYxO8&google_cver=1&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxODE3MTk1NDMyNTQ0MTY4Ng&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxODE3MTk1NDMyNTQ0MTY4Ng&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye0P40wclLWucc19QwgP_3
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxODE3MTk1NDMyNTQ0MTY4Ng&google_push=AYg5qPLdx7VFQt0Rh8XDwj_QntUiqmIXKDdY1LNsNPquG7QmUy2CCPeFyp6lfxYSz5ztKIEljN6PiNye0P40wclLWucc19QwgP_3
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 678B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECBFsjaazJXHiqVrvYmIbh8&google_cver=1&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzSc...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKTVYtMTgtQU41Wg==&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzScN5TASuxqFcJksdx5oIb8iBYs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKTVYtMTgtQU41Wg==&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzScN5TASuxqFcJksdx5oIb8iBYs
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKTVYtMTgtQU41Wg==&google_push=AYg5qPKFw6n3Y97Ivgclh2hcxViLtMZBUoPxvHvFEb9B2yZqQDzThkovbeYc9QBk9I0hzk7LzScN5TASuxqFcJksdx5oIb8iBYs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 678B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfVUc-WBLhrwC7B6-NGu0jDfARak_i14Ub5tiL4g5xyvvgpdEflElmMADjEM_0Smwp8qFO
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900028.redintelligence.net/ Frame 7CC9 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=98604300273699700710584011852028&a=bfc0665f&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=98604300273699700710584011852028&a=5961d7d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7CC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 09:34:40 GMT
x-content-type-options
nosniff
age
469051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 09:34:40 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7CC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:53:06 GMT
x-content-type-options
nosniff
age
349145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 23 Jan 2023 18:53:06 GMT
viewability
hal900012.redintelligence.net/ Frame 67B2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=78199000213407000710580011852012&a=330a062e&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=78199000213407000710580011852012&a=e00838e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame 15B0 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:52:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:52:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 15B0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06db0843f2751dd0f37d17b6591ef653579c55479f9960e52504417ccf0c2c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16532
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 15B0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2c008ee9f312abf45f4b2d0b73e37cd75cb35fb5a04b70f73bc2cb15f9508e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 15B0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
612d2d776acca8497d2399e34c897f75cc5dd564b50e945bfaba7dea7835a93b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 97A2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485222edf9290-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 97A2 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485222ee19290-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 97A2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d448522bda09193-FRA
pvClk.min.js
analytics.webgains.io/ Frame 4CD3 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=78199000213407000710580011852012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-68.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59525
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
3yJk4Ao_VdG8ggDANkXtYBngB9yuWhPAO8p-EqGls2ox-alLr3LuLQ==
link.html
track.webgains.com/ Frame 4CD3 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=39729900248194900710592011852030&wglinkid=498343
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 704C 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9d9a742fbfb92e5cb9d4d5a806b9826c0384534c510bd2384c9d60a67a1c16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31993
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:52:11 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 1158 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485225f299290-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 1158 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485225f2b9290-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 1158 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d448522bda29193-FRA
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame B364 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485226f409290-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame B364 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485226f439290-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame B364 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d448522bda59193-FRA
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 9116 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485226f589290-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 9116 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36587
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4485226f5b9290-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 9116 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d448522bda79193-FRA
pvClk.min.js
analytics.webgains.io/ Frame A468 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=98604300273699700710584011852028&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-68.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59525
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
U91vx4Na7J2Uooe6dyvZXJ8slMBGUbfi1RIcVmjky52crkzKPFJqMQ==
link.html
track.webgains.com/ Frame A468 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=98975100282753800710584011852027&wglinkid=2513145
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
viewability
hal90001.redintelligence.net/ Frame CC5E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/viewability?s=61279900244895500710584011852001&a=54397f2c&vb=m
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/request_content.php?s=61279900244895500710584011852001&a=0e7348b8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame CC5E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90001.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 09:34:40 GMT
x-content-type-options
nosniff
age
469051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 09:34:40 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame CC5E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90001.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:53:06 GMT
x-content-type-options
nosniff
age
349145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 23 Jan 2023 18:53:06 GMT
pvClk.min.js
analytics.webgains.io/ Frame 5F0E 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61279900244895500710584011852001&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-68.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59525
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
Luuz4_hc7YBno8q33CpJe9dK1k6LgVu88avwKZ-jxLqH5uTIAOK9hA==
link.html
track.webgains.com/ Frame 5F0E 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=64173300260635900718680011852029&wglinkid=498343
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:11 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf9u_6_fyYer0BO7O7_UPmsqOyAwAAAAAOAHgBAI&bg=!WVqlWh7NAAY6OBv_Ojg7ACkAdvg8WlZ73U2dAsWMPxFos46ziRfygevj7ZK5K2dppw8yPurTtbf4PAIAAAG0UgAAAARoAQeZA0E6iB8jVJyOl3hKFJcWyn9ZxGRXGHNyFHkFH4QIWGrnjK5ZeDQhT0TnsNj2shBcKOUT-MrXGuSqNE4FM0OgtSNBKPHQba-tB0g8k5o8-FiarWzX0e4-oB4Uv3IyUlwVypNs3GytIpqaDAnFG-x6lkrj77qI7alflS5PQP7arkbglbvu0H7i5baew4B_M2i-kkPbTuzyIn7tbuzi3g0OlUJ14L3Ce1l4lVGwYyeuNkKnknX-idsH3AIPCy59uZSxedWFhCjwip6NRvgGvHhr2acqSxVeUEtLbHkgayw0U0PEArmg3TcbxvK4PpwAW-po42dconSbPyJdkaQPqmMZXwLcEe19arZteiwkq4teLvy1zML4DfC0UVq2XvRUErBu0gmdSnSllXtWA2Jigfyxn_n1bcLyOodYJ-suTrfb06YtJ0_ynJ_eqIrBy_WvM7Lm_loir2peHiKKd8EmxQeSawjxf-J0Xl5uthVu7LQ-w1b8WUcYtxMTty192BCai9BQOOY2fW1ua27Q_6nhlZC3-n8Cylqcx2t2QcG3HkeYS7p32ZLMvSsmkML9-6xrA0KCMyl3lZ1FaTIbYjU2m73ZwTuRKDzZJPJqKBLfWq7xGaMqQhulT_P5GheM4zKSm65P__QX8XSs4VE0kPXAh-lydTH6L1p-mYZzh4nWV-CAmOdW-6yie-cbJoPeea2KI3rTzGPMnaIVbpMaCUsywgletN4TZpyo8OZqyBSYfYBQwc2oeeq1OZqqfDasmM5Eq4_v3cQLaGnsJXsIe5t9NlQL0iBvKIDdzEEgeIImziaM2rx6p74HoZvVVj5UsTfJzfi2k4QWH6u025voCay4ZTn8g_njj95Sqthp4Wp6p2wv5bvDUgaUYlJp3je-HW2OK3jFY_JfmJWaCzqQtMb4lWdCyONW_M13zcLHV2K15WiTyXEWUhwovpdpL-Q3o3o5Tswi_6bgLSnq8FNg0Ei15JRa4gmi5Vxy718BVI4My0IQEB16PwSfKUni9MJNOVPxrCKEH_DpRikxJWtOYghmhtxn5h9lRr_Gn_BzJerqjUy9qlyaMQHuFiVgm2wrivu4U2il246DbjapH8eYtBT36ADO5vlUzQ
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264
adservice.google.com/ddm/fls/z/ Frame 7A50 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMW13bva0vUCFSxDHQkdcm0N8Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2464318210187.264?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:52:12 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555
adservice.google.com/ddm/fls/z/ Frame A66F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP223bva0vUCFY_CGwodw28Arg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3665622912568.8555?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:52:12 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474
adservice.google.com/ddm/fls/z/ Frame A421 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI3637va0vUCFcqXhQod-iYKrg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1125077886764.3474?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:52:12 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135
adservice.google.com/ddm/fls/z/ Frame 4C3E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPW43bva0vUCFW5FHQkdijoLMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2997728860910.8135?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:52:12 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame 6790 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 6790 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECT7_TQ4oDlsxRs6KkdiMJw&google_cver=1&google_push=AYg5qPLVdvNsEJbMZCJGKtOq13_9afDmavS2rz0HT8PMuNyrSaFId5lHJVtziCNWv4IJGQRPAedSctjLbJbd0CYkHXB0lggnoB6E
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
dot.gif
s0.2mdn.net/ Frame 6790 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEOUMfr1ze5bGg27h5VlU5Ec&google_cver=1&google_push=AYg5qPK9B9HlhhFjTHvowbFY1n9CPLr98dzHkZaeGNUchC4zJjW4EssphDN5qCRZSZXi0sxfveXW2FUnQTpEg_9JXjSQAl0meu4
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:52:12 GMT
pixel
cm.g.doubleclick.net/ Frame 6790
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=orIpDmczQXaULKXcHUiAVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=orIpDmczQXaULKXcHUiAVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLRVWRIiOzHkcpZd2UnTwJmKeiB-uXBgliv7gkdq3RmGuYAae00zVivMPl9hg4-E8SoE9YMF5ROczm78fsnvrDWC9PHt8
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=orIpDmczQXaULKXcHUiAVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLRVWRIiOzHkcpZd2UnTwJmKeiB-uXBgliv7gkdq3RmGuYAae00zVivMPl9hg4-E8SoE9YMF5ROczm78fsnvrDWC9PHt8
date
Thu, 27 Jan 2022 19:52:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6790
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB3qo95BGotASs0InLf5Frs&google_cver=1&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIXFn3ujovSJU&google_hm=533846887b810a15a9d7e681
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIXFn3ujovSJU&google_hm=533846887b810a15a9d7e681
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:52:12 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6HqtY1H9RFPODbd5rbISpVvOpacWZyWB7DAWa-rnhQzQcm_oT9X8PU3wB-XGGrjalATtJpPjQlrMgBilIXFn3ujovSJU&google_hm=533846887b810a15a9d7e681
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 6790
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_2lnEuuCmIxtZqcrW-ICo&google_cver=1&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSx...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSxSmvI1UT1wNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSxSmvI1UT1wNw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJSo0ZdoyNSLSByW-WmPwBhkx7Dfn1yOjOYQ3LTFdLbfzJOoxI-SVN1ea4i0K_-naaXLphZowDmiati0hSxSmvI1UT1wNw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
K9-AG_oZpTeA06fi3h11FBxn7gTXrcWl6e1WAYDEdUD9iDlUl6hAPw==
dot.gif
s0.2mdn.net/ Frame 6790 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEIa31sscIRZnN_MIIU5c2t8&google_cver=1&google_push=AYg5qPLAi-2oj05SQ6vNlsEPWcxWzuhvi1bz56nYC6PGF40GH-NXwWSI0eSGg-QF0CySEUwijZggHpJsk8iR-fzEN_JJRSfE_eXfUg
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:52:12 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6790 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTaztpTx75FD2ysxS-2BLn9VRI2kcygUeyv6NsPTRxw2iwV2rwaGbZvqAfBdx9Il-U4ZVcfQ
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQyZ26_fyYd_nBNyFjuwPqciXyAcAAAAAOAHgBAI&bg=!dHeldzPNAAY6OBv_Ojg7ACkAdvg8Wm_5FogSUYU4YLzEY6n1SIQHtkz5saOUz9dUB-BA5_Es0NA0OQIAAAG0UgAAAANoAQeZAzXNubvwP4sZobPvoFJWfykTH9Z83tV-vVlJj7mfQkTwQAjNjP5NCJ4nujs0OCMKjtGY6dBkftIXlcocI3yIPaAw2wAP3XXuQ7N3ZPxbJ59xeLeFVcMmZBmu3E4grOoH7I0536BQhqYimU-ZoFD2_yYRkEx7DdD_aJ-BXdnsRfdQAPRKYxlFvoEyh_DOcNjSdQQiX0wAxvl5x70zZRkSSjI1j2kdH_UCiVTZ_epk5jlYy-JhhIc5JP8FLUMRLD5i7uFEAecGcb_FPzW5RF5sERBHgO5TjAwSw1zp-VakeAiWmaTjSj4bHs8JT9lfS47TSg-iimBLyC_QkHseFl4gvGuSZ-q5wwnNIF43XpHcZg8IaPwqjfIk54jU6PnTwlgD9lG_yDPPXESaJD8pL9TV104h54QsVgaB_aoLr0ZdZskIKUnACu3SjCdXN6vkQ5xN5KuAaVaZfbaNthbkv7H3YXBFi5h13OSHhelp8gNJQEYoUhuRFSp8u1UBNPuDEH13HLX1VX5C49D9FSQqLYPMy92f3uT8t3jXVLYZ5itb-7uwJI4KobT6MAT6fk0aM4KicqYdHeg76cvTf1nagO-q_A9I1F6gr58cE1XiBPpBGxxdpWXcw7whETXUyQxjYNHclADs288-SxSUISYVv2-JTobjcHc0XKmBdH9YTpJo01EYof4lL6JjuMcfbWrQ-N5T2uzoPFaMVCRLFad_uOQhBRZYfg-veL4Q-xxrgj1yacMdBMLSnaRiK4YhG6YnpENSZOCPQlaAAzwpfCW29XIXp6KS4XtY5fU_6IiFMvHnH1CXvHqQSElmzEo14LxR70Tt4KnDEm545UAhmSXYwMznqETOa6yE1uI4UKR__ncKXcCkx_cHLv5vAsvLKMcZeau-BU2vcJbLsgyCuoiNjwc_ucLKStqdre4_5Sqt7fVdXUjWmReC2Qvn5wkhCNAPIO7Tkr0PGW8H--2dorVUxWGfONrmSqVPqeV6fO7Z6IhWtXpNKIAh0YUPeYO-Nzx8kLHiKVN35hQ0z5cYNgg-xoYDbewtuG_VYMDbourufIzA6IthsnvljsPRL9-OLkVodtM7VSR_TYUlOw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 15B0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=94795200234521200710584011852008&a=bae93d18&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=94795200234521200710584011852008&a=e0465bb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:52:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 15B0 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 09:34:40 GMT
x-content-type-options
nosniff
age
469051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 22 Jan 2023 09:34:40 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 15B0 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:53:06 GMT
x-content-type-options
nosniff
age
349145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 23 Jan 2023 18:53:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6855 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrPcp6_fyYa6dBI6G7gO99Zj4BgAAAAA4AeAEAg&bg=!NDelN3PNAAY6OBv_Ojg7ACkAdvg8WqXywYkkp6sLLXYLQl_dXfzx2pQG6mBjL7p6GEN_GUlWTLtZOwIAAAHyUgAAAAJoAQeZAzSqhTb43VPdUAYL1MU10XvQgI2cVI2_cRiaYtQfCR9sNCC-oPsTgHd-KxXw_lyVqLeRdb0qYv5bRMReYmoFy5HUpDM8tTnrwoWiFtFJDIJWfHGzTgnKSnz3GgeY8da-oBX2M8ylUY8TDN_LgWtdrr_3NkdSEWFEnkuA9TGZvBrfGSuFG2aPcH25jF4WBZ9O5XfZ1bkNtmKoVHZGxU_98fCbSYpmyM9LQmTVY8fNV2yUnaXTHXoEjyuN_gvKRCgKw-55uYVo1wHsQh34R1EHFFX7Gvfhh0UGgoz2ChyPWSDNrHbtZzfQoxzNZsz6XfqIkdGHJxO-Xcy4oiPQfzfwTu4JbjxQGcU428qt4F1CiAXEr8yB-t20zD80jPX33QU3J2Lg4rZPUO1tGUOPS9NeO_rWBbNoL5r4yopHaJT7lL2vQz4Go2ndDqm9Od_a_mLWh71-Nb6skviz8hoCoDYdQxH5Ri9Qi7FLECizuFP3BXvCNrS_861LAk8sj0s1n1H0N9p0vXMrlSpMfWONmjkSA4Ktd7OgZQ0iZVmBJ6fA4I8tKWFj4I-PCFscc2Kh_SGcPTIHVLdihwLfJG_jcV6-FygMXbTcHWlKCRI3hcrBwcFFd_Qe3Ls6Haq1Y9gt8WiUlkDAL9AqpU-kNErJLXp4eK4CWu2fEQ5s6Bbdh2lqZXWvoHpAvdRvUfdOU4DWBsYvctMGvKSDGVys7H_Rx9xe_tBZwH2Oqv4e1OCi9WQBt3bTFoiP9-J3iXmDDXQ0VaK8dY-rpLAIc2zCOxqzEol5Onn-PDvp-ImI5HfHDvzptK9cpsk2qOsUKHAi9hrMcdbdTsamvNI4o8Qpl2njO1FUPoamMxtn7QYBSNUlb5LLKSMezQMt24AGoaxgReiprfi76Se4eRz3mXLSph1bu0BJvS4TYx3vmJ6eVjvdhW-1efuUNqWIS2Shcs6a0jlkJuoI5moBIudR_0VcV5uA2MYJZ4tyO6i8N5EcqiB2oZ5pF3blMxyLhzvoKP9NXG_KUdZULXmO8QM6tfpTv1YwjKsRVAKUMj-Kk8XLo7wDcNI8hRiJDljO12IFMT4Yvy_w2UVHVsP_94Ho
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 273B 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94795200234521200710584011852008&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-68.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59525
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
lRPpBucj2EWZC-B_U26sEwgfN3dlHVEYS3ya4kV4fkDRL3EGTa7gmA==
link.html
track.webgains.com/ Frame 273B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=78797000270568500710612011852018&wglinkid=2513135
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:12 GMT
Last-Modified
Thu, 27 Jan 2022 19:52:12 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 956D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdehf6_fyYfDABM2bgQftiq6oDAAAAAA4AeAEAg&bg=!3t2l3ZnNAAY6OBv_Ojg7ACkAdvg8WgX1IheQrmzs15XV7hFELZDWfMnvE7A5uZp9MhQBwKExsTltrgIAAAH4UgAAAAVoAQeZAze9ljDhyppbyeCapclGFOanBBr9a6TuEg4sseE-fMaDhC0a8Iy0z9r0D2UPymaFkKuPfAesGz0ZlcL0qQI5pozhwkc4SPj-my2WahL3HGTRPFEQQ8q3f15K-nZcqGNgUiC-3N8MyW78WjRwTTYlu4eAOr4YtEYhx4ozEgv503L7Nic7Z2ZAuji6_3mmgrEzDzTXBr51QDHIawliQ2Z0LpT6hBBr2nLeeglO2PWPcmEHP7-fmw2Kdt1nu7u97HO6TrXZ-Jdi5t2EakMqVJJWBhD7hAI2doDI4dSapwurhtyXL5BtQBWQ3AZnriqDFmrsaIS-bwllbLULEXIGrH4m44hEbZhOCAGgoXaob_XRHJBjLtemL9hWX0aYfysvvKKiUIn-Njdl-t9zdjhUQvNz7mDEZonAPm0P2iq-qWxOioWei5bCNpavTfF6Pyfp5VWlAHdtm5L2hTdFet-tqRSVS1ou8SMgoqiOXsBoURORTiqXwS_juqDfvWpzJ9QjnNW8Niu-bXBUphb5OQIqDIGDHzyHyQ6HRNG_eJ3P0OFf6ZrgiBU7y3zh0Pm4wsnJoGMrzmn-2JPj7MjUDkXIcTrnHZQFZ5BbkWwxEV9Enzgdk_tIXK5mMdGKDbiFqVt7oSY89QVlRyzxp0-bjZFHka_ppOwlc1RCjbJACSprQ2fDtnizYgKqf4F9FpEdgD3BpQ0SaFc0Cd7omvrZZe_2REPz322LCdmFAxIrJaBOrvmqahyL-IVX1eZ-ZgHZd7v4M0IiFkAAsoFuamXvfWNXwSIrWIIfd8Ee0ElFQfhYDaDtmciUlwq7q_YXDE91sFgdQZ_puVAb1LBntFgZZPKLl9fQbflmQSC0tX35mBJUJcnqUegDeT2ec50_qkthspmqPb40chFPWyRGdfzc3ZILXAROMU_nzRkEwDUDg-LcP66en84P-CdvVjnwnaTuFuYzV_MlLOfmWwo5FbaGK-gjhgJR9KVsDsvixpWKdkGjfF2qH94E3S8sQrBFM6XSNIsJtP5oDNIIMkDJYPN4NPSCEdbk2sPus-7xCQ9UZZ_vQR8Bq3J8PKfU8WxoqYMRLt6Bi6jicwisjmrXTW2A
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkhwZ0ZNUUgxTmRhT3c1&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkhwZ0ZNUUgxTmRhT3c1&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qfdz1urStNiIi8fQbwIYY4EC7hnJ99GdoJ_ZlIVa2dQFM1cfuJiGSgb6w
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:52:12 GMT
Server
PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-0f837f04e16e4c63a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkhwZ0ZNUUgxTmRhT3c1&google_gid=CAESEGf_RzBSQfWncx6JFh1Zfdo&google_cver=1&google_push=AYg5qPJUQOBGM1VtQZBrpdumx-dN8UihNRqbTKr5LPiF7qfdz1urStNiIi8fQbwIYY4EC7hnJ99GdoJ_ZlIVa2dQFM1cfuJiGSgb6w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 7060 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEOUMfr1ze5bGg27h5VlU5Ec&google_cver=1&google_push=AYg5qPLPK_A-jocE20KCas9TxYvcV1IDO62z197CkmF4UgHl40zwNNhmF4PEpyFaoAaVt6ioN6dYiaRxzpm5blnHGduFY-i-9q48xg
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:52:12 GMT
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECBFsjaazJXHiqVrvYmIbh8&google_cver=1&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKUVotUi1IWVY4&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIKgKe4_bzkbEA57gjDmsLdmnL6Rbg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKUVotUi1IWVY4&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIKgKe4_bzkbEA57gjDmsLdmnL6Rbg
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTdKUVotUi1IWVY4&google_push=AYg5qPLwY6m5jvNgZbtl2A5jjCcHY3gMqEHmpXVO6B3LkvsFmArM9GWRn7ekb9C8D75xGHy6DIKgKe4_bzkbEA57gjDmsLdmnL6Rbg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6...
0
0
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_2lnEuuCmIxtZqcrW-ICo&google_cver=1&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3IR8XkLaDABX5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3IR8XkLaDABX5
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:52:11 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJZ6HTmnDDrlgjed44f-tk83JkpK4dhFbAWCFJFfKny83JkQKc3EsIr9Gi2CLt5f7vnrX-iXdXWyiZ4eMo3IR8XkLaDABX5
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DOX7EhHrbYYIt-86Etq25xp9Nd0aamsj5cNAx0jNvdimlrYRVpkgsQ==
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHwM6aGxWE2gZUNIrBkCY2I&google_cver=1&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-m...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1...
0
0
pixel
cm.g.doubleclick.net/ Frame 7060
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED8sJ3TlOEz3OpzMzfXqmJA&google_cver=1&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY2OTYyNTM3NzI3NTEyNDUwNDcyOQ%3D%3D&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNET...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY2OTYyNTM3NzI3NTEyNDUwNDcyOQ%3D%3D&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:52:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY2OTYyNTM3NzI3NTEyNDUwNDcyOQ%3D%3D&google_push=AYg5qPLRCBwLgxzEUIkiobf7d70KwzsiZAV7LvdIFnSbHxedZUbVzNETbfjdwFR-0O9_JjKV3UskbzlOvxUe8MterDxUPh-6B7cDZw
date
Thu, 27 Jan 2022 19:52:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 7060 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyZK7X5W6iv2FMggOxZh-MwPznSouKxrvJiJXr1Gf1eoROPZlhYl5B5EDL2CMN1y496FLn
Requested by
Host: 401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
URL: https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
eum.min.js
eum.instana.io/ Frame B364 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215829
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4485235f099048-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame B364 		15 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID&ref=https%3A%2F%2F401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44852318eb9290-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 9116 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215829
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4485235f0c9048-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 9116 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID&ref=https%3A%2F%2F401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44852328f19290-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 97A2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215829
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4485235f0d9048-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 97A2 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID&ref=https%3A%2F%2F401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44852328f39290-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 1158 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215829
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4485235f0e9048-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 1158 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID&ref=https%3A%2F%2F401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d448523390d9290-FRA
content-length
15
rum
singles.parship.de/cdn-cgi/ Frame 1158 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
732ef9ced8a55f56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
X-INSTANA-S
732ef9ced8a55f56
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=732ef9ced8a55f56
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d44852389a99290-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame B364 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
c500c45eec433e1e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
X-INSTANA-S
c500c45eec433e1e
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=c500c45eec433e1e
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d44852399bd9290-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 9116 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
584c20f0cef04c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
X-INSTANA-S
584c20f0cef04c
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=584c20f0cef04c
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448523a9cd9290-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 97A2 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
773e25519b9bbb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
X-INSTANA-S
773e25519b9bbb9
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=773e25519b9bbb9
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448523b9f99290-FRA
vary
Origin
tracking-event
api.webgains.io/ Frame 4CD3 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame A468 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 5F0E 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 273B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:52:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:52:12 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
eum-eu-west-1.instana.io/ Frame 1158 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2660a4-7faa-11ec-bbfa-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:52:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame B364 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e261e3c-7faa-11ec-b33f-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:52:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 9116 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:52:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 97A2 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e2b5a1e-7faa-11ec-aedc-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:52:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGX1CV4LSe6fKYyW0OrwSZo&google_cver=1&google_push=AYg5qPJ7NZs_M5Aqwk8L9MycBXuw-kiF8ZJ_FgOOLGgFDGxJxQJI6S2CYdgVdmmIDOZ37u5hfyj6v1WdKH6i6eJUsUK1EuPFDig
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| __APP_CONFIG__ object| capture object| __posthaus_DATA__ object| webpackJsonp string| GoogleAnalyticsObject function| ga object| dataLayer function| OneSignal object| scCGSHMRCache number| __mobxInstanceCount object| __core-js_shared__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 object| google_tag_manager function| postscribe object| google_tag_manager_external function| getElementByTypeAndInnerText string| masterUrlGoogleAds object| theHead object| theHeadScripts boolean| findSomeScriptLikeTheMasterScript object| scriptSecurePubAds object| googletag object| adsComponents function| refreshAllSlots function| getElementByXpath function| fbq function| _fbq string| PMTagObject function| pm object| e object| uetq function| twq string| bannerMobile function| insertAPPElement string| TiktokAnalyticsObject object| ttq object| twttr function| UET function| UET_init function| UET_push object| ueto_9848d7f716 object| ADMITAD function| md5 object| ad_product function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| google_js_reporting_queue object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| clarity object| hackernet function| setFullAds function| bannerHeader function| bannerTextoPublicidade function| bannerHorizontal function| bannerQuadrado undefined| google_measure_js_timing object| criteo_q string| mobileDec string| mailCliente function| detectCriteoMobile object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

98 Cookies

Domain/Path Name / Value
.ecosweb.dev.br/ Name: _gid
Value: GA1.3.1473930027.1643313129
.ecosweb.dev.br/ Name: _gcl_au
Value: 1.1.1377429546.1643313129
.bing.com/ Name: MUID
Value: 1C6D544FF8736F4037984576F9A16EC4
.ecosweb.dev.br/ Name: _fbp
Value: fb.2.1643313129090.1570381205
.ecosweb.dev.br/ Name: _uetsid
Value: 9ca699b07faa11eca0b51ddbcdbea847
.ecosweb.dev.br/ Name: _uetvid
Value: 9ca6c4d07faa11eca2e591167eacacfa
.twitter.com/ Name: personalization_id
Value: "v1_jvPH6CyfU1lwsiYuh/TTdw=="
.t.co/ Name: muc_ads
Value: 14810678-9987-4a14-b5ed-e6461f574f9c
.ecosweb.dev.br/ Name: _ga_RF7L3756SK
Value: GS1.1.1643313128.1.0.1643313128.0
.ecosweb.dev.br/ Name: _ga
Value: GA1.1.1083570406.1643313129
.ecosweb.dev.br/ Name: _ga_PL4DYBH48C
Value: GS1.1.1643313128.1.0.1643313128.0
.creativecdn.com/ Name: u
Value: 0ipbtAG7xrEEuRxu813o
.creativecdn.com/ Name: ts
Value: 1643313129
.ecosweb.dev.br/ Name: _gat
Value: 1
.c.bing.com/ Name: SRM_B
Value: 1C6D544FF8736F4037984576F9A16EC4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1C6D544FF8736F4037984576F9A16EC4
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUk4pZ8cO_dpmwFcYRDLCpXuVAbybGZnurW-z7SS_OBeKctk1hW8tIOQ6oGG
.criteo.com/ Name: uid
Value: 7c10792d-4b4e-4bce-b492-07d31ffdac0a
.ecosweb.dev.br/ Name: _clck
Value: 1wyfhgb|1|eyh|0
.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ Name: _pm_id
Value: 073141643313129805
.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ Name: _pm_sid
Value: 784601643313129806
.ecosweb.dev.br/ Name: cto_bundle
Value: 44jEfF9FVktzJTJGMTVnWWp5R2MyQjQ0bFRMbEd5V0R2TDMlMkZIMTlON3JtQ01TWDclMkZUQXBwS0RJQTFyTjRCdGhmdU5EbUlCdHg2aXhKdUE1Z2FwckRmT1hEakxXJTJCcVg2bzVFdThlSE1sOE13MjUlMkZqQVh3ZVVIdDY3UnJtc0RJak94c2RqRU5nWjdja2xFYTQ4aFBwQUxwOFNRVHlRJTNEJTNE
.ecosweb.dev.br/ Name: _clsk
Value: 1ux91hn|1643313130088|1|1|j.clarity.ms/collect
.advertising.com/ Name: APID
Value: UP9d5f2949-7faa-11ec-90d0-021f64d2a608
.yahoo.com/ Name: A3
Value: d=AQABBOr38mECEIROld9r3SUVDGrHHlua1MIFEgEBAQFJ9GH8YQAAAAAA_eMAAA&S=AQAAAgXuVTMA-973ewqxB6y3XM8
.analytics.yahoo.com/ Name: IDSYNC
Value: 1761~22wj
.yahoo.com/ Name: APID
Value: UP9d5f2949-7faa-11ec-90d0-021f64d2a608
.yahoo.com/ Name: APIDTS
Value: 1643313130
.taboola.com/ Name: t_gid
Value: 7effc925-cb5b-4525-b9bd-c08035306b40-tuct8ec7d6a
.bidswitch.net/ Name: tuuid
Value: 91618c24-fd43-4ed4-89b4-faa0e324f4af
.bidswitch.net/ Name: c
Value: 1643313130
.bidswitch.net/ Name: tuuid_lu
Value: 1643313130
.360yield.com/ Name: tuuid
Value: 1c1ee960-19fd-4bb2-a151-840fd1df6dcd
.360yield.com/ Name: tuuid_lu
Value: 1643313130
.media.net/ Name: visitor-id
Value: 2863147308397446000V10
.media.net/ Name: data-c-ts
Value: 1643313130
.media.net/ Name: data-c
Value: k-EqAInpGBicMAAX_Jla5EckvB7_vL0KL5buPH8A~~3
.adnxs.com/ Name: uuid2
Value: 7166594213244006150
.360yield.com/ Name: um
Value: !38,CL3yDi8Q.wd5Vpr0.S1hgNcGfRyoUxqufDbvrn2Rn4NV-OR.APFQJvfdY-23vAlY3ghCC6VU,1651089130
.360yield.com/ Name: umeh
Value: !38,0,1705521130,-1
.casalemedia.com/ Name: CMID
Value: YfL36ln4NIEuI77HGstC.wAA
.casalemedia.com/ Name: CMPS
Value: 3271
.tapad.com/ Name: TapAd_TS
Value: 1643313130427
.tapad.com/ Name: TapAd_DID
Value: 9b8154bf-4228-43ef-a59d-17b439af3bb3
.demdex.net/ Name: demdex
Value: 73791827681438108550470242735042422909
.casalemedia.com/ Name: CMPRO
Value: 1220
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.dpm.demdex.net/ Name: dpm
Value: 73791827681438108550470242735042422909
.mediawallahscript.com/ Name: mCookie
Value: 9d7ee630-7faa-11ec-b6f7-c1a0339564fd
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.addthis.com/ Name: ouid
Value: 61f2f7ea0001df5722c096fd48c62bb9b45daf9624d01737abc2
.addthis.com/ Name: uid
Value: 61f2f7ea079fcf7c
.addthis.com/ Name: na_id
Value: 2022012719521049000282831547
.outbrain.com/ Name: obuid
Value: 78bbe9fd-ca00-4f0a-b931-a1707abcc939
.outbrain.com/ Name: criteo
Value: k-VIa7LpGBicMAAX_Jla5EckvB7_vf1Z-CwPdeOg
.tpmn.co.kr/ Name: uuid
Value: 92ee0a23941b46c2b2e90ccf37e4fd16
.tpmn.co.kr/ Name: criteo
Value: k-e8R4fpGBicMAAX_Jla5EckvB7_tRlYEfNUnd7g
.rlcdn.com/ Name: rlas3
Value: y509lCpgsc+q4BwOw5sydFJ1DfXRZFpnjReQyo3I998=
.rlcdn.com/ Name: pxrc
Value: CAA=
.turn.com/ Name: uid
Value: 3056754456700657024
.ecosweb.dev.br/ Name: __gads
Value: ID=70685d27ffa85e1f:T=1643313130:S=ALNI_MYaJEat4fsts2ueP_zFXcG0KmDPDw
.adnxs.com/ Name: anj
Value: dTM7k!M4/QD>6NRF']wIg2E?bwv0#O!]tcs8i_it:z!9CUYaI%c5L[T:yN=RF!WZ<Drry5><7d)Ii!p:L%ngXb=FOrILb!O?sFhJuW`tE/X-Zn6+55$[L*Uq74^]16nCY2<(['*VYvtea1k-1@u70#LkTVMP<^TmPlZ[C[-kX-Hpa^%
.casalemedia.com/ Name: CMRUM3
Value: 2d61f2f7eb2760CAESEEU8kGq258uxRfcHokPIFh0&1461f2f7ea2760k-oJk2DZGBicMAAX_Jla5EckvB7_vRznO8KprOOg
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: fee6ae1aaeca4edd
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1643917931%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%229e2661bc-7faa-11ec-bbfa-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bi%3A1643399531%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj9e267aa8-7faa-11ec-bbfa-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1706385131%3B%7D
.awin1.com/ Name: awpv11524
Value: 296283|1643313131|9e31e283-7faa-11ec-a3bd-223656459fca
.awin1.com/ Name: awpv22610
Value: 296283|1643313131|9e3230a0-7faa-11ec-983c-2238a966fab2
.awin1.com/ Name: AWSESS
Value: 408799:2874697
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%229e266162-7faa-11ec-bbfa-00155d53a129%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221643313131%25%255503284%25%259e334b2a-7faa-11ec-a3dc-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1658865131%3B%7D
.singles.parship.de/ Name: __cf_bm
Value: RVXTq3LiPfKSZ5eu4boazmYyOcmdGBMSXi9iYgx4sIw-1643313131-0-AUOKf07FcA0BBNJfpWtgFWPt3GGbcR2rDVi0KVD7imJu9CswmEopF8P1P96mCOfUo4CW2bSD4RFToyLJTULMMQg=
.quantserve.com/ Name: d
Value: EBsBCQGmJYEA
.quantserve.com/ Name: mc
Value: 61f2f7eb-ce8a6-202e8-d4b80
.mathtag.com/ Name: uuid
Value: 0e4961f2-f7eb-4000-b033-7ae0293ae564
.mathtag.com/ Name: mt_mop
Value: 4:1643313131
.adform.net/ Name: C
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22AC442642-307B-4E7D-A985-58ECEA4E51CB%22%7D
.lijit.com/ Name: ljt_reader
Value: 533846887b810a15a9d7e681
.adform.net/ Name: uid
Value: 4418171954325441686
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfL36wABxDMq5QBB
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.3lift.com/ Name: tluid
Value: 3669625377275124504729
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1643313132006,"clickCookie":false}}
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A2B2290E-6733-4176-942C-A5DC1D488055
.tidaltv.com/ Name: tidal_ttid
Value: 4d368f38-92d0-4bbe-8e9c-2ea8a462b7c9
.casalemedia.com/ Name: CMST
Value: YfL36mHy9+wA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA0sDI0sgAA8CYobQkAAAA="
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID_TS%3A1643313132
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313131.5503284.9e334b2a-7faa-11ec-a3dc-00155d53a129ID_TS%3A1643313132
.volvelle.tech/ Name: ouuid
Value: bad259c7-c3fa-4f53-96e9-d5e35a73fd68
.volvelle.tech/ Name: c
Value: 1643313132
.volvelle.tech/ Name: ouuid_lu
Value: 1643313132
.w55c.net/ Name: wfivefivec
Value: 2HpgFMQH1NdaOw5
.w55c.net/ Name: matchgoogle
Value: 5

15 Console Messages

Source Level URL
Text
network error URL: https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=1083570406.1643313129
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPKpOoDepvGfUn4_d9kgmFqhl7RTKU66i6FPEeCNYsYaFsElrVdLfxIw6KriqHD_HowL__v6_axqddi_py2fhwTeCwJ7Nqx3OA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HB7pYBn9S7KhUYQP0d9tzQ&google_push=AYg5qPIdQr_gAM4JmOrLGa-h59j6SNYMKLqkyClX6RwJZys-FB5U4--mOpvfef1bH8BxFFs_KgJ25LkYgIa1QG1WBiUy-mxvQVxM3Q
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL36ln4NIEuI77HGstC-wAABMQAAAAB&google_push=AYg5qPLIomElBpmXN1vlzdRzVZGlL5RTJa1UcM323RDTDDIJ-e8DGGfTdEr8nx4Wn54Gusf-qY3NAY6yKXXlC-6pm6TtpQYQ6RaM2Q&google_gid=CAESEHwclXyUFQFvE17Zes4-iUc&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

401507794730d1d523fcf6c6534dd3b7.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.volvelle.tech
ad.360yield.com
ad.tpmn.co.kr
ad.turn.com
adgen.socdm.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv-srv.office-partner.de
adv.office-partner.de
analytics.tiktok.com
analytics.twitter.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
bat.bing.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.onesignal.com
cdn.pmweb.com.br
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
crb.kargo.com
cw.addthis.com
d.turn.com
dclk-match.dotomi.com
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
df.pmweb.com.br
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hal900012.redintelligence.net
hal900028.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
ipv4.icanhazip.com
j.clarity.ms
match.adsrvr.org
mug.criteo.com
onesignal.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
ph-cdn3.ecosweb.com.br
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
r.casalemedia.com
r.turn.com
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
singles.parship.de
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.cloudflareinsights.com
static.criteo.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.outbrain.com
sync.teads.tv
sync.tidaltv.com
t.co
testing-dbr-ws-site.ecosweb.dev.br
tg.socdm.com
tpc.googlesyndication.com
track.webgains.com
trf.greatviews.de
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
widget.us.criteo.com
www.artfut.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
testing-dbr-ws-site.ecosweb.dev.br
104.18.115.97
104.244.42.131
104.244.42.197
104.90.104.248
104.92.94.3
124.146.215.5
138.201.63.150
138.201.84.245
141.226.228.48
142.250.184.194
142.250.184.226
142.250.186.134
142.250.186.162
143.204.215.68
151.101.130.49
177.101.99.62
178.250.0.157
178.250.2.151
18.197.240.17
18.203.202.174
18.230.146.239
185.184.10.30
185.29.134.248
185.33.221.11
195.181.174.138
198.47.127.19
199.232.136.157
20.85.30.134
2001:678:cb4:bbbb::13
202.241.208.53
212.82.100.181
216.52.2.48
23.57.80.37
2600:9000:223f:6c00:1b:5138:8a40:93a1
2606:4700:20::681a:16d
2606:4700::6810:135e
2606:4700::6810:5f41
2606:4700::6810:cc16
2606:4700::6812:e234
2606:4700::6813:ba79
2620:112:f006:bbbb::12
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:4007:808::2003
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2010
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:24:b002:fa9c:f965:fc74:bbd9
2a0b:4d07:102::1
3.121.106.122
3.126.56.137
3.248.87.88
34.102.166.132
34.236.79.15
34.98.64.218
35.158.233.132
35.190.0.66
35.210.178.101
35.227.248.159
35.244.174.68
35.71.131.137
37.157.6.246
37.252.173.62
46.236.13.147
46.4.10.49
5.1.80.163
52.142.114.2
54.155.208.14
54.207.195.77
54.228.130.197
54.229.240.78
69.173.144.139
70.42.32.31
72.247.225.98
74.119.119.150
76.223.111.18
85.239.105.10
88.99.165.19
94.130.102.164
95.101.184.154
95.101.27.84
00edd30b23719772e09df16d129bc66e5ceb8ab383dbab26fb6e37d286514222
06db0843f2751dd0f37d17b6591ef653579c55479f9960e52504417ccf0c2c5d
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11406d2fe03cea34dcf0b5c178acda7fad399cb1f9b06cea2d55866ab94a20ce
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15ec7956d2e50165f7a50c3e8db4c42458ec3df43dee73b3995c6d4b2fc0df97
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940
214c97788c9b6e6f6b4d871cb34076bc2ddfe68de650e3ecf9978febc89cb7ae
223fa73d63f38f8eba504ff1e2f5aa3389e421dfceea85caa5eac14cfb010a84
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cdbc0521e67a8bbf80d09850ad776f220aaf5bbcaddd153f508f72c938995d0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c
327bec2ec73981fc12954bac138de42bad69d513a432da8f196cf9a40c7deb04
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33f12632b3e13792198585ae1eb64243e3f57be50f997c752dfd8ab6bb65f0c1
34fbd8b6343fa60aa75b2005feb908459df65d2953b87efb6961a801bc972010
36dc1f6e4f5bf379a210cfc4359c0b53a18c8d5867eda07555ca4614a687c83b
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
392d0d29d1ccfbccda24a87348117da8580280ae39c2906566eeb5b60b208778
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7
3a9b818b083d4934815a51037deb08832ce1f31764a5cc97c4798410f333c933
3c7188156e3220b6c96061728d90cb3fd8e8b7a91f16d647c835fcd03efac081
3ccbfd7548101a76b9f14504dfa658ce0f4e0dca96cc08652d682ad347c5c8a0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
3faa4a6b6c969b894a28259f0df358fab7c950c7e29855c5146c80ccece26f23
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43756d67b9b42d6114e390f5fb95a31b75c8434d9036c67737959796d190c84a
4529cf4d8f6201bc8e545fd0a15de66d776ed1b29c4164daafa9e9db03b5ad02
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da86342e08a065e6135eb06015c91f5dc9492d9701253a342046e3a20b6639d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
528f2cccbcb715d8b978b30e42e26aa8d819781ecbfa8ad4f8b469c792d57fe6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55efcb908acabb913227d573bc6c4ff836076d4b1f5b3eae6a4b8cbad4aa4db6
5cbe3aba3f9dd99c39e0af3e828011120a6b5b77897bc18c3739d8d54eaf4bb6
5dcc48a95dc8d4d5fc5fc5d00808acfa15af5a5b5e48f4d2935ba9ddd2715b45
60de30879c516528f75166406a86264df9a0797112e4b09067128ba9a3b8a20d
612d2d776acca8497d2399e34c897f75cc5dd564b50e945bfaba7dea7835a93b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
67aaf8ee30a1f1a0c3aa8575d4f2e5eb9106c1bc20a288342b2c10424661a2b3
67b1cc5123d82aa346bef868c495b214cde69ea2e57f77af86318fb34ba85419
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2
6a8d18abfc32572712e1abd071ef87c615806c864cc03e3bf63901135bd89522
6d25d30531ca11f0e527217e9bddac631c3c2538ac72dd7bfac7b383425138e9
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a
710c719d5aacdf358b780daad852cdb5bf80e0fb45a60641852df85d3a8c3e60
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
73bbcb5588755006ce54da1b4e3c6ea5ef3ce1df8d32ae2ebd89aa3917fcecaf
75a2e730c275271ed85c91fadd52a7b44db931157414ced60af5355efa2465b6
7608c1f04a80ace55d05fe973a472002630d36bb699150578e87fb3d47225b77
78746cef20b5b4a521b8f1e627490175841da004a8c5ce794b44286fd9fa92b3
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec
7ec9f31293d7cf5e23a5b31cfc5086223cc06e1f683e75c03a2fd7057b1afb3a
8221b1eab03eeb3bb30801ce345d8933f8a11b2ff3c1e84648d627a3fb1fcf1f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e21cd72b0d5aba10024a13614a42e961757d6246c1fb37c8d1879b0f5c43492
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
95629df35774d3990c35fedafe92447187e33c589b70e0f185af1240b2181e21
99b178e9a84d593e7cc5cda40c4bf318b0179ccb0c8e9dd884037419a7756f0d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
9de7f978ba76a35a123755cecec2aa252ff278bd5308a4713e75415f6eae650a
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9f24c3e42d4b7720cf0bdf4576025fd5a26c23f698cbd14acfbef5688ac23e6b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d2c8634e373089a0edf0c4b418e2d454cd8c846ba0746008756bbee96f091d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a829729f5a7966b16e9be4907c2779317f76aaac73e9c47959bd7caca69adcca
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
af0fe85dd378b5775b2e91b482295c830e439cce2abbd294338d0eadb4ab0371
af185904d2ea6e77477c9cd770cdc619ec4320bb60841a06d526db16ae0d278d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b320c0cda67e56c55a728781806fe2640478828f1224bf0cb4988184cab53e24
b7f6d2e2d32b2a1ecba92aa38102f655f4add77248ed2071bcdbcc4f370d9ae3
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa
c2c008ee9f312abf45f4b2d0b73e37cd75cb35fb5a04b70f73bc2cb15f9508e1
c48d72e622223e0931e14bf9cd00e5f94e4c5e8a4df2a456d53678a933eb3139
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c5592d72f0372c2f237a8ecaaa67eda0064b413098e191140d1da1f41d394d58
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d9a742fbfb92e5cb9d4d5a806b9826c0384534c510bd2384c9d60a67a1c16f
ca3b22abc3d707146aed5ae860108e0bbc51d320d86c5f42037c1bb8a8d00e08
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907
cba56950a5098ca95571fb05315cb8b90861b368d713197ed8160be7d688ecd0
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d15833e62a5d1a7d95a1a674c40798de6c176602f7f8843852002c90bddbd2c6
d6c7399c96c48c1eee283662fa055d9b1e3512df7147b213cf58bb70851a9309
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e1ff9105530aec310609925006e362a84fa0b49bd72fbcc1f5fea8c4ce9dae2a
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
e36f59766564342f7451754492210e3667e49f8cdc05a6319f920fbe5147dfec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ebba9c526293a4ec60fd51028dc159f30a3c0c6d537145dc2f44c83e3db0ad2d
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
ee55e93ab60b2be24bafa897690bfa7eeef8b6ed02bc55024485b0f36d7983bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef551a053c454a36b62b52071bf90316989647b1749c0138625890ec43992ad4
f0391456cb58d16fd3f8689acea40795dfbf77f82f06ed221c8c4703d4328dc8
f40a30e16c70c82abefd586548807814ef7da2563721214af5822f3cbfdf7f92
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55
ffc29c6249722385c6d20a999a48d66e4b55e6e465e235f20d54000df3f16b55