www.controle.colunadofla.com Open in urlscan Pro
190.89.238.21 Public Scan

URL: http://facebook.com/colunadofla

URL: http://twitter.com/colunadofla

URL: http://www.instagram.com/colunadofla/

URL: http://www.youtube.com/channel/UCOH0UtunvcOtBYvmHfHK3Nw

URL: https://controle.colunadofla.com/

URL: https://colunadofla.com/ultimas-noticias/
Title: Notícias

URL: https://colunadofla.com/campeonatos
Title: Campeonatos

URL: https://colunadofla.com/proximos-jogos/
Title: Próximos jogos

URL: https://colunadofla.com/loja
Title: Loja do Flamengo

URL: https://colunadofla.com/videos
Title: Vídeos

URL: https://colunadofla.com/forum-do-fla/
Title: Fórum

URL: https://colunadofla.com/2021/10/apos-pressao-de-sindicado-cbf-emite-nota-com-revisao-do-calendario-do-brasileirao-e-copa-do-brasil/
Title: Destaque05/10/2021Após pressão de sindicato, CBF emite nota com revisão do calendário do Brasileirão e Copa do Brasil

URL: https://colunadofla.com/2021/10/membro-do-staff-de-neymar-revela-segredo-da-diretoria-do-flamengo-para-obter-confianca-de-clubes-europeus/
Title: 05/10/2021Membro do staff de Neymar revela segredo da diretoria do Flamengo para obter confiança de clubes europeus

URL: https://colunadofla.com/2021/10/torcedor-critica-preparacao-fisica-do-flamengo-e-recebe-resposta-ironica-de-dirigente/
Title: 05/10/2021Torcedor critica preparação física do Flamengo e recebe resposta irônica de dirigente

URL: https://colunadofla.com/2021/10/desarme-sobrenatural-de-filipe-luis-encanta-torcedores-e-viraliza-na-web-assista-ao-lance/
Title: 05/10/2021Desarme ‘sobrenatural’ de Filipe Luís encanta torcedores e viraliza na web; assista ao lance

URL: https://colunadofla.com/2021/10/staff-de-andreas-ve-impacto-de-chegada-ao-flamengo-superior-ao-do-psg-incrivel/
Title: 05/10/2021Staff de Andreas vê impacto de chegada ao Flamengo superior ao do PSG: “Incrível”

URL: https://colunadofla.com/2021/10/galvao-bueno-revela-desejo-de-ter-narrado-gol-do-flamengo-vai-me-fazer-falta-na-vida/
Title: 05/10/2021Galvão Bueno revela desejo de ter narrado gol do Flamengo: “Vai me fazer falta na vida”

URL: https://colunadofla.com/2021/10/dirigente-comemora-readequacao-orcamentaria-do-flamengo-enche-a-gente-de-orgulho/
Title: 05/10/2021Dirigente comemora readequação orçamentária do Flamengo: “Enche a gente de orgulho”

URL: https://colunadofla.com/2021/10/muito-similar-campeao-olimpico-compara-estilo-de-jogo-de-andreas-pereira-e-idolo-do-flamengo/
Title: Destaque05/10/2021“Muito similar”: campeão olímpico compara estilo de jogo de Andreas Pereira e ídolo do Flamengo

URL: https://colunadofla.com/2021/10/conselho-aprova-readequacao-no-orcamento-e-flamengo-preve-receita-recorde-em-2021/
Title: 04/10/2021Conselho aprova readequação no orçamento e Flamengo prevê receita recorde em 2021

URL: https://colunadofla.com/2021/10/everton-ribeiro-se-declara-ao-flamengo-depois-de-vitoria-sobre-o-athletico/
Title: 04/10/2021Everton Ribeiro se declara ao Flamengo depois de vitória sobre o Athletico

URL: https://colunadofla.com/2021/10/auxiliar-do-athletico-diz-que-nao-esperava-derrota-para-o-flamengo-e-ve-vacilos-perdemos-para-nos-mesmos/
Title: 04/10/2021Auxiliar do Athletico diz que não esperava derrota para o Flamengo e vê vacilos: “Perdemos para nós mesmos”

URL: https://colunadofla.com/2021/10/cbf-altera-data-do-jogo-entre-flamengo-x-juventude/
Title: 04/10/2021CBF altera data do jogo entre Flamengo x Juventude

URL: https://colunadofla.com/2021/10/everton-ribeiro-celebra-gol-contra-o-athletico-e-exalta-torcida-do-fla-quando-a-nacao-esta-aqui-e-tudo-melhor/
Title: 04/10/2021Everton Ribeiro celebra gol contra o Athletico e exalta torcida do Fla: “Quando a Nação está aqui é tudo melhor”

URL: https://colunadofla.com/2021/10/presa-facil-athletico-tinha-cinco-vitorias-seguidas-antes-de-enfrentar-o-flamengo/
Title: 04/10/2021Presa fácil? Athletico tinha cinco vitórias seguidas antes de enfrentar o Flamengo

URL: https://colunadofla.com/2021/10/rafinha-nao-deve-permanecer-no-gremio-para-2022/
Title: 04/10/2021Rafinha não deve permanecer no Grêmio para 2022

URL: https://colunadofla.com/2021/10/gabigol-e-centroavante-com-mais-assistencias-no-brasil-desde-2019/
Title: 04/10/2021Gabigol é centroavante com mais assistências no Brasil desde 2019

URL: https://colunadofla.com/2021/10/flamengo-encaminha-acordo-com-banco-e-projeto-de-internacionalizacao-da-marca-avanca-diz-jornalista/
Title: 04/10/2021Flamengo encaminha acordo com banco e projeto de internacionalização da marca avança, diz jornalista

URL: https://colunadofla.com/2021/10/e-um-sonho-gabigol-comenta-publicacao-do-flamengo-e-demonstra-amor-ao-clube/
Title: 04/10/2021“É um sonho”: Gabigol comenta publicação do Flamengo e demonstra amor ao clube

URL: https://colunadofla.com/2021/10/convocacoes-desfalcam-flamengo-em-quase-metade-dos-jogos-do-brasileirao/
Title: 04/10/2021Convocações desfalcam Flamengo em quase metade dos jogos do Brasileirão

URL: https://colunadofla.com/2021/10/bruno-henrique-e-jogador-mais-eficiente-do-brasileirao-ate-a-23a-rodada/
Title: 04/10/2021Bruno Henrique é jogador mais eficiente do Brasileirão até a 23ª rodada

URL: https://colunadofla.com/2021/10/flamengo-escolhe-atibaia-como-sede-para-treinar-e-facilitar-logistica-entre-jogos-do-brasileirao/
Title: 04/10/2021Flamengo escolhe Atibaia como ‘sede’ para treinar e facilitar logística entre jogos do Brasileirão

URL: https://colunadofla.com/2021/10/flamengo-inicia-preparacao-para-jogo-contra-o-red-bull-bragantino-veja-imagens/
Title: 04/10/2021Flamengo inicia preparação para jogo contra o Red Bull Bragantino; veja imagens

URL: https://colunadofla.com/2021/10/diego-alves-relembra-lance-salvador-de-david-luiz-na-libertadores-e-enaltece-garra-do-zagueiro-veio-para-deixar-suor/
Title: 04/10/2021Diego Alves relembra lance ‘salvador’ de David Luiz na Libertadores e enaltece garra do zagueiro: “Veio para deixar suor”

URL: https://colunadofla.com/2021/10/gabigol-e-everton-ribeiro-se-apresentam-a-selecao-brasileira-jogadores-desfalcam-flamengo-em-tres-jogos/
Title: 04/10/2021Gabigol e Everton Ribeiro se apresentam à Seleção Brasileira; jogadores desfalcam Flamengo em três jogos

URL: https://colunadofla.com/2021/09/flamengo-busca-interessados-para-vender-piris-da-motta-diz-portal/
Title: Contratações30/09/2021Flamengo busca interessados para vender Piris da Motta, diz portal

URL: https://colunadofla.com/2021/09/flamengo-passa-de-dez-jogadores-europeus-contratados-na-gestao-landim-e-mira-david-luiz-para-aumentar-lista/
Title: Contratações02/09/2021Flamengo passa de dez ‘jogadores europeus’ contratados na gestão Landim e mira David Luiz para aumentar lista

URL: https://colunadofla.com/flamengo/contratacoes/
Title: Veja mais notícias

URL: https://colunadofla.com/2021/10/fabiano-de-abreu-trabalho-psicologico-e-fisico-de-jorge-jesus-eram-mais-eficazes-que-do-renato-gaucho/
Title: <img loading=lazy alt src=https://colunadofla.com/wp-content/uploads/2021/09/avatar_user_26946_1630700499-32x32.jpg srcset='https://colunadofla.com/wp-content/uploads/2021/09/avatar_user_26946_1630700499-64x64.jpg 2x' class='avatar avatar-32 photo avatar-flag' height=32 width=32 loading=lazy> Fabiano de AbreuColunas02/10/2021Fabiano de Abreu: “Trabalho psicológico e físico de Jorge Jesus eram mais eficazes que do Renato Gaúcho”

URL: https://colunadofla.com/2021/09/chapas-da-oposicao-estudam-se-unir-para-disputar-presidencia-do-flamengo-contra-landim/
Title: <img loading=lazy alt src='https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g' srcset='https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=64&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g 2x' class='avatar avatar-32 photo avatar-flag' height=32 width=32 loading=lazy> Tulio RodriguesColunas25/09/2021Chapas da oposição estudam se unir para disputar presidência do Flamengo contra Landim

URL: https://colunadofla.com/2021/09/marcus-souza-estamos-a-dois-passos-do-paraiso/
Title: <img loading=lazy alt src='https://secure.gravatar.com/avatar/a9173cc8da063b2a64ee78b7cd191bb8?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g' srcset='https://secure.gravatar.com/avatar/a9173cc8da063b2a64ee78b7cd191bb8?s=64&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g 2x' class='avatar avatar-32 photo avatar-flag' height=32 width=32 loading=lazy> Marcus SouzaColunas25/09/2021Marcus Souza: “Estamos a dois passos do paraíso”

URL: https://colunadofla.com/2021/09/exclusivo-primeira-pesquisa-de-eleicao-para-presidente-do-flamengo-landim-lidera-parcial-com-70/
Title: <img loading=lazy alt src='https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g' srcset='https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=64&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g 2x' class='avatar avatar-32 photo avatar-flag' height=32 width=32 loading=lazy> Tulio RodriguesColunas24/09/2021Exclusivo | Primeira pesquisa de eleição para presidente do Flamengo: Landim lidera parcial com 70%

URL: http://www.facebook.com/ColunaDoFla
Title: 506 Fans 506 Fans

URL: http://twitter.com/ColunadoFla
Title: 583k Seguidores 583k Seguidores

URL: http://instagram.com/colunadofla
Title: 482k Seguidores 482k Seguidores

URL: http://youtube.com/channel/UCOH0UtunvcOtBYvmHfHK3Nw
Title: 627k Inscritos 627k Inscritos

URL: https://colunadofla.com/2021/10/tv-detentora-do-brasileirao-anuncia-que-nao-transmite-mais-o-torneio-a-partir-de-2022/
Title: TV detentora do Brasileirão anuncia que não transmite mais o torneio a partir de 2022

URL: https://colunadofla.com/flamengo/destaque/
Title: Destaque

URL: https://colunadofla.com/flamengo/noticias/
Title: Notícias

URL: https://colunadofla.com/2021/10/os-bastidores-confira-detalhes-do-que-renato-gaucho-falou-para-jogadores-apos-semifinal-da-libertadores/
Title: Os bastidores: confira detalhes do que Renato Gaúcho falou para jogadores após semifinal da Libertadores

URL: https://colunadofla.com/2021/10/clube-alemao-manda-recado-ao-flamengo-apos-classificacao-para-final-da-libertadores/
Title: Clube alemão manda recado ao Flamengo após classificação para final da Libertadores

URL: https://colunadofla.com/2021/10/presidente-do-athletico-pr-elogia-flamengo-e-destaca-e-o-maior-clube-do-brasil/
Title: Presidente do Athletico-PR elogia Flamengo e destaca: “É o maior clube do Brasil”

URL: https://www.youtube.com/channel/UCOH0UtunvcOtBYvmHfHK3Nw?sub_confirmation=1
Title: Assinar

URL: https://www.youtube.com/channel/UCOH0UtunvcOtBYvmHfHK3Nw
Title: Ver mais vídeos

URL: https://colunadofla.com/videos/mengao-octacampeao-brasileiro-ceni-fica-gabigol-vira-serie-novo-manto-nas-lojas-rafinha/
Title: MENGÃO OCTACAMPEÃO BRASILEIRO! | CENI FICA? | GABIGOL VIRA SÉRIE | NOVO MANTO NAS LOJAS | RAFINHA

URL: https://colunadofla.com/videos/sao-paulo-x-flamengo-ao-vivo-do-morumbi-brasileirao-2020-38a-rodada-narracao-rafa-penido/
Title: SÃO PAULO X FLAMENGO – AO VIVO DO MORUMBI – BRASILEIRÃO 2020 38ª RODADA – NARRAÇÃO RAFA PENIDO

URL: https://colunadofla.com/videos/sao-paulo-x-flamengo-brasileirao-2020-38a-rodada-pre-jogo-ao-vivo/
Title: SÃO PAULO X FLAMENGO – BRASILEIRÃO 2020 38ª RODADA – PRÉ-JOGO AO VIVO

URL: https://colunadofla.com/faca-uma-pergunta/
Title: Criar pergunta

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/bastidores/
Title: Bastidores8

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/brasileirao/
Title: Brasileirão12

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/dia-a-dia/
Title: Dia a dia13

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/flamengo/
Title: Flamengo60

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/imprensa/
Title: Imprensa9

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/libertadores/
Title: Libertadores3

URL: https://controle.colunadofla.com/pergunta/categoria-de-pergunta/mercado-rubro-negro/
Title: Mercado rubro-negro11

URL: https://colunadofla.com/pergunta/contratacoes-2020/
Title: Contratações 2020

URL: https://colunadofla.com/pergunta/free-fire/
Title: free-fire

URL: https://colunadofla.com/pergunta/precisamos-de-moderacao-no-site-e-um-sistema-melhor-no-espaco-dos-comentarios-que-nao-funciona-bem/
Title: Precisamos de moderação no site, e um sistema melhor no espaço dos comentarios que não funciona bem!

URL: https://colunadofla.com/pergunta/site-ficou-lixo-depois-da-mudanca/
Title: Site Ficou lixo depois da mudança

URL: https://colunadofla.com/pergunta/site-nao-carrega-o-captcha-no-mozilla/
Title: site-nao-carrega-o-captcha-no-mozilla

URL: https://colunadofla.com/expediente/
Title: Expediente

URL: https://colunadofla.com/contato/
Title: Contato

URL: http://www.hastedesign.com.br/
Title: Desenvolvido por Estúdio Haste

URL: https://colunadofla.com/politica-de-privacidade/
Title: Política de Privacidade

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9=

Request Chain 91

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=dHdTaVlTSmR5ZE0 HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPt3fltzuBUdnWYlD2rQ5qY&google_cver=1

Request Chain 92

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=50oy3BxEj5w

Request Chain 93

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=oNwcWiQatRI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=286a7fbc-5c01-49cb-8222-574c4624ea60

Request Chain 94

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=XbsVQf6aP6A

Request Chain 95

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3313316352157287859

Request Chain 96

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ZXBULTRMMDZJUmc HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPWZkgdrFey6i9rtIxVKsoU&google_cver=1

Request Chain 97

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=eM_1jGc1vR4

Request Chain 98

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=nIgm265F_no&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=407033fe-c285-4db1-8610-db983db2ad11

Request Chain 99

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=_aaX4xJdPa0

Request Chain 100

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3385373946195215795

Request Chain 101

https://sender.clevernt.com/transporter/21831.php?ppuc=1&ppu=0&id=527381&ref=aHR0cHM6Ly93d3cuY29udHJvbGUuY29sdW5hZG9mbGEuY29tLw%3D%3D&ruri=&r=657736939&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.356 HTTP 302
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550

Request Chain 128

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sgQGDd51RPVLfvbtF2QUbah3GcU

Request Chain 129

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5ada25aa-422c-45fe-b816-a37eafa392ba

Request Chain 131

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=nIgm265F_no&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=nIgm265F_no&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308021123590

Request Chain 132

https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAE_ZE7CuBAAABdMG-7c4w

Request Chain 146

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 147

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=623854746.65481341792828349.2769566 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=623854746.65481341792828349.2769566 HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=6b35554d-efe9-5316-9355-cf9af209c79b&ssp=vidoomy&expires=30&user_group=1 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=3cb6e279-e868-4eb2-b8b1-163a5ee21b65

Request Chain 148

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2871146109 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2871146109 HTTP 302
https://sync.1rx.io/usersync/tradedesk/815d072c-f784-42ac-8815-d6fae0a9b515 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003

Request Chain 171

https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g HTTP 302
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Request Chain 173

https://secure.gravatar.com/avatar/a9173cc8da063b2a64ee78b7cd191bb8?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g HTTP 302
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Request Chain 179

https://secure.gravatar.com/avatar/?s=48&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g HTTP 302
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Request Chain 252

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1&google_push=AYg5qPK0soGDO5IkrkeF5XTcX1iO18cyqxzgpObwDQ8sZxSN6bTU17JhyCqE7VaVgTFK9WFG_RqcY5UC2mfz96M_JNMROjof2UFh2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM4NTM3Mzk0NjE5NTIxNTc5NQ== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1

Request Chain 254

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL7OPRyFUK-tqrwGr-B6xTc&google_cver=1&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7Fyw0XC4SG5qp_Abmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTQ5MTEyNDIyNzY2ODEyMQ%3D%3D&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7Fyw0XC4SG5qp_Abmg

Request Chain 255

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK-dW-tdF6G1ymNLPN1pfw&google_cver=1&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9f7iNiV_m HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=05f57a18-71d3-4869-9f02-2e8edca86c2e&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9f7iNiV_m&google_hm=PLbieehoTrK4sRY6XuIbZQ==

Request Chain 256

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE12xiN06QPGUTjr-v4CTAI&google_cver=1&google_push=AYg5qPJcG6XgNgYJx8_7PlcpAmTiMVCOdpe2cNPN2kjlVYU3Ye6fmMy6d9O0_d6p3yKjpKIc9_ZpGKue0qrWK1Oqv-8ZAGr6Zu-y HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE12xiN06QPGUTjr-v4CTAI&google_cver=1&google_push=AYg5qPJcG6XgNgYJx8_7PlcpAmTiMVCOdpe2cNPN2kjlVYU3Ye6fmMy6d9O0_d6p3yKjpKIc9_ZpGKue0qrWK1Oqv-8ZAGr6Zu-y&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcG6XgNgYJx8_7PlcpAmTiMVCOdpe2cNPN2kjlVYU3Ye6fmMy6d9O0_d6p3yKjpKIc9_ZpGKue0qrWK1Oqv-8ZAGr6Zu-y

Request Chain 257

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg&google_hm=5c790f00c3f65abc857488c6

Request Chain 258

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDPqvJZ_xUgoTDS7Jv2YvhU&google_cver=1&google_push=AYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ%26google_hm%3DAxAsT1ILjkNVnb_uhypfb4I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ&google_hm=AxAsT1ILjkNVnb_uhypfb4I

Request Chain 266

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-FibWJpdJ1F3He_MgvKc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-FibWJpdJ1F3He_MgvKc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkyNDg4NzM2OTU0MTQ0MTk4MQ&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-FibWJpdJ1F3He_MgvKc

Request Chain 267

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d&google_hm=b4c40d39cde7287318b09793

Request Chain 268

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILVqs_AeUrb6ZV5_rpgoHo&google_cver=1&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w&google_gid=CAESEILVqs_AeUrb6ZV5_rpgoHo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w

Request Chain 269

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECy5Ru1sburnTR7M5300rOg&google_cver=1&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WAoMtTy5_dZfDJvJyQCd7EZb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WAoMtTy5_dZfDJvJyQCd7EZb&google_hm=MzI1OTQ4ODg1NDg0MDg4NzUyNg%3D%3D

Request Chain 279

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626945708281059440

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 282

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca9615c-0802-4f00-9e7d-f7378455a273

Request Chain 283

https://pixel.onaudience.com/?partner=214&mapped=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a8de634a59b79372e95e469e9f5684cf

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENGQjY5QjQtRUQxQy00MDg2LTg3RDMtNjFDQjlBNEVGMUU5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWa6B7GQPJmsscKLMJEO0U&google_cver=1

Request Chain 287

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:daa7615c-0802-4200-9791-2340bdd35557&gdpr=0&gdpr_consent=

Request Chain 288

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6578588437221448683

Request Chain 289

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=815d072c-f784-42ac-8815-d6fae0a9b515

Request Chain 290

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=863285058235829675&gdpr=0&gdpr_consent=

Request Chain 291

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO

Request Chain 318

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBUqTBSs7LvTCZv9o_OwP50&google_cver=1&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM2gQs2RZYZin_W1evj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM2gQs2RZYZin_W1evj&google_hm=9qf5WwULStiCt8moNK9uEcU

Request Chain 319

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkVEQtSF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkVEQtSF&google_hm=MTg1MzI4MDY5MTg5MTc3NDg1Mg%3D%3D

Request Chain 321

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIvq8rA9KCFIJnsGvwDMbHsk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIvq8rA9KCFIJnsGvwDMbHsk

Request Chain 322

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvWmc8BKavcoSksKT_QE-69A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvWmc8BKavcoSksKT_QE-69A

Request Chain 323

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd9gxY-VhKlvR HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd9gxY-VhKlvR&google_hm=b4c40d39cde7287318b09793

Request Chain 326

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCLUmG1LQszL3x3uhCaKvnb7K6FbsWrZ8zHqki8umOVuZXojlb2aNTEl HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCLUmG1LQszL3x3uhCaKvnb7K6FbsWrZ8zHqki8umOVuZXojlb2aNTEl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdqRTVmNU4xTXhGdjQ1&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCLUmG1LQszL3x3uhCaKvnb7K6FbsWrZ8zHqki8umOVuZXojlb2aNTEl

Request Chain 327

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOjV25Xv3aBz_LZGTGd4Qwo&google_cver=1&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5egtkQx-lNa4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5egtkQx-lNa4

Request Chain 329

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws3oAzR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws3oAzR&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D

Request Chain 330

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE12xiN06QPGUTjr-v4CTAI&google_cver=1&google_push=AYg5qPLzFVRfZ-6IRWLDrA0XgazbEmILBaN8-PxmohpOL_2f-jqz76wXVhM-niYl6sYNAH-k0mmKnyWyrqnFnNM7u7_nG5wVSvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzFVRfZ-6IRWLDrA0XgazbEmILBaN8-PxmohpOL_2f-jqz76wXVhM-niYl6sYNAH-k0mmKnyWyrqnFnNM7u7_nG5wVSvQ

Request Chain 331

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_cver=1&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUXYkC2BGoRU6qj3vi_6dr46n2raabmUtGAfaKEblHNcTEqZlwR2EnK1iw3e2aoUE

Request Chain 343

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPLQl4dJdXVEXQnfu5LwFKU5Gan6paKjNaRxSfkFapv63z48F4HjspRk7LoUMgZ0mZNGhOAWl0tzsKxOqgFI4wGQpvZSubk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_push=AYg5qPLQl4dJdXVEXQnfu5LwFKU5Gan6paKjNaRxSfkFapv63z48F4HjspRk7LoUMgZ0mZNGhOAWl0tzsKxOqgFI4wGQpvZSubk

Request Chain 345

https://d5p.de17a.com/cookies/google?google_gid=CAESEOUu63Juyx0_3aGrlHvKXPU&google_cver=1&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23AETkUy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23AETkUy

Request Chain 346

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_mvx0_1MIfWGJWK9Qv73Phg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_mvx0_1MIfWGJWK9Qv73Phg

Request Chain 347

https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

Request Chain 348

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILVqs_AeUrb6ZV5_rpgoHo&google_cver=1&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVfWFgBkR_B4bTjMryiVBkHUGeWUCyDEYIGqdgfk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVfWFgBkR_B4bTjMryiVBkHUGeWUCyDEYIGqdgfk

Request Chain 349

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg&apid=UP6fd5f884-25b3-11ec-9f4f-061b9b3b951e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg

Request Chain 415

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CM6KksrosvMCFUPKuwgdUCUDcw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703f67e0-25b3-11ec-855b-692d0ae1a3be

Request Chain 426

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPaKksrosvMCFXTquwgdMc4Jww;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703ef2b0-25b3-11ec-855b-692d0ae1a3be

Request Chain 433

https://www.awin1.com/cshow.php?s=2283539&v=11600&q=351068&r=412871&pv=1&pref3=oneiddEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://trck.arag.de/trck/htlp/htlp.html?from=zx1&utm_source=Awin&utm_medium=Retargeting&awc=11600_412871_1633421315_70352eb0-25b3-11ec-a5f3-692d0d349c1f

Request Chain 451

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&spid=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&wfid=117679&vlz=24

Request Chain 455

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7015491124227668121

Request Chain 456

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFX1pFN0N1QkFBQUJkTUctN2M0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE_ZE7CuBAAABdMG-7c4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE_ZE7CuBAAABdMG-7c4w&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE_ZE7CuBAAABdMG-7c4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 457

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&addseg=19,36,42

Request Chain 458

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 460

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9 HTTP 302
https://a.audrte.com/p

Request Chain 461

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LgzgOUJE2uUfHKohxoEuHNLlvEL.FoU-~A&gdpr=0&gdpr_consent=

Request Chain 463

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3cb6e279-e868-4eb2-b8b1-163a5ee21b65 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3cb6e279-e868-4eb2-b8b1-163a5ee21b65 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=017d5f14-e324-4adc-aa5f-f5f5819becba&user_group=1&ssp=pubmatic&bsw_param=3cb6e279-e868-4eb2-b8b1-163a5ee21b65 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cb6e279-e868-4eb2-b8b1-163a5ee21b65&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 465

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVwIAgAGsRcumwAR&gdpr=0&gdpr_consent=

Request Chain 466

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385373946195215795&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 467

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 468

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5c4c6f68-d99d-42de-8446-678912a748fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 477

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPI_kMcy4fU2EyppKttYAjLQwVqkyJGNMjjFuRtyhYYc-IXxwdb-FXv5RQ55vASaEshArmYDFxY5HqXebTjFtW3-t_gfhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVZ3SUFnQUdzUmN1bXdBUg==&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPI_kMcy4fU2EyppKttYAjLQwVqkyJGNMjjFuRtyhYYc-IXxwdb-FXv5RQ55vASaEshArmYDFxY5HqXebTjFtW3-t_gfhg

Request Chain 479

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D

Request Chain 481

https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

Request Chain 482

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_cver=1&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GAnmjrk4CQapVqVjQSszlEyDDMxIFlf6g1dMAl5mmrEe6frwsWqQTlqGRqHct9-E

Request Chain 483

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc3aSU-MQCXGA31m7E7gxWUn8DdFIx1JOGve HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc3aSU-MQCXGA31m7E7gxWUn8DdFIx1JOGve&apid=UP6fd5f884-25b3-11ec-9f4f-061b9b3b951e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc3aSU-MQCXGA31m7E7gxWUn8DdFIx1JOGve

Request Chain 505

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOjV25Xv3aBz_LZGTGd4Qwo&google_cver=1&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP5rSz3KVBzjo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP5rSz3KVBzjo

Request Chain 506

https://um.simpli.fi/gp_match?google_gid=CAESEHDpPVkZKDL1Nd6ZZ9evzEA&google_cver=1&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kFO-OIms8lul9I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8B1B3FDFE7A476F9F4434383BF126E8&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kFO-OIms8lul9I

Request Chain 508

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEA4EmrljFHZbusG2MSkaSU&google_cver=1&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsFR31M3VGIT12k8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsFR31M3VGIT12k8&google_hm=hmFcCANXnOSJaadXTA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D615C0803579CE48969A7574CBLIS

Request Chain 509

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEN2CaZT8W_T5y9BGAOV6kLk&google_cver=1&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHXNwVdxZdByic HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHXNwVdxZdByic

Request Chain 510

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtjky2bP9XCofOhSeJfKV5ZAq67q-zMzgT6q4 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtjky2bP9XCofOhSeJfKV5ZAq67q-zMzgT6q4&apid=UP6fd5f884-25b3-11ec-9f4f-061b9b3b951e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtjky2bP9XCofOhSeJfKV5ZAq67q-zMzgT6q4

Request Chain 538

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 539

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003&rndcb=1362337499 HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=3cb6e279-e868-4eb2-b8b1-163a5ee21b65&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=1e599e5f-58d3-46ef-b6e3-5cfac1f92a83&expires=1&user_group=5&ssp=adconductor&bsw_param=3cb6e279-e868-4eb2-b8b1-163a5ee21b65 HTTP 302
https://sync.1rx.io/usersync/bidswitch/3cb6e279-e868-4eb2-b8b1-163a5ee21b65?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003

Request Chain 541

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rnaa99cyjQVb6ssobmbUXmFI

Request Chain 545

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=6a0d6996-c676-4ca2-99cb-d3b47a0209e7-tuct8558d85&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 546

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=863285058235829675

Request Chain 555

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID

Request Chain 556

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XWjE5f5N1MxFv45&gdpr=0&gdpr_consent=

Request Chain 557

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D8B1B3FDFE7A476F9F4434383BF126E8

Request Chain 558

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sgQGDd51RPVLfvbtF2QUbah3GcU

Request Chain 611

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=nIgm265F_no

Request Chain 612

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=nBmrUm6v6pyQ&ev=1&pid=561322

Request Chain 616

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=985081703&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=985081703&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d4d64dd4-b404-4d48-9006-b7e2b4c4f495&a.is_yahoo=3&redirect_y=dHM9MTYzMzQyMTMyMjQ5Ni43OTkzMTY6YXBpZD1VUDZmZDVmODg0LTI1YjMtMTFlYy05ZjRmLTA2MWI5YjNiOTUxZTpyZXF1ZXN0X2lkPWQ0ZDY0ZGQ0LWI0MDQtNGQ0OC05MDA2LWI3ZTJiNGM0ZjQ5NQ==

Request Chain 618

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&cb=1318674651&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C6261433768394551070255520391,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzI3M2M1OTEtM2E5My0yODMzLWY3N2UtOGE3YTYwZmRhNGFi

Request Chain 621

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1996659264&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1996659264&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=832217ad-3a1c-458c-90a3-01cf6df58f0c&a.is_yahoo=3&redirect_y=dHM9MTYzMzQyMTMyMjQ5OS4yNzI3MDU6YXBpZD1VUDZmZDVmODg0LTI1YjMtMTFlYy05ZjRmLTA2MWI5YjNiOTUxZTpyZXF1ZXN0X2lkPTgzMjIxN2FkLTNhMWMtNDU4Yy05MGEzLTAxY2Y2ZGY1OGYwYw==

Request Chain 623

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2124836299&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2124836299&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=bc17ef9f-581d-4041-a615-d9875dc8ead7&a.is_yahoo=3&redirect_y=dHM9MTYzMzQyMTMyMjQ5OS4wNTMyMjM6YXBpZD1VUDZmZDVmODg0LTI1YjMtMTFlYy05ZjRmLTA2MWI5YjNiOTUxZTpyZXF1ZXN0X2lkPWJjMTdlZjlmLTU4MWQtNDA0MS1hNjE1LWQ5ODc1ZGM4ZWFkNw==

Request Chain 625

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1760700388&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1760700388&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=ffc5c542-6b98-4e91-b68e-3b4ad613a5f9&a.is_yahoo=3&redirect_y=dHM9MTYzMzQyMTMyMjUwMS4wNzI3NTQ6YXBpZD1VUDZmZDVmODg0LTI1YjMtMTFlYy05ZjRmLTA2MWI5YjNiOTUxZTpyZXF1ZXN0X2lkPWZmYzVjNTQyLTZiOTgtNGU5MS1iNjhlLTNiNGFkNjEzYTVmOQ==

Request Chain 626

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&cb=1318674651&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C6261433768394551070255520391,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&cb=1318674651&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C6261433768394551070255520391,,

679 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.controle.colunadofla.com/ 167 KB
38 KB 2046ms
1522ms Document
text/html 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: d23c291d699fa88fa97df8d785e5084bb06fd085cbccfd6350f3ad7835c5467f

Request headers

Host: www.controle.colunadofla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0
Date: Tue, 05 Oct 2021 08:08:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: serverdoID=3nu1ohkq4ifhvsnf2phhhu0b1d; path=/; domain=.colunadofla.com dwqa_anonymous=PbEN6k5bjybglpDDryb3R0L55GnCpCFepI6TN2tguC4; expires=Fri, 03-Oct-2031 08:08:28 GMT; Max-Age=315360000; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Credentials: true
Link: <https://controle.colunadofla.com/wp-json/>; rel="https://api.w.org/" <https://controle.colunadofla.com/wp-json/wp/v2/pages/269624>; rel="alternate"; type="application/json" <https://colunadofla.com/>; rel=shortlink
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60738862-1

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0aa661699590eda908c76bed3700a6b7d3dc1a5bf253cf20b9ea916d377c88df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38988
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 08:08:29 GMT

GET
H/1.1 200
OK main.min.css
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/ 695 KB
70 KB 872ms
436ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: dc2457c01ceefcbce36470f0d3c4fd97e9e9220612a0c9ec956c8df33a91a5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Sep 2021 17:07:39 GMT
Server: nginx/1.18.0
ETag: W/"613e33db-ada86"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.min.css
controle.colunadofla.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 656ms
220ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/css/dist/block-library/style.min.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 20:35:56 GMT
Server: nginx/1.18.0
ETag: W/"6116d7ac-13abe"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK wc-blocks-vendors-style.css
controle.colunadofla.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 5 KB
2 KB 654ms
218ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?x26453&ver=5.7.2
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:01 GMT
Server: nginx/1.18.0
ETag: W/"61565d91-14b9"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK wc-blocks-style.css
controle.colunadofla.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 189 KB
20 KB 886ms
451ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?x26453&ver=5.7.2
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 9c34d15226af3a3a8f407efb5bf5bf9a26d5e82b3568c8e48a9e2c354e12d490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:01 GMT
Server: nginx/1.18.0
ETag: W/"61565d91-2f230"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
controle.colunadofla.com/wp-content/plugins/coluna-do-fla-real-time/blocks/match-moment/ 1 KB
963 B 656ms
220ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/coluna-do-fla-real-time/blocks/match-moment/style.css?x26453&ver=33d35ef83c27bab9f76efa687cd1f39f
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 497532ce37430d4f3742b3018e43bd76a0c8e89c62ffff59318c7196f7e62f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 22:39:49 GMT
Server: nginx/1.18.0
ETag: W/"61130035-5da"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ai-aos.css
controle.colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 33 KB
3 KB 873ms
219ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?x26453&ver=2.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:02:21 GMT
Server: nginx/1.18.0
ETag: W/"60e310ed-85c7"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
controle.colunadofla.com/wp-content/plugins/dw-question-answer/templates/assets/css/ 12 KB
3 KB 875ms
219ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/dw-question-answer/templates/assets/css/style.css?x26453&ver=180720161357
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 06196888fca0d8ba3ad02629d388c2da938011f0f2c539fce8c843b9ee8c0820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 14:48:01 GMT
Server: nginx/1.18.0
ETag: W/"5db06821-3112"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK rtl.css
controle.colunadofla.com/wp-content/plugins/dw-question-answer/templates/assets/css/ 1 KB
595 B 874ms
218ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/dw-question-answer/templates/assets/css/rtl.css?x26453&ver=180720161357
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 20bbee8d920f8affb51d68d64e44eab60ab24d0e3b9e826d0f1b732f7dc7ac39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 14:48:00 GMT
Server: nginx/1.18.0
ETag: W/"5db06820-404"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK widget-options.css
controle.colunadofla.com/wp-content/plugins/widget-options/assets/css/ 1 KB
568 B 1109ms
235ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/widget-options/assets/css/widget-options.css?x26453
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 13fb1b9861f89da6aa75279c4a65f266e53a3a1ac3977bf0f17f451ab1cba0a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 17:42:12 GMT
Server: nginx/1.18.0
ETag: W/"607dc0f4-417"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK woocommerce-layout.css
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/ 18 KB
3 KB 1111ms
236ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-4605"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK woocommerce.css
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 1805ms
930ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-f553"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK frontend.css
controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/ 61 KB
6 KB 1120ms
234ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/frontend.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: f9e128c2939ba3fd77e84385e9c758c7f44644001663cefea27571180134e1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 12:30:23 GMT
Server: nginx/1.18.0
ETag: W/"60c4a8df-f27c"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK font-icon.css
controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/ 51 KB
8 KB 1334ms
233ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a5b403e6a1121028021d2e45326b331560f8bdaae2685bd240f9ada48dca4a9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 May 2021 14:42:06 GMT
Server: nginx/1.18.0
ETag: W/"60abbb3e-ca15"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK yvtwp-frontend.css
controle.colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/ 275 B
448 B 1340ms
231ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/yvtwp-frontend.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 247d97b8046a941994933d2da467829c240d01c86aef6705abe3850d25d1f264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 17:42:28 GMT
Server: nginx/1.18.0
ETag: W/"607dc104-113"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK featherlight.css
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 4 KB
2 KB 1342ms
231ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/featherlight.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 6fef1e9a733d7dd62a4d190056ca17b3445d871bc3deb64a3b772cfea6f7668d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-e07"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-ui.css
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 23 KB
4 KB 1353ms
233ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/jquery-ui.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 39dc7caec8eeaf5ac988f044df5dd44085ca963e9818a7baa9b7d28bb4263284

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-5a0e"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK survey-front-end.css
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 14 KB
3 KB 1551ms
216ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/css/survey-front-end.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7713951547d129cdbfd676b605c788fec19dbc155e177d5d3b1ee73b98c315ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-364e"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK survey-general.css
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/backend/assets/css/ 66 KB
12 KB 1559ms
220ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/backend/assets/css/survey-general.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7974ea43cfdbb548e0a536c11079dc8787b796729fedf7aa720c30c3d41bb29f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:14 GMT
Server: nginx/1.18.0
ETag: W/"60e310aa-1078e"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK front.min.css
controle.colunadofla.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 1557ms
215ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/cookie-notice/css/front.min.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:01:25 GMT
Server: nginx/1.18.0
ETag: W/"61565de5-1568"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK addthis_wordpress_public.min.css
controle.colunadofla.com/wp-content/plugins/addthis/frontend/build/ 587 B
567 B 1571ms
217ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Dec 2019 18:47:59 GMT
Server: nginx/1.18.0
ETag: W/"5deaa25f-24b"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK frontend-gtag.js Show response
controle.colunadofla.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 23 KB
6 KB 1771ms
219ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?x26453&ver=6.7.0
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 0cdc6e956294d2e2352f1c0a62b2ba989108b6e04338e0d24a14b452335697a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Apr 2021 17:49:19 GMT
Server: nginx/1.18.0
ETag: W/"606df09f-5b2e"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
controle.colunadofla.com/wp-includes/js/jquery/ 87 KB
31 KB 1781ms
223ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/jquery/jquery.min.js?x26453&ver=3.6.0
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 20:35:56 GMT
Server: nginx/1.18.0
ETag: W/"6116d7ac-15db1"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
controle.colunadofla.com/wp-includes/js/jquery/ 11 KB
4 KB 1780ms
220ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/jquery/jquery-migrate.min.js?x26453&ver=3.3.2
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 01:57:43 GMT
Server: nginx/1.18.0
ETag: W/"5fd02f17-2bd8"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK joomsport_live.js Show response
controle.colunadofla.com/wp-content/plugins/joomsport-sports-league-results-management/sportleague/assets/js/ 1 KB
744 B 1790ms
218ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/joomsport-sports-league-results-management/sportleague/assets/js/joomsport_live.js?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 1e7c7223b11ca4c6741b5bfd30a6ddc2389d1c208297707a3af2a3d933a13760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 14:49:30 GMT
Server: nginx/1.18.0
ETag: W/"5db0687a-543"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK wpp.min.js Show response
controle.colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 1989ms
219ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?x26453&ver=5.3.5
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 9a7330fd435eb85d95353f8ff6ce7bcf64fd1156976d819973439c93e27e3875

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 12:57:40 GMT
Server: nginx/1.18.0
ETag: W/"60e301c4-a05"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK social-front.js Show response
controle.colunadofla.com/wp-content/plugins/wp-social/assets/js/ 621 B
653 B 1997ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/wp-social/assets/js/social-front.js?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 31c7967be80175a535b3950d4ea620f22859f9c9d3202d04aa430af7a2dfbcf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 May 2021 14:42:06 GMT
Server: nginx/1.18.0
ETag: W/"60abbb3e-26d"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sweetalert.min.js Show response
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 40 KB
12 KB 2010ms
221ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/sweetalert.min.js?x26453&ver=1.0.0
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-9f62"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK featherlight.js Show response
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 22 KB
8 KB 2022ms
220ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/featherlight.js?x26453&ver=1.7.9
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 8229f3c107482bc93008d1934c044198fe418852cf32e8ae7240086c9e9e78c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-59bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK survey.common.js Show response
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 6 KB
2 KB 2206ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.common.js?x26453&ver=1.0.0
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 80c1e9531472d618e40813cda63f6f91ee15f7d653c40c9181c8a3ab79e16ab1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-16d4"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK survey.main.js Show response
controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 5 KB
2 KB 2207ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.main.js?x26453&ver=1.0.0
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 0c4f536f41f8d54b5cfccb706ed54c2f1378eefb835cca65debdf8a9b681d9f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:01:15 GMT
Server: nginx/1.18.0
ETag: W/"60e310ab-1315"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK front.min.js Show response
controle.colunadofla.com/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 216ms
216ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/cookie-notice/js/front.min.js?x26453&ver=2.1.4
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:01:25 GMT
Server: nginx/1.18.0
ETag: W/"61565de5-20b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 46ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

4a56e85827b93cb92c6f433809c9be899d92821ae6b253960659d2848fbed8a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1006 / 416 of 1000 / last-modified: 1633385325"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25689
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 73ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6afd58496691b9b34dd37e23aadfdfd3f89888a590fdac3b6ef57e654934354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51130
x-xss-protection: 0
server: cafe
etag: 9029773691706613624
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6393c60cc5facebf0f9a51c0d24892c9834f85dcf256d5fe17d014a5558125f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.controle.colunadofla.com/
Origin: https://www.controle.colunadofla.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
server: cafe
etag: 12672900816743584617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H/1.1 200
OK colunadofla_11431.js Show response
ads.vidoomy.com/ 5 KB
6 KB 337ms
118ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/colunadofla_11431.js
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 1b469e290f24e45bb542671a57a9c81301145f012d272206b5bb102caaf55633

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:32 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5366

GET
H2 200 tag Show response
a.teads.tv/page/120398/ 753 B
670 B 99ms
44ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/120398/tag
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 735a78ad17ce57d1e0e4d3a0d67bb8f13acad3189646bb0130379ff82caaa273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Tue, 05 Oct 2021 09:08:32 GMT

GET
H2 200 logo-colunadofla.svg
colunadofla.com/wp-content/uploads/2019/10/ 11 KB
5 KB 465ms
116ms Image
image/svg+xml 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2019/10/logo-colunadofla.svg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: e27f8117482b0a1c0ded766900a7ab2a663bf338919a4a0f84b59c2d279d3d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
last-modified: Wed, 23 Oct 2019 17:35:35 GMT
server: nginx/1.20.1
etag: W/"5db08f67-2aa0"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Tue, 12 Oct 2021 08:08:32 GMT

GET
H/1.1 200
OK main.js Show response
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/ 172 KB
53 KB 224ms
224ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/main.js?x26453&ver=1631466460
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 714ffaa29a516013a6de7b1e8c5caa1e32f29eb1932bf9ef3735e991d81a2204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Sep 2021 17:07:40 GMT
Server: nginx/1.18.0
ETag: W/"613e33dc-2af26"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 404 embed.min.js
www.sofascore.com/bundles/sofascoreweb/js/bin/util/ 0
0 54ms
16ms Script
text/html 2606:4700:10::6814:3a66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3a66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK aos.js Show response
controle.colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 14 KB
5 KB 218ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?x26453&ver=2.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 4657a4bceab0258c3249806be89c020dc699939f2065ad02601bae3b400386a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jul 2021 14:02:21 GMT
Server: nginx/1.18.0
ETag: W/"60e310ed-3785"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.blockUI.min.js Show response
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 220ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?x26453&ver=2.7.0-wc.5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-2549"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK add-to-cart.min.js Show response
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 227ms
224ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-bdd"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK js.cookie.min.js Show response
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 221ms
218ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?x26453&ver=2.1.4-wc.5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-72a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK woocommerce.min.js Show response
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 438ms
217ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-85b"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK cart-fragments.min.js Show response
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 219ms
219ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-b7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK core.min.js Show response
controle.colunadofla.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 218ms
218ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/jquery/ui/core.min.js?x26453&ver=1.12.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 11:00:19 GMT
Server: nginx/1.18.0
ETag: W/"60781cc3-5133"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK datepicker.min.js Show response
controle.colunadofla.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 430ms
430ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/jquery/ui/datepicker.min.js?x26453&ver=1.12.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 20:35:56 GMT
Server: nginx/1.18.0
ETag: W/"6116d7ac-8d34"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 84ms
26ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 05 Oct 2021 08:08:32 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK wp-embed.min.js Show response
controle.colunadofla.com/wp-includes/js/ 1 KB
1 KB 216ms
216ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/wp-embed.min.js?x26453&ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 23:00:18 GMT
Server: nginx/1.18.0
ETag: W/"601b2b02-592"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 43ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1207
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 699529a0dead3258-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 08 Oct 2021 08:08:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 446
date: Tue, 05 Oct 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 05 Oct 2021 10:01:06 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
controle.colunadofla.com/wp-includes/js/ 18 KB
5 KB 219ms
219ms Script
application/javascript 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 20:35:56 GMT
Server: nginx/1.18.0
ETag: W/"6116d7ac-4705"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK woocommerce-smallscreen.css
controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 223ms
222ms Stylesheet
text/css 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?x26453&ver=5.7.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 01:00:02 GMT
Server: nginx/1.18.0
ETag: W/"61565d92-1b83"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/juicebarpartners-colunadofla/ 225 KB
26 KB 132ms
108ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/juicebarpartners-colunadofla/loader.js
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d5c9e0df3e5ae6796b972b542c3f8693e98cb19de6d0358bcc417cd53dc0108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: rh6.LN6k2iNZ8siuGxll7cW9A2B9QIiL
content-encoding: gzip
etag: "6be5fb0eef173467f90f63cb41a87c8c"
age: 0
x-cache: HIT
content-length: 25764
x-amz-id-2: weRVipL4r0TbGR4BsEE+Qyrje+RdCt2IkVZndZjt2O0uYX5gxYwGo8/vhIqKjdJSiW6Tsknal5A=
x-served-by: cache-fra19175-FRA
last-modified: Mon, 04 Oct 2021 09:55:32 GMT
server: AmazonS3
x-timer: S1633421312.184043,VS0,VE101
date: Tue, 05 Oct 2021 08:08:32 GMT
vary: Accept-Encoding
x-amz-request-id: VNESTT81F4KZJ4D0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1

GET
H2 200 7ac0d6f2a7e643934c4c056762c37596.js Show response
scripts.cleverwebserver.com/ 127 KB
51 KB 63ms
27ms Script
application/javascript 2606:4700:10::6816:4d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/7ac0d6f2a7e643934c4c056762c37596.js
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57db8f505316f454dc4874b9ca42bc1b7f879a5f0e627073b54fab9e9c7d1ec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Oct 2021 20:31:49 GMT
server: cloudflare
age: 613
etag: W/"cb37c3624761893381f410c7db867b4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dFKPiyhxOjUC41OhHFgMJB_DFdnSPYPn
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 699529a1583305ed-FRA
x-amz-request-id: 9J9V653PAEM1ZDFW
x-amz-id-2: mMLPMEyyz/hSa2q1NuuirihAJerhK+ju5F0lM+kYpM36zblJcyMr0yPHNkj0uyLbud4q4ObNtWY=

GET librefranklin-regular.woff2
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0

GET librefranklin-bold.woff2
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0

GET alegreyasanssc-blackitalic.woff2
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0

GET
H/1.1 200
OK placeholder.svg
controle.colunadofla.com/wp-content/plugins/native-lazyload/assets/images/ 88 B
328 B 351ms
217ms Image
image/svg+xml 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.colunadofla.com/wp-content/plugins/native-lazyload/assets/images/placeholder.svg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 3860635dae56adc091d0f38baf9183d9373782e4fca9884535d8eb60d90e4ba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:31 GMT
Last-Modified: Tue, 17 Dec 2019 14:29:50 GMT
Server: nginx/1.18.0
ETag: "5df8e65e-58"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88

GET met-social.ttf
controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/ 0
0

GET librefranklin-semibold.woff2
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0

GET
H/1.1 200
OK lines-up.svg
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/ 2 KB
744 B 226ms
225ms Image
image/svg+xml 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/lines-up.svg
Requested by: Host: controle.colunadofla.com
URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: e2cc5cc991726477320685714be247b3440cbc402761a98e80db436f1a759a09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 22:41:16 GMT
Server: nginx/1.18.0
ETag: W/"6113008c-692"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 pubads_impl_2021092301.js Show response
securepubads.g.doubleclick.net/gpt/ 338 KB
119 KB 1463ms
1463ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121150
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 135 B
136 B 32ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.controle.colunadofla.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e272ca4b6e361ec1e5c2db0dd106b35fb3eadb668f07ad62254ff83cfa0fcdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 257 KB
95 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.colunadofla.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c067f7ae932ca1f7630bd1a14cc1b196e500ea884ff11b89b0cb8116202ec6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97185
x-xss-protection: 0
server: cafe
etag: 18119814467345886440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210929/r20190131/ Frame 743D 10 KB
5 KB 38ms
10ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210929/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210929/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 15:49:53 GMT
expires: Mon, 18 Oct 2021 15:49:53 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 58719
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 597 KB
131 KB 60ms
8ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/120398/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c608ebbda0e351c7c59f6ed5f27c521baefbc162b5c6da667d8021aff6336f10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 3CP4NSEYJFAX5KT4
content-length: 133178
x-amz-id-2: 4AnSwC5zT5RZSUF++wjGYfmUhxq+LFkCDZwVIe7uFHJAbOr9KS4BlwZKvhqzjy60A3but63RLMg=
last-modified: Mon, 04 Oct 2021 12:29:03 GMT
etag: "fa9290afae35a7396ce40670435a3563"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 2
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 05 Oct 2021 08:38:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 17ms
15ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2122206793&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&ul=en-us&de=UTF-8&dt=Flamengo%20%7C%20Coluna%20do%20Fla&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=834389307&gjid=1701248084&cid=50889100.1633421312&tid=UA-60738862-1&_gid=1481962228.1633421312&_r=1&gtm=2ou9r0&did=dNDMyYj&z=1492853253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.colunadofla.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
422 B 50ms
16ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-60738862-1&cid=50889100.1633421312&jid=834389307&gjid=1701248084&_gid=1481962228.1633421312&_u=YEBAAUAAAAAAAC~&z=1202013478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.colunadofla.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Oct 2021 08:08:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
442 B 34ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.controle.colunadofla.com&callback=_gfp_s_&client=ca-pub-5822243610880583

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.colunadofla.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

823b70bc11a8052e735f49674466ac008e60d5b2c28cfa452feca9ebc961fb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&tn=HEADER&id=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 43ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.controle.colunadofla.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 45ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.controle.colunadofla.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 934E 0
179 B 85ms
84ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1633421312&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633421312173&bpp=2&bdt=2380&idt=75&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4190856313364&frm=20&pv=2&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063015&oid=2&pvsid=4294326891432275&pem=214&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1633421312&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633421312173&bpp=2&bdt=2380&idt=75&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4190856313364&frm=20&pv=2&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063015&oid=2&pvsid=4294326891432275&pem=214&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 05 Oct 2021 08:08:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 08:23:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 05 Oct 2021 08:08:32 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 55ms
24ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60738862-1&cid=50889100.1633421312&jid=834389307&_u=YEBAAUAAAAAAAC~&z=2062329519

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 55ms
26ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60738862-1&cid=50889100.1633421312&jid=834389307&_u=YEBAAUAAAAAAAC~&z=2062329519

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 161 B
228 B 343ms
332ms Script
text/javascript 2606:4700:10::6816:4d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.19
Resource Hash: ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
cf-ray: 699529a2399005ed-FRA

GET
H2 404 embed.min.js
www.sofascore.com/bundles/sofascoreweb/js/bin/util/ 0
0 25ms
24ms Script
text/html 2606:4700:10::6814:3a66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=5.8.1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3a66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 impl.20211004-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 533 KB
118 KB 11ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211004-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/juicebarpartners-colunadofla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 886543377b40a38e7042995816455bfa97a7cb870c73898e58e56cef9727a816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: bIk3CJIMiVCMCGQIxOJd5lkIhtnTIGPo
content-encoding: br
etag: "ce6b66e952c1bbe3e8de2ee3729a3026"
age: 24195
x-cache: HIT
content-length: 120183
x-amz-id-2: TdSC4GeUw+j5R+Wd5Uw+fsLcfpAkJ3jVTtW3msPdvIJ0lnze7mlQLbIH6x1f+KS+A6gixOxwUEY=
x-served-by: cache-fra19175-FRA
last-modified: Mon, 04 Oct 2021 09:22:06 GMT
server: AmazonS3-br
x-timer: S1633421312.363286,VS0,VE0
date: Tue, 05 Oct 2021 08:08:32 GMT
vary: Accept-Encoding
x-amz-request-id: CBJ5528BX992T20J
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 36
x-cache-hits: 61567

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 49ms
9ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/juicebarpartners-colunadofla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 02:05:16 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 21797
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: YJLSwivAu5EhwJ_wjtbA-Y-3JMll3dUDZynCDMTfwdl3wn8qN4woVw==

GET
H2 200 21831.php
sender.clevernt.com/transporter/ 43 B
354 B 188ms
64ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/21831.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly93d3cuY29udHJvbGUuY29sdW5hZG9mbGEuY29tLw%3D%3D&ruri=&r=260843444&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.003&iv=-1
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
content-type: image/gif

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9=

64 B
330 B

11ms
10ms

Image
image/gif

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9=
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: onC7zhOhrqIMztU0gUmA_C7B-ihJ1Oqrrr6BAbVIZ7IpWrJOkJht1g==

Redirect headers

date: Tue, 05 Oct 2021 08:08:32 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633421312431&ns_c=UTF-8&cv=3.5&c8=Flamengo%20%7C%20Coluna%20do%20Fla&c7=https%3A%2F%2Fwww.controle.colunadofla.com%2F&c9=
content-length: 208
x-amz-cf-id: KUQmQ1pTHSwOi0QDWz1xIoAZ8fRp9RyuSRNZncBSSUmLa0f5rt-JCw==

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 33C7 118 KB
35 KB 42ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame F471 118 KB
35 KB 43ms
16ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
444 B 10ms
10ms Image
image/gif 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=138276&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1633421312
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: EFuwcpbOkywEtEvCgSPQ98J7EirbZoYwH1n-BtO9VqACvhpq_2vUsw==

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
598 B 95ms
18ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:32 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1633421312380084-361
Expires: Tue, 05 Oct 2021 08:08:32 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 889F 4 KB
2 KB 11ms
11ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 33C7 2 KB
2 KB 293ms
94ms XHR
application/xml 146.20.132.66
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=32641166&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e8e4e0576e2826a3fd2a89e359dabeb262096923cc8bb46d0679a83aed018db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1355

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame F7D3 4 KB
2 KB 11ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame F471 180 B
364 B 284ms
92ms XHR
application/xml 146.20.132.66
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1110154&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=38842903&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2

200

cs
cs.lkqd.net/ Frame 889F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=dHdTaVlTSmR5ZE0
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPt3fltzuBUdnWYlD2rQ5qY&google_cver=1

43 B
398 B

90ms
90ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPt3fltzuBUdnWYlD2rQ5qY&google_cver=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPt3fltzuBUdnWYlD2rQ5qY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame 889F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=50oy3BxEj5w

0
132 B

313ms
103ms

Image
text/plain

47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=50oy3BxEj5w
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-length: 0

Redirect headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=50oy3BxEj5w
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 889F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=oNwcWiQatRI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=286a7fbc-5c01-49cb-8222-574c4624ea60

43 B
402 B

91ms
91ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=286a7fbc-5c01-49cb-8222-574c4624ea60
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=286a7fbc-5c01-49cb-8222-574c4624ea60
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame 889F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=XbsVQf6aP6A

43 B
285 B

101ms
30ms

Image
image/gif

34.246.212.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=XbsVQf6aP6A
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=XbsVQf6aP6A
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 889F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3313316352157287859

43 B
526 B

194ms
102ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3313316352157287859
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3313316352157287859
pragma: no-cache
date: Tue, 05 Oct 2021 08:08:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame F7D3
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ZXBULTRMMDZJUmc
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPWZkgdrFey6i9rtIxVKsoU&google_cver=1

43 B
398 B

91ms
91ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPWZkgdrFey6i9rtIxVKsoU&google_cver=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPWZkgdrFey6i9rtIxVKsoU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame F7D3
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=eM_1jGc1vR4

0
134 B

306ms
96ms

Image
text/plain

47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=eM_1jGc1vR4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-length: 0

Redirect headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=eM_1jGc1vR4
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame F7D3
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=nIgm265F_no&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=407033fe-c285-4db1-8610-db983db2ad11

43 B
402 B

90ms
90ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=407033fe-c285-4db1-8610-db983db2ad11
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=407033fe-c285-4db1-8610-db983db2ad11
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame F7D3
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=_aaX4xJdPa0

43 B
284 B

93ms
30ms

Image
image/gif

34.246.212.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=_aaX4xJdPa0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:32 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=_aaX4xJdPa0
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame F7D3
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3385373946195215795

43 B
526 B

194ms
102ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3385373946195215795
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3385373946195215795
pragma: no-cache
date: Tue, 05 Oct 2021 08:08:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

/ Show response
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 7F69
Redirect Chain

https://sender.clevernt.com/transporter/21831.php?ppuc=1&ppu=0&id=527381&ref=aHR0cHM6Ly93d3cuY29udHJvbGUuY29sdW5hZG9mbGEuY29tLw%3D%3D&ruri=&r=657736939&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz...
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550

4 KB
1 KB

106ms
76ms

Document
text/html

2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1956ec2e13502997537019a14d65013438664ea0149b6c3dfcdc924cf0ea6dd3

Request headers

:method: GET
:authority: lp.clevernetwork.pt
:scheme: https
:path: /bet365/geo/de/grp1/?affiliate=365_01054550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-type: text/html
x-amz-id-2: 8DaIsdo4mq6sGWITNHKCpf4YuoQGbkR32pRKZOTakHhxipu9diszyVc4mKtLvjnNRtmMNwAIBJI=
x-amz-request-id: K0XYS84FNWBCBEGG
last-modified: Fri, 10 Sep 2021 16:20:11 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YYZ889LrLikiNNlkfKQK5tLuGIbE7N%2BESXI7dziIazy9cWTDflAOv41aAS53JordX4AiXpNnImkojmNtLjGm0J4PGhiGwyhjntgpXS%2BaTY6Cr0W4vHL%2FYUsK3AWHCXcrTncvVDhnvCI24wB%2FfuAxoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529a4ee2f435d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx
date: Tue, 05 Oct 2021 08:08:32 GMT
content-type: text/html; charset=UTF-8
location: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Tue, 05 Oct 2021 08:08:32 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 934ms
724ms Preflight
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.controle.colunadofla.com

POST t
t.lkqd.net/ Frame F20C 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 295ms
90ms Preflight
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.controle.colunadofla.com

POST
H2 200 t Show response
t.lkqd.net/ Frame A909 0
174 B 276ms
91ms XHR
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 5A71 230 KB
61 KB 19ms
19ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 4E6F 4 KB
2 KB 11ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: sr59=1||1633421312; lkqdidts=1633421312; sr102=1||1633421312; sr99=1||1633421312; sr94=1|3385373946195215795|1633421312; sr103=1||1633421312; lkqdid=nIgm265F_no
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:32 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1633421312.cds164.fr8.hn,1633421312.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 5A71 112 KB
8 KB 136ms
135ms XHR
application/json 146.20.132.66
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=32641166&m=&rtv=1&thost=www.controle.colunadofla.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5efa0f35458cd13eeb1509f9516ee8597322dfe6a3cc6ca6de4401700f085a04

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 7486

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 471ms
285ms Preflight 146.20.132.66
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=32641166&m=&rtv=1&thost=www.controle.colunadofla.com
Protocol: H2
Server: 146.20.132.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:33 GMT
content-length: 0
access-control-allow-origin: https://www.controle.colunadofla.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 style.css
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 7F69 11 KB
2 KB 321ms
19ms Stylesheet
text/css 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 122c68ef5b96850581f49f5a40038c8b540df6f61fb1050a579396326ed19898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1056
cf-polished: origSize=11951
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZND5VB3099ZEFS7M
x-amz-id-2: 2yoKlzpLBtTVu96eJ+28EnDovzxaAVCpnGJiWYhVdrMQy0ks5XBV7hDVGYhvWdXCZe4YjYM5yAc=
last-modified: Mon, 20 Sep 2021 21:44:10 GMT
server: cloudflare
etag: W/"833f25b02f9e17296087a44433aecf14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HNe%2F8BzXeazrTjCBsINA%2B%2FOlUtAKJP1csu5fCG8JIJhEmYGEE%2FIILY0TTtFRgQwJHN7d1Vny0JLi3HOFeiXTqNTgBEYmcoDAIEPhVl9wjF3YFQstQ%2FAdN8YnHoxEXVVZMuTQudjiKkzVZBSwj%2BRG8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 699529a76bc8435d-FRA
cf-bgj: minify

GET
H2 200 ad.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 2 KB
1 KB 323ms
22ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ad.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N159X9344R0H7G7M
x-amz-id-2: 08Bpgcv+YfZwAlVDrfdKnAbwGjBo+5YylqYgnSRbC6bI7JLQ5M8iCjELFQrJNW/drj3eR05bhSU=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ37%2FIuQqJscA%2B54tGHuaX6vv8L6koMKWFO56zNx%2BLPtCLBt9um80GBeOatk7by0rwJ9UlWNVVdySohbJY5n7lJlz5yKHpQt45Nn6Rbce5fu%2B1Es93K1ViNy4qd4XJg7nKTAKFuQS%2BFH5741A6Tt8dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bcb435d-FRA

GET
H2 200 logo.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 2 KB
2 KB 315ms
14ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N15CT8PDZD5GCDNR
x-amz-id-2: M2/zY+SXenRGMJm2txXEH9Kq4oyIfDqYuWrPBoHsGHOc55YW4BbiHuoXu1CAOu9ErAsY1NpbOk4=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"89cc1efb4630095200908a2c0e01275c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3HN8YjQ6ItS5fkZ60u%2BPBy9V1MgBIQLTLxC2nt%2BSRR%2FHLNMC1Nb24aYO4U50J62w1GF8m5VOZdobl2dbGbfSq7cELbZ8A%2FkFTApsgjt9%2BZmzyumGRMXLWTF%2BjVFRM%2BBT1slxeUymAegn%2B9c144KjyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bd6435d-FRA

GET
H2 200 copy_pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 12 KB
4 KB 317ms
16ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N153DBFE9R6C09QY
x-amz-id-2: q3PMKM0XyFoo9klUBDDBBVvLcq9GalcW5kZ0WPHhnsdNmADNwVL2LYnsi5n96Tl5/sD7y5fvWZ8=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"48521ed69677855391819664023f03a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5oUjpEtf3DQAdRHp9jcsXZI6RJ9ztQ97uu2zoAIAGe%2F5XUI8VMiFPaGrCaoyL%2B46uGUGfyjzcWoDnXn%2BJUiXp9Yal1DqswU0ekbznPdsSQOiGIMvVcVuGlrNNVJx50ZsXZuygDqtaUtncLk3sY1Usg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bd4435d-FRA

GET
H2 200 copy_pushdown.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 12 KB
4 KB 317ms
15ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N15D88NTQZAPEH8P
x-amz-id-2: 529xq1WIkS/7aN4cHU5W58fjqciDb4H6jl6PP6CtA75igudlN3TKfQBrxRcG/eGjTz6epaew47U=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzWddntG6D0fRlVMN8BYA6lUKrnsu665fviC2tgTodrqXWT%2Bkl3xeCHUDIdxyYMspF0c%2B%2B6gyT0H%2B2PR%2By8Z2GIZGcM0GpiB%2FtXjkw1sCHU2xGFFYoCNrWfAq5TP6edFw0dJtubOgPtAA7neAexd3Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bcd435d-FRA

GET
H2 200 copy.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 12 KB
4 KB 321ms
20ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1852
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9TB8HGP6KQWHD5MZ
x-amz-id-2: fAchRmjKcSKJilPbkewHfwuFYbhvrKE9VgHyjtQJLSHx2cYlzK/yM+m8JyJ16rViJtRerb7j2zM=
last-modified: Fri, 10 Sep 2021 16:20:11 GMT
server: cloudflare
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhY9eoYYcca2pAUn3jpr27pS3t61axZYD0YHMKW8NOtqZ8V9DJSnjL%2B%2Fk9z7RJ5a94ELFtepEJsTKs15QnJcUFWY%2BJ9av68HwvlepuxoKTSfY9Yuxcp64B1gULyEuoAGnyUi418G%2BMmUF%2BWDlZzTpYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bd3435d-FRA

GET
H2 200 copy2_pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 5 KB
2 KB 316ms
15ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1885
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9TB4FN7B9J3HXWMD
x-amz-id-2: kZQllL+p7aOVm4/aoh/1AUkjg1gMrJ/e0pAJML3wWOSiXTmmKgXRiU6AYpOiIlyRq2qMvM/mdLQ=
last-modified: Fri, 10 Sep 2021 16:20:11 GMT
server: cloudflare
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgldt6HjG84Ld237TFtgcH8syzVnLMwn9b1RIHo0RUQZD8N9W0QROw8Urc3RmQIB0reeGdndONYYO%2FYYA5Ufevz1gHjNZuHY0Ny0hR%2FMhh7jRopHMIueVRG9ofzWiheUg9gCf4IeNGpT1LJ%2BdCx4IfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bd2435d-FRA

GET
H2 200 copy2_pushdown.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 5 KB
2 KB 320ms
19ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N15D5HZD53Z5PGVE
x-amz-id-2: IzxYvziwQQFO07jtVUUJFP3+7bfC8dWaujcASDncZmD/rZKwqCNMkjbkvNp7FWr3kbXO1vuEIlA=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3veQJbsW6ABq6e5WiH3Om32RDc5NQlkpncFYQPrBnSODGEed%2BNYwZ3e3NzCZcAkTeFZxYQXqddzUQdSIuNBpo3rODG7ZDSQ1MAuVtJvPcrsRQUESbH9ycpJ86vwp36DJ7FhDbervTLiV51yp%2BMV3ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bd8435d-FRA

GET
H2 200 copy2.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 5 KB
2 KB 319ms
18ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N157M80XAR9BNM9M
x-amz-id-2: 18unFv1BMngDz8lTC0IiTj5OEbQvdAPf4E24+Umkx9+XxSH2NfPWrf3amZ7guFN3OT2qGrENPgc=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg6BvmMgrPy5oo3Rp2%2FFVoEeQ19KJrrUlfnUrOTydQCLdjRGPXTA4xrFcMOTwjCTf9BDGSACWPV32EomHOdDRMwolCcz3ULEgyWhrH5Hcdcfb5RS8XXLX7QOrP4AeHhg5y%2F9URAx9p0NjjwotPtQw3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bda435d-FRA

GET
H2 200 copy3.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 6 KB
3 KB 318ms
17ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N1505KRHWC914A1Z
x-amz-id-2: HRzubnrgLRWJPBPrpaLF+aAJ/NyTWb29MFdCbB1MtxG162rrF/H1r4W4WcIhqh1yH3VLIlV3xGs=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"9048820dc635dbe10d09725e919ba54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khoFTQZw6FKFOWf%2Fogvpr%2FWtHl7Vhnv7HbQKm4uBP5yYMtwHCEFghs0taNGy1kXy2AMAU2AOQn47yemU8rmC%2BBY6yAHmfy%2B%2B9rdCO9Jd2ovn3VJtmhBnm29iSKJWSyea44xXvb%2B7cvJLmiAWezWtyg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bdb435d-FRA

GET
H2 200 cta.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 3 KB
2 KB 323ms
22ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N151VAKD9VJDXYCE
x-amz-id-2: D86UoTu6cF2oHOgKC9EtuLx17gwNyf9Rx8vaHYdyd5i0TionmUCkX2e5QVIQjFwQaBboYTAwJ3o=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfRtXKQCTDEa6TpA7ioCGG2DpjaWJg9oZrJACt5HfMzaD8usC0SWUsoo%2B5qMTADGsJ5%2F5uJXek%2FFGt8YPyqBvbGJwr%2FoMklFoy33qGE3sFf4bo9rF%2FoxRLG671mvQeehZ51ExK6NR6JkDgOq9KXRINI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76bdf435d-FRA

GET
H2 200 legal2_pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 12 KB
4 KB 322ms
22ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N158QPXKD9AWDKCE
x-amz-id-2: h//RILtDsixfoWL7vpZJu2hpD0/3qs9Dyj9Sceugu6+7FObKoSYQZu7JuErMYQiPoHl11LTrgw8=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"22316355cfe04cd150c2b810a54167a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVgInE26a9kqJ%2BMpRIgjDobVpYANEQnxEewx6B%2Fb5sFzuzzStuDIPkX3j1bGzNvbpNR9U8wos7w1WXFGQwTpM0ljU4DWaer1tiI6y%2FKkpI2O9VSFo2lDpv%2Bo6HI3tMRIotKTXAVFxF3lXiACEtnDenE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76be0435d-FRA

GET
H2 200 legal2_pushdown.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 33 KB
6 KB 321ms
21ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N1508NA1TTBMQY5W
x-amz-id-2: nbkj7I/CA2U54ALiISbL9VgMzmc+ZCzrmuM+LxyhgWlGSNGQsf+vej5O9vzn4K+NJy+jmY9gMGM=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"19cfc2171558b226e44590caa30ac756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnyzKIaCG1js96GKIF5ZfDD8Y9ZSrzJ7WrJRWYj24UlD1cK3guvC%2BSa028%2Bv8x%2BUcdY3EcqwJQY8EH%2Fzp44cnPp1nbNfMkt6vSgoUul%2BPJbV6mTB9l5Xf15VGEgarMxrZP3Wg%2Bguyh%2F1dALM90Ts9Ic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76be2435d-FRA

GET
H2 200 legal2.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 33 KB
7 KB 320ms
20ms Image
image/svg+xml 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: N15DKQKY8110VS2C
x-amz-id-2: TkMKqIpFJGBJuT3N5ltKO8MbY4g3W1KF+NWvxEAar18dOMbNrG9Z777SWP3q4LxztR3upH/ubUQ=
last-modified: Mon, 06 Sep 2021 11:44:21 GMT
server: cloudflare
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfkCbTxeiiwm5LRavPRND3NrWxSd1BfXqHyHu04UguKZHLfx0f5P1E7qQLo7gO5xsy7%2FT8mDilqo8So%2FUuDac0WABb55YECIYl8C9RfLJpFO5EU6gO7dVsRohTZEiPJlssMo4yZDj3ybFlG1Y%2FlYegk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 699529a76be3435d-FRA

GET
H2 200 rocket-loader.min.js Show response
lp.clevernetwork.pt/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 7F69 12 KB
4 KB 313ms
13ms Script
application/javascript 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.clevernetwork.pt/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 11:33:04 GMT
server: cloudflare
etag: W/"61544ef0-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzPZngGQrQBVrKdftog0ZvaKi6YH9KVM49JFu7zJNdttBI6IEB%2Bk3E1RWpVvfrOEvZ7LlbL8W5FNG5l58oq6e6ylaAB8JQ90xvyBhdPUZJc3CcZWr4%2F7f6n3MCCTAxfPA7t0v%2FmxJUfaFeNQ%2BEwAKyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 699529a76be5435d-FRA
vary: Accept-Encoding
expires: Thu, 07 Oct 2021 08:08:33 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 4E6F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sgQGDd51RPVLfvbtF2QUbah3GcU

43 B
397 B

90ms
89ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sgQGDd51RPVLfvbtF2QUbah3GcU
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sgQGDd51RPVLfvbtF2QUbah3GcU
Date: Tue, 05 Oct 2021 08:08:33 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame 4E6F
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5ada25aa-422c-45fe-b816-a37eafa392ba

43 B
403 B

90ms
90ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5ada25aa-422c-45fe-b816-a37eafa392ba
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5ada25aa-422c-45fe-b816-a37eafa392ba
date: Tue, 05 Oct 2021 08:08:32 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame 4E6F 42 B
614 B 140ms
19ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:33 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

400

cs
cs.lkqd.net/ Frame 4E6F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=nIgm265F_no&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b30&u=nIgm265F_no&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308021123590

0
237 B

90ms
89ms

Image
text/plain

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308021123590
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 699529a768fec2d1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308021123590
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 4E6F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lkq
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAE_ZE7CuBAAABdMG-7c4w

43 B
394 B

90ms
90ms

Image
image/gif

146.20.132.189
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAE_ZE7CuBAAABdMG-7c4w
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAE_ZE7CuBAAABdMG-7c4w
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 404
Not Found librefranklin-regular.woff
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0 15755ms
880ms Font
text/html 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-regular.woff
Requested by: Host: controle.colunadofla.com
URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Origin: https://www.controle.colunadofla.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:47 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Link: <https://controle.colunadofla.com/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found librefranklin-bold.woff
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0 15757ms
880ms Font
text/html 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-bold.woff
Requested by: Host: controle.colunadofla.com
URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Origin: https://www.controle.colunadofla.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:47 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Link: <https://controle.colunadofla.com/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame ECD8 0
173 B 233ms
93ms XHR
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.controle.colunadofla.com

GET
H2 200 clever.de.min.js Show response
lp.clevernetwork.pt/bet365/js/ Frame 7F69 9 KB
4 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01054550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: V068EQSW8D64R35P
x-amz-id-2: V4m8WvCTG1ooj+8JUXSRIwCoUOgMy1nFRi4i3wNAhNw7AIQ3f1ozPKvk9yX6ECqZDVpE2v/r7dU=
last-modified: Wed, 08 Sep 2021 13:53:29 GMT
server: cloudflare
etag: W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35Ujjolubuh%2FJ9SwoLzwiI5W%2BV97%2BcWtrxrwGh3pWwLh5Ue5a7%2BIthljeyfuEkimVPSqy1ifLHrbPMdYAiNLpP1gry08cnjU2qvsS2M%2FQZOIXP2BIaxknXvyXE16ShmvbWfyrRV8OMDKIcOXVt2Y0uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 699529a78c50435d-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 7F69 8 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f22481805d6453a622982405799ccf298e0d6ca2f56a1b97712acb38ed9e330c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 07:27:57 GMT
server: ESF
date: Tue, 05 Oct 2021 08:08:33 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 7F69 27 KB
28 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c46d0e3cb160524457f4cab19d9597643cfbfd330fcd7c288b45bf3ba0a0efe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3430
cf-ray: 699529a7ed56435d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27972
x-amz-id-2: 2XlBRnsANmChJGewdQc/Z0Ncrnc2QjI4y4o9twvGKsRMgyIbKknCVtrBbcA3azLVlr+8TZ8DgFQ=
last-modified: Fri, 23 Jul 2021 09:53:52 GMT
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HwDMZ9EyVctk9oYSs1GBsiFAZjO93eADhAeeBNIoCjAEKBXJwTARIt7R21domyt3tuuKkBgwSAjyYgzd0Nf9ybTGYPbEr%2BjRRvc32x90BdovkyGmwL%2FqiHvIqVMfplAaXNhcCVJOYt4yfzEa1Idk4A%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: XZZ0JP312SECJGMK
cache-control: max-age=1800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 7F69 44 KB
44 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.clevernetwork.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 399842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:04:31 GMT

GET
H/1.1 200
OK Cookie set DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame B522 84 B
716 B 197ms
129ms Document
text/html 81.94.208.229
HLM2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01054550
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.94.208.229 Stoke-on-Trent, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software: /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Host: members.bet365.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lp.clevernetwork.pt/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lp.clevernetwork.pt/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Set-Cookie: Affiliates=Code=365_01054550%2f110160612252&prd=Sports; domain=.bet365.de; expires=Fri, 19-Nov-2021 09:08:33 GMT; path=/; secure ; SameSite=None session=processform=0; path=/; secure ; SameSite=None pstk=84F22EC7996C4ECBB47E060B6C8CE4F6000003; domain=.bet365.de; path=/; secure ; SameSite=None
Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Length: 177

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 42ms
10ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7997
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 track
t.teads.tv/ 23 B
113 B 120ms
59ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=2b1d267c-a6d4-4201-8f15-262fd9ef6172&pageId=120398&pid=130541&debug_metadata=IUC4zZVKGa&fv=876&ts=1633421313381&f=1&referer=https%3A%2F%2Fwww.controle.colunadofla.com%2F
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 108ms
47ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=2b1d267c-a6d4-4201-8f15-262fd9ef6172&pageId=120398&pid=130541&slot=corner&fv=876&ts=1633421313387&f=1&referer=https%3A%2F%2Fwww.controle.colunadofla.com%2F
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/120398/ 540 B
580 B 39ms
39ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/120398/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&page=%7B%22id%22%3A120398%2C%22placements%22%3A%5B%7B%22id%22%3A130541%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=2b1d267c-a6d4-4201-8f15-262fd9ef6172&formatVersion=876&env=js-web&netBw=9.6&ttfb=1522
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1ac43b2c55246a8cf8f89c794b443500321fdc5bd49e2b4cb79b498f4c1d87a

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.controle.colunadofla.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 364
expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame FFEA
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

50ms
17ms

Document
image/gif

3.123.90.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method: GET
:authority: a.vidoomy.com
:scheme: https
:path: /api/rtbserver/cookie?i=CEN&uid=no-consent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: image/gif
content-length: 43
content-encoding: none
set-cookie: vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNjAxMzMxM319fQ==; Path=/; Domain=vidoomy.com; Expires=Wed, 05 Oct 2022 08:08:33 GMT; Secure; SameSite=None
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Tue, 05 Oct 2021 08:08:32 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=623854746.65481341792828349.2769566
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=623854746.65481341792828349.2769566
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=6b35554d-efe9-5316-9355-cf9af209c79b&ssp=vidoomy&expires=30&user_group=1
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=3cb6e279-e868-4eb2-b8b1-163a5ee21b65

43 B
457 B

12ms
11ms

Image
image/gif

3.123.90.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=3cb6e279-e868-4eb2-b8b1-163a5ee21b65
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=3cb6e279-e868-4eb2-b8b1-163a5ee21b65
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2871146109
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2871146109
https://sync.1rx.io/usersync/tradedesk/815d072c-f784-42ac-8815-d6fae0a9b515
https://sync.targeting.unrulymedia.com/csync/RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-102c4f52-0b8e-4355-9dbf-ee8...
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003

43 B
375 B

9ms
9ms

Image
image/gif

3.123.90.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003
date: Tue, 05 Oct 2021 08:08:33 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX102c4f520b8e43559dbfee872a5f6f82003
content-type: text/html

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 174ms
143ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=615c0801884b6ff4&bkl=0&bl=1&pdt=2287&sid=615c0801884b6ff4&pub=wp-77a2f6f67f60c81fc59b1fb4cec581ba&rev=v8.28.8-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=colunadofla.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1633421313402&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-77a2f6f67f60c81fc59b1fb4cec581ba%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=615c08016307e26c000&skipb=1&callback=addthis.cbs.jsonp__5847641924303690
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6dd6279e7b58c14f5188f53d267a8346c48f951bd4c7b06c89da9e23054ff6c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4D91 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 3768 71 KB
26 KB 29ms
28ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 05 Oct 2021 08:08:33 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 25ms
9ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Tue, 05 Oct 2021 08:08:33 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2 200 cbf-DAVID-NASCIMENTOESPORTE-NEWS-MUNDO.jpg
colunadofla.com/wp-content/uploads/2021/10/ 45 KB
46 KB 117ms
115ms Image
image/jpeg 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/cbf-DAVID-NASCIMENTOESPORTE-NEWS-MUNDO.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: ae0cc3328fe085849a1ca870c8c13553bb970f90be6ed8f65dd1a2e21e6e551e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Sat, 02 Oct 2021 00:18:17 GMT
server: nginx/1.20.1
etag: "6157a549-b576"
vary: Accept, Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 46454
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 rodolfo-landim-presidente-flamengo.png
colunadofla.com/wp-content/uploads/2021/09/ 15 KB
16 KB 343ms
339ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/rodolfo-landim-presidente-flamengo.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 56269294a74beccf86c2f589a76b3161e6597d1fe38ee519855e4a46fd8025cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 28 Sep 2021 17:42:02 GMT
server: nginx/1.20.1
etag: "615353ea-3d62"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15714
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 marcos-braz-vice-presidente-de-futebol-dirigente-flamengo.jpg
colunadofla.com/wp-content/uploads/2021/09/ 26 KB
27 KB 345ms
341ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/marcos-braz-vice-presidente-de-futebol-dirigente-flamengo.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 0b2cccffee34763e2098355a832a0a0bf808614dec874f8ad4fbd09085e499dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Fri, 10 Sep 2021 12:44:02 GMT
server: nginx/1.20.1
etag: "613b5312-6986"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27014
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 filipe-luis-flamengo-x-athletico-pr-brrasileirao-campeonato-brasileiro.jpg
colunadofla.com/wp-content/uploads/2021/10/ 4 KB
4 KB 348ms
342ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/filipe-luis-flamengo-x-athletico-pr-brrasileirao-campeonato-brasileiro.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: a2c64fafd0b36fc7436dd8f156e520139b418a02d013c5cd4d2190964159d8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Mon, 04 Oct 2021 11:00:01 GMT
server: nginx/1.20.1
etag: "615adeb1-10e2"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4322
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 andreas-pereira-e-david-luiz.jpg
colunadofla.com/wp-content/uploads/2021/09/ 19 KB
19 KB 348ms
343ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/andreas-pereira-e-david-luiz.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: daabe2816ab9e3bfab4f5643b1ab870282b2c8f56cd2a41533bdc8ecf2eebc9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Mon, 27 Sep 2021 21:50:02 GMT
server: nginx/1.20.1
etag: "61523c8a-4b76"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19318
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 galvao-bueno-sportv-bem-amigos.png
colunadofla.com/wp-content/uploads/2021/10/ 16 KB
16 KB 458ms
453ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/galvao-bueno-sportv-bem-amigos.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 4e6db911473412bb0f092999ad6c7cd5317bbaf7614025103232ebecbc24b114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 05 Oct 2021 04:34:02 GMT
server: nginx/1.20.1
etag: "615bd5ba-3e0a"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15882
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 Rodrigo-dunshee-1.png
colunadofla.com/wp-content/uploads/2021/09/ 37 KB
38 KB 459ms
454ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/Rodrigo-dunshee-1.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 6b5058de97eedafc599981ed80b1a746df123bc45956e1e623243d81c8274a30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Wed, 08 Sep 2021 02:40:02 GMT
server: nginx/1.20.1
etag: "61382282-950e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 38158
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 andreas-pereira-x-barcelona-guayaquil.jpg
colunadofla.com/wp-content/uploads/2021/09/ 22 KB
23 KB 462ms
457ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/andreas-pereira-x-barcelona-guayaquil.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 609c5a3a3fce03269dc554efc1955e1ad0177b6a7a670feb1ac43751b8a27084

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Thu, 23 Sep 2021 17:14:02 GMT
server: nginx/1.20.1
etag: "614cb5da-593e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 22846
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 sede-gavea-flamengo-orcamento.png
colunadofla.com/wp-content/uploads/2021/10/ 452 KB
453 KB 464ms
459ms Image
image/png 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/sede-gavea-flamengo-orcamento.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 30efed2bbd12e53816d5af90fa49a01c0ea3db6cd51a7859f1d9ff8638cc390a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 05 Oct 2021 02:47:07 GMT
server: nginx/1.20.1
etag: "615bbcab-70f3a"
vary: Accept, Accept
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 462650
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 Design-sem-nome-7.png
colunadofla.com/wp-content/uploads/2021/10/ 427 KB
427 KB 699ms
694ms Image
image/png 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/Design-sem-nome-7.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: ba46b3a0533d214719b029913ecca02becef1d601975ce1f0d93ac220f849f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Sun, 03 Oct 2021 23:54:32 GMT
server: nginx/1.20.1
etag: "615a42b8-6aa02"
vary: Accept, Accept
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 436738
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 Design-sem-nome-16.png
colunadofla.com/wp-content/uploads/2021/10/ 15 KB
15 KB 698ms
694ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/Design-sem-nome-16.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 60d6a3518ce4eb0e97148849dc794715178062778e25c2587352dab1dccdb20c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 05 Oct 2021 00:24:02 GMT
server: nginx/1.20.1
etag: "615b9b22-3c62"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15458
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 trofeu-brasileirao-2021.png
colunadofla.com/wp-content/uploads/2021/09/ 12 KB
13 KB 699ms
694ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/trofeu-brasileirao-2021.png
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 513c4b7e4a3f9cecdc6a530d6b9cfb21400db2eb0133b6650b3fcce59d7b0115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Thu, 09 Sep 2021 15:44:02 GMT
server: nginx/1.20.1
etag: "613a2bc2-3124"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12580
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 everton-ribeiro-x-athletico-pr.jpg
colunadofla.com/wp-content/uploads/2021/10/ 52 KB
52 KB 699ms
694ms Image
image/jpeg 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/everton-ribeiro-x-athletico-pr.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 9dda8e4ab37002590b2d81acaa1e8d8132304879024d14d194bc9eac1dc60a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Mon, 04 Oct 2021 22:18:56 GMT
server: nginx/1.20.1
etag: "615b7dd0-cef0"
vary: Accept, Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 52976
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 arrascaeta-gabi-e-andreas-x-cap.jpg
colunadofla.com/wp-content/uploads/2021/10/ 31 KB
31 KB 699ms
694ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/arrascaeta-gabi-e-andreas-x-cap.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: a067b116e6ec5e0cca8a6942f59d0e058d99d7c75518afac83412511332139de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Sun, 03 Oct 2021 19:52:02 GMT
server: nginx/1.20.1
etag: "615a09e2-7cf2"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 31986
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 piris-da-motta.jpg
colunadofla.com/wp-content/uploads/2019/09/ 23 KB
23 KB 699ms
695ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2019/09/piris-da-motta.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: a44a2aa2679536e5054d439f2a19c66221f2ba7a36ce075a2f18498dd42b8826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Fri, 31 Jul 2020 05:51:13 GMT
server: nginx/1.20.1
etag: "5f23b151-5a64"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23140
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 rodolfo-landim-flamengo-gabigol-titulo.jpeg
colunadofla.com/wp-content/uploads/2021/09/ 41 KB
41 KB 699ms
695ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/rodolfo-landim-flamengo-gabigol-titulo.jpeg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 9e4e8cc9355e82e3d73d85f6395854b4094bf1824f1a686054c62240de65ffcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Thu, 02 Sep 2021 14:28:02 GMT
server: nginx/1.20.1
etag: "6130df72-a44c"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 42060
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 avatar_user_26946_1630700499-32x32.jpg
colunadofla.com/wp-content/uploads/2021/09/ 350 B
560 B 699ms
695ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/avatar_user_26946_1630700499-32x32.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 96bfc067d734b5468e5b3b7ae858e2bcd6a4c37db113c8016df95ced00f99c4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Fri, 03 Sep 2021 21:00:01 GMT
server: nginx/1.20.1
etag: "61328cd1-15e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 350
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 jorge-jesus-flamengo-beira-do-campo-maracana.jpg
colunadofla.com/wp-content/uploads/2021/10/ 147 KB
147 KB 699ms
695ms Image
image/jpeg 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/10/jorge-jesus-flamengo-beira-do-campo-maracana.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: c8ebe657ab88be7676257d84f5a5205a3f8675d46b6010d81ab51e33a40e4f0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Sat, 02 Oct 2021 11:35:29 GMT
server: nginx/1.20.1
etag: "61584401-24b07"
vary: Accept, Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 150279
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2

200

twitter.avatar.jpg
i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/
Redirect Chain

https://secure.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

11 KB
11 KB

25ms
8ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5467072b92cb3023248ff3b84625450d6b84f753cc7ffe224a7a3bfb35229e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 05 Oct 2021 08:08:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 15:33:45 GMT
server: nginx
etag: "e05638165af60b5b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg>; rel="canonical"
content-length: 10876
expires: Sun, 06 Nov 2022 03:33:45 GMT

Redirect headers

x-nc: HIT hhn 1
date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/f1ca89661ec4c5a27512290973aa05a3?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g>; rel="canonical"
content-length: 0
expires: Tue, 05 Oct 2021 08:13:33 GMT

GET
H2 200 asseff-walter-monteiro-divulgacao.jpg
colunadofla.com/wp-content/uploads/2021/09/ 27 KB
27 KB 698ms
695ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/asseff-walter-monteiro-divulgacao.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 52dba27ffb7ff729e24a5d207393e08de638336fa062c5363b4d74ab9dae142a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Sat, 25 Sep 2021 18:14:02 GMT
server: nginx/1.20.1
etag: "614f66ea-6afc"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27388
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2

200

twitter.avatar.jpg
i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/
Redirect Chain

https://secure.gravatar.com/avatar/a9173cc8da063b2a64ee78b7cd191bb8?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

11 KB
11 KB

24ms
7ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5467072b92cb3023248ff3b84625450d6b84f753cc7ffe224a7a3bfb35229e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 05 Oct 2021 08:08:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 15:33:45 GMT
server: nginx
etag: "e05638165af60b5b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg>; rel="canonical"
content-length: 10876
expires: Sun, 06 Nov 2022 03:33:45 GMT

Redirect headers

x-nc: HIT hhn 1
date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/a9173cc8da063b2a64ee78b7cd191bb8?s=32&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g>; rel="canonical"
content-length: 0
expires: Tue, 05 Oct 2021 08:13:33 GMT

GET
H2 200 jogadores-atletas-elenco-gol-flamengo-x-barcelona-de-guayaquil-libertadores-comemoracao.jpg
colunadofla.com/wp-content/uploads/2021/09/ 52 KB
52 KB 698ms
696ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/jogadores-atletas-elenco-gol-flamengo-x-barcelona-de-guayaquil-libertadores-comemoracao.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 31c0a5f63a3740f75d0311706ea855f7be0feff9fbce3552f7d70d2b1d48d567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Thu, 23 Sep 2021 14:36:02 GMT
server: nginx/1.20.1
etag: "614c90d2-d0b8"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 53432
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 asseff-ricardo-landim-walter-divulgacao.jpg
colunadofla.com/wp-content/uploads/2021/09/ 23 KB
23 KB 698ms
696ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/09/asseff-ricardo-landim-walter-divulgacao.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 7d2388aa0bdfafcea73af4e28598c410c5c6dc14a3226dc07a04d4705ddb69f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Fri, 24 Sep 2021 19:08:01 GMT
server: nginx/1.20.1
etag: "614e2211-5a8a"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23178
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 howkxhmavjkmaxresdefault.jpg
colunadofla.com/wp-content/uploads/2021/03/ 132 KB
132 KB 698ms
696ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/03/howkxhmavjkmaxresdefault.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 24a78036ed68ea164cea7269dfc31e800958d8f41b14ce8327401d46b780180a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 05:14:06 GMT
server: nginx/1.20.1
etag: "603dc99e-20f56"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 134998
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 mkxn7gd0ti8maxresdefault.jpg
colunadofla.com/wp-content/uploads/2021/03/ 61 KB
62 KB 698ms
696ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/03/mkxn7gd0ti8maxresdefault.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 621dbd45f2d9a68f84073f5235aeafd20f841b604d3e9a27fb7ad21cae919ab9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 05:16:44 GMT
server: nginx/1.20.1
etag: "603dca3c-f57e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 62846
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2 200 vv2iomwxznemaxresdefault.jpg
colunadofla.com/wp-content/uploads/2021/03/ 69 KB
69 KB 698ms
696ms Image
image/webp 190.89.239.39
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colunadofla.com/wp-content/uploads/2021/03/vv2iomwxznemaxresdefault.jpg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.39 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us130.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 828f1527140bf933d5b8cfb7b6e54e9b9d8bc9bb8583a9b1013f752d5a4c4a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 05:14:16 GMT
server: nginx/1.20.1
etag: "603dc9a8-11392"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 70546
expires: Tue, 12 Oct 2021 08:08:33 GMT

GET
H2

200

twitter.avatar.jpg
i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/
Redirect Chain

https://secure.gravatar.com/avatar/?s=48&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g
https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

11 KB
11 KB

24ms
8ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5467072b92cb3023248ff3b84625450d6b84f753cc7ffe224a7a3bfb35229e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 05 Oct 2021 08:08:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 15:33:45 GMT
server: nginx
etag: "e05638165af60b5b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg>; rel="canonical"
content-length: 10876
expires: Sun, 06 Nov 2022 03:33:45 GMT

Redirect headers

x-nc: HIT hhn 1
date: Tue, 05 Oct 2021 08:08:33 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i1.wp.com/colunadofla.com/wp-content/uploads/2016/12/twitter.avatar.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/?s=48&d=https%3A%2F%2Fcolunadofla.com%2Fwp-content%2Fuploads%2F2016%2F12%2Ftwitter.avatar.jpg&r=g>; rel="canonical"
content-length: 0
expires: Tue, 05 Oct 2021 08:13:33 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 17ms
16ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 21
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 699529a8ebb43258-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 08 Oct 2021 08:08:33 GMT

POST
H/1.1 200
OK / Show response
www.controle.colunadofla.com/ 0
358 B 218ms
218ms XHR
text/html 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.controle.colunadofla.com/?wc-ajax=get_refreshed_fragments
Requested by: Host: controle.colunadofla.com
URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/main.js?x26453&ver=1631466460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.controle.colunadofla.com
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: serverdoID=3nu1ohkq4ifhvsnf2phhhu0b1d; dwqa_anonymous=PbEN6k5bjybglpDDryb3R0L55GnCpCFepI6TN2tguC4; _ga=GA1.2.50889100.1633421312; _gid=GA1.2.1481962228.1633421312; _gat_gtag_UA_60738862_1=1; __gads=ID=5f96f60040420537-22839f6ee7ca0034:T=1633421312:RT=1633421312:S=ALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg; clever-last-tracker-21831=1; clever-counter-21831=0-1; __atuvc=1%7C40; __atuvs=615c08016307e26c000
Connection: keep-alive
Content-Length: 18
Pragma: no-cache
Host: www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.controle.colunadofla.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.controle.colunadofla.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 67ms
55ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=130541&pageId=120398&auctid=2b1d267c-a6d4-4201-8f15-262fd9ef6172&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=7orizEIsV_rmpaK_yX-r2JDr&cts=1633421313414&cs=314906296975511278305&fv=876&ts=1633421313437&referer=https%3A%2F%2Fwww.controle.colunadofla.com%2F
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 web Show response
onesignal.com/api/v1/sync/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/ 3 KB
2 KB 32ms
30ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

472e3805b83db3f46b20bb5bad8ac9a00bb625c38e5c46c6292f2dd764e4a197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3415
cf-polished: origSize=3136
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3e26bc48-86ca-4bf3-bcca-d13f94aac358
x-runtime: 0.028217
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b5bc9db2a201ffabb6b58186c5737b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 699529a93c3b3258-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 05 Oct 2021 09:08:33 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
731 B 108ms
108ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C8633563835348150615212447%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1633421313452031-335
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
558 B 478ms
426ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=18746200&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-108-235.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
150 B 37ms
27ms XHR
text/plain 3.123.90.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1477461595&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F93.0.4577.63%20Safari%2F537.36&l=EN&dt=2&c=DE&pid=52453&sid=&sname=&d=colunadofla.com&sp=https%3A%2F%2Fwww.controle.colunadofla.com%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
date: Tue, 05 Oct 2021 08:08:33 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
731 B 129ms
113ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C38353481506152124471399275364%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1633421313408056-401
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 146ms
43ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&cb=374013946&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C3835348150615212447592067697%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:33 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000345
X-SpotX-Timing-SpotMarket: 0.011768
X-SpotX-Timing-Page-Mux: 0.000823
X-SpotX-Timing-Page-Require: 0.000287
X-fe: 141
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
Content-Length: 77
X-SpotX-Timing-Page: 0.018093
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000272
Last-Modified: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.011768
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
X-SpotX-Timing-Page-Misc: 0.004552
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
466 B 503ms
280ms XHR
text/xml 2600:1f18:612b:4200:8560:f9d7:993:6d2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12280130013835348150615212447%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8560:f9d7:993:6d2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
558 B 457ms
405ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1353700469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-108-235.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
731 B 128ms
114ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C3835348150615212447723290012%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:33 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1633421313495013-402
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
558 B 473ms
422ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1992020112&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-108-235.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1001 B
880 B 49ms
10ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C15500611233835348150615212447%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 29d2a66fa7056c4b304ac996819d251099d9d70a8df1b4aff9d678fde6686072

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 613
expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
558 B 277ms
212ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1364708805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-108-235.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 321ms
20ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1210
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 699529ab6f863258-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 08 Oct 2021 08:08:33 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8061e871cbd39e525708b70174e34b3bf92b6de634a83fefb7344dcc7d70ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6246
x-xss-protection: 0
server: cafe
etag: 9743552302754032231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:52:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 318ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.controle.colunadofla.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.controle.colunadofla.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
10 KB 169ms
168ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=site%3Dcoluna_do_fla_multisize%26place%3Dinterstitial&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313709&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adks=140645004&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

641fcb81251d378baea36fee684c1cff85ad16b243e4f1af537d03a804e49772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10656
x-xss-protection: 0
google-lineitem-id: 5702614009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349066894
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C359 6 KB
4 KB 54ms
16ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021092301.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 17ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021092301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d265464ffea3c44cb0dd5d5c38da3019243e847b99c7f5c51aa1a5904f21d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 346ms
346ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_vertical_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313719&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=275&adys=1523&adks=4131466855&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x0&msz=360x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d522dbb0c87c520a2a624752fe0b55e174540ca3251430853a15aee73143b181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10640
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 458ms
458ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_ros_footer_fix&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=refresh%3Dtrue&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313724&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=3299812059&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=516&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4170a50fbf91ad925f7e8c8d0198d27d268facb8f7ec8190ac268d2a973f330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10236
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 617ms
616ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_vertical_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313727&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=275&adys=2234&adks=2403521121&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x331&msz=360x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c144044110462f7ca2894d7fa39e3628e67d23da928a062c9c8a642c8f92dd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10179
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 749ms
748ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_destaque_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313729&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=534&adks=1209745450&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x250&msz=350x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9730aa537884d959957972485bf021e66c6f8cdd9eb9b2957b7f105c003d3f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10485
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1411ms
1410ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_latera-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313732&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=1055&adys=2445&adks=507779956&ucis=6&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=516&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e032db93b6228dffbea52f4e8395e7f7e3ae8a27998c54569c4304472064acae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10055
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 882ms
882ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_destaque_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&prev_scp=refresh%3Dtrue&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313735&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=1055&adys=1492&adks=2954596033&ucis=7&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=516&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c053ca0165c4ca91bb665b05651ce13b1cbbb039c634db48d96e993b7dbab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10355
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
270 B 1073ms
1073ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_destaque_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313737&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=542&adks=3938845877&ucis=8&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x0&msz=350x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0222eb38b10e08128d5a3b6454b12a0e8bded1e5ccbce6969f5768dfb516a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1918ms
1918ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_vertical_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313740&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=275&adys=3661&adks=592670616&ucis=9&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x311&msz=360x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

451d8c94dc049c5aa94abb160b4555aa353745dfe5ce3e7ccb0250698f60c91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9979
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 1610ms
1610ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313742&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=3987&adks=405530624&ucis=a&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x6002&msz=750x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9125b934d8270455bde86a51fdb65a216dfa9561c732b2d615d0ded4979ed75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10326
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1767ms
1767ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4294326891432275&correlator=3042577051974875&output=ldjh&impl=fif&eid=31060439&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=21622511100%3A22515816402%2Ccoluna_do_fla_home_vertical_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D5f96f60040420537-22839f6ee7ca0034%3AT%3D1633421312%3ART%3D1633421312%3AS%3DALNI_MYAhODkag3FPWNGvIN_2EUziCMAAg&bc=31&abxe=1&lmt=1633421313&dt=1633421313744&dlt=1633421309793&idt=3861&frm=20&biw=1600&bih=1200&oid=2&adxs=275&adys=2938&adks=654762922&ucis=b&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x331&msz=360x0&ga_vid=50889100.1633421312&ga_sid=1633421312&ga_hid=2122206793&ga_fc=false&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

ffa581e5f4cbedc564bef8590f653abec2bd1532c0b046d441bf0099a0406ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9796
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found alegreyasanssc-blackitalic.woff
controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 0
0 15570ms
680ms Font
text/html 190.89.238.21
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/alegreyasanssc-blackitalic.woff
Requested by: Host: controle.colunadofla.com
URL: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.21 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br87.serverdo.in
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: https://controle.colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26453&ver=1631466459
Origin: https://www.controle.colunadofla.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:48 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.controle.colunadofla.com
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Link: <https://controle.colunadofla.com/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 icon Show response
onesignal.com/api/v1/apps/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/ 44 B
622 B 333ms
308ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: accdf0fb-d276-4b61-9783-2d9940900874
x-runtime: 0.006011
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 699529abce7dc2d1-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 05 Oct 2021 10:08:34 GMT

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 396E 6 KB
3 KB 311ms
10ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
105ms Preflight
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.controle.colunadofla.com

POST
H2 200 t Show response
t.lkqd.net/ Frame ECD8 0
173 B 126ms
126ms XHR
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_68c68ea6.js Show response
vpaid.springserve.com/production/ Frame E69C 491 KB
87 KB 76ms
20ms Script
application/javascript 2600:9000:206f:fc00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fc00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:36:21 GMT
content-encoding: br
last-modified: Wed, 22 Sep 2021 17:34:44 GMT
server: AmazonS3
age: 1089134
etag: W/"c41b3f31e617ac05abbd6b79785bd64a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: MvGQtkuEGM0oJtNqUK1v-ZZs3ZHhHl8D8yhHr8QkMiyP-4ZmWLiPcw==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 t Show response
t.lkqd.net/ Frame ECD8 0
173 B 107ms
107ms XHR
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.132.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.controle.colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.controle.colunadofla.com

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10D6 6 KB
3 KB 124ms
10ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 47ms
47ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 05 Oct 2021 08:08:34 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame E69C 972 B
861 B 22ms
22ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30149844c2958df3aed6a4d2a0b299636fd49696f0aaf31ca5f328b4cd6a7258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 594
expires: Tue, 05 Oct 2021 08:08:34 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame E69C 0
229 B 215ms
214ms XHR
application/json 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-108-235.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.controle.colunadofla.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame F38E 152 KB
36 KB 33ms
32ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CE3 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 396E 4 KB
731 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 07:25:06 GMT
server: ESF
date: Tue, 05 Oct 2021 08:08:34 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4438 22 KB
7 KB 56ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4438 144 KB
50 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6afd58496691b9b34dd37e23aadfdfd3f89888a590fdac3b6ef57e654934354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51130
x-xss-protection: 0
server: cafe
etag: 9029773691706613624
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4438 122 KB
38 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/elements/html/ Frame 396E 17 KB
8 KB 63ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea7f502a5febe8bfed642209fbbd593d544056f327544895cf5a7a18449ae53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 7476778881561239130
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 10D6 0
0 33ms
31ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT-uXAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPQBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7DuWyU6Y-zcQt7HUDlkZjHtyDuAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=mwODDErKQhI
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 10D6 0
0 63ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k2xrdqtby6jetreej9gwem10qmn7pkawwt1y91staa6t3448vh3bskm9x6t0xk3msqw2wne1120p22n06myx2maymwzar4cerb9c3xmjxs0cytnvyxp10d3m8xj597h7y5fhgebj8hhmvdsjxvp9htnqsp38rmv11tdvghahvz16addjdf5wa1spqk5e4d7j8detcqahdqsj50br35f7kqs000m5q1ahcgpt9dw7fs93d9wvmzgwse0f4qty0knbzbspevcrz15259bchdra7b4n59vex2tp7w7gpeka24jq6dbvmh8c13qbt6d9dkpacryk4sc64xb4m2g1gcveqb4hfw2gzfqemvwgndfv2j80fytzesbv1fwjm1mcz7vgdw4s4n6jw&b=YVwIAQANSuoIu-VnAAwdkWsbtYxn0PeWCNhcMg
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1ACF 2 KB
3 KB 68ms
26ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c6a32bea1b26750482a8b64533b660c39e3d86a5266b5348a875e09f185ce2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529ae7d89145a-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 10D6 3 KB
1 KB 66ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD0D 1 KB
868 B 25ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83377
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10D6 122 KB
37 KB 84ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 10D6 14 KB
6 KB 60ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 10D6 0
0 30ms
26ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0Zqu5n3zkGyAlVoSVwKwyOhCMQa1hhpBKtB66TPDEYCPQ2etnnVPZGd0jSHEeznu3LUY3zefzaW1_2ICRDXXOm2t0jg
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 10D6 22 KB
7 KB 64ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7CE3 0
0 21ms
20ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ-ObAghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPIBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIcAN9k9xhrw3TM6Nrjf1FNoyT7gBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=005PBuhhhKA
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7CE3 0
0 46ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hc0k4btwze931z8jg15fcr4jp5fdskj7cv910xfjtet55r61xgz6e47dffazx0vv24jypn1v7f9q3vhyjgyrzdnynhy6mgwaamzemdnar1e4nryrakpgd9wvahz2y0mk3jm618q8av6w5b4q9b4aqrkw0h79zm74rt749r6ft2909g1w4jg59k248v5s8ef5zjfnyasy34esfzcw57txw3c5bpyakqb5wdn0a6h52cm3jrzq1vewbd52qn2m9g9cz4mfpktq8s77fzdafc471636rb4c3hkqg07myawm3zfq6t6vbs83bbk7p0hwxesqnj6xp7sfk4wszw014yndxnb8spbz0bpnm2vyj4mt5pz16j3jvy736gc9wfrwqjct6jf2y80vr&b=YVwIAgAA2KwIu-NmAA7COJfeANe8SUvHQlOGOA
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame DE07 2 KB
1 KB 53ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf804923334905c4f82300e1662693acc28d24428df0479f4e147d5daed342b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529ae7d8a145a-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 7CE3 3 KB
1 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E973 1 KB
783 B 12ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83377
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CE3 122 KB
37 KB 80ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 7CE3 14 KB
6 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7CE3 22 KB
7 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2D75 38 KB
14 KB 20ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=30264
expires: Tue, 05 Oct 2021 16:32:58 GMT
date: Tue, 05 Oct 2021 08:08:34 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F38E 38 KB
14 KB 22ms
11ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:07:52 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-974e-5c4c7cb53d8cb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=30264
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13946
expires: Tue, 05 Oct 2021 16:32:58 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AD0D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1&google_push=AYg5qPK0soGDO5IkrkeF5XTcX1iO18cyqxzgpObwDQ8sZxSN6bTU17JhyCqE7VaVgTFK9WFG_RqcY5UC2mfz96M_JNMROjof2UFh2g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM4NTM3Mzk0NjE5NTIxNTc5NQ==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1

43 B
407 B

49ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHOUsZTTFAyiFtaGfU8yrUE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame AD0D 35 B
463 B 38ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKpSEZsOWXUum9ZjM-o5K5w&google_cver=1&google_push=AYg5qPJgSj620sliQhB9U4SbP2ey4w1lUAWC0kYN8WFEuBknQW2mH7L-6cV5rGADLu0yYJbWByPfCBNMfzHq45JofoH4WTf1wujx

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD0D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL7OPRyFUK-tqrwGr-B6xTc&google_cver=1&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7F...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTQ5MTEyNDIyNzY2ODEyMQ%3D%3D&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7Fyw0X...

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTQ5MTEyNDIyNzY2ODEyMQ%3D%3D&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7Fyw0XC4SG5qp_Abmg

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTQ5MTEyNDIyNzY2ODEyMQ%3D%3D&google_push=AYg5qPLlVd7YD09kW32CX-xPwDKwAhWwc6sWJW3zIgeE0VO7GJd-qV05LwcxdVpL-_yrUvUkwgRVLoYD55Ei7Fyw0XC4SG5qp_Abmg
Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD0D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK-dW-tdF6G1ymNLPN1pfw&google_cver=1&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=05f57a18-71d3-4869-9f02-2e8edca86c2e&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9f7iNiV_m&google_hm=PLbieehoTrK4sRY6XuIbZQ==

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9f7iNiV_m&google_hm=PLbieehoTrK4sRY6XuIbZQ==

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKQg5vKXxxmH342ISs9TBPeZTmMfYI3CKxvWGfHFYZSfNFrv7OQ2nZytn_o6lgzrDFuuEYwZ-YVx3TBnUyrQxn9f7iNiV_m&google_hm=PLbieehoTrK4sRY6XuIbZQ==
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD0D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcG6XgNgYJx8_7PlcpAmTiMVCOdpe2cNPN2kjlVYU3Ye6fmMy6d9O0_d6p3yKjpKIc9_ZpGKue0qrWK1Oqv-8ZAGr6Zu-y

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcG6XgNgYJx8_7PlcpAmTiMVCOdpe2cNPN2kjlVYU3Ye6fmMy6d9O0_d6p3yKjpKIc9_ZpGKue0qrWK1Oqv-8ZAGr6Zu-y
date: Tue, 05 Oct 2021 08:08:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD0D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZt...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZt...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg&google_hm=5c790f00c3f65abc8574...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg&google_hm=5c790f00c3f65abc857488c6

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIHna2NEfj825sbsXVdWiwfURQfpLXu1pGv0qndXtv2X5gtm8dui8h4LOg_-VjOYLZXbWem_EjGTLztiPyZtFnUhgVRpW9TIg&google_hm=5c790f00c3f65abc857488c6
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD0D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.targeting.unrulymedia.com/csync/RX-102c4f52-0b8e-4355-9dbf-ee872a5f6f82-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKnLBS81Es3qu5p_1FJE...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ&google_hm=AxAsT1ILjkNVnb_uhypfb4I

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ&google_hm=AxAsT1ILjkNVnb_uhypfb4I

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKnLBS81Es3qu5p_1FJE82icRpTiLehDedMzfb0XBHlp_ezOCcQJVHKTAl4cvcL9uTNf8Or4VHWX6KoCfbAMt8v2rsXjNJnGQ&google_hm=AxAsT1ILjkNVnb_uhypfb4I
date: Tue, 05 Oct 2021 08:08:34 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX102c4f520b8e43559dbfee872a5f6f82003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD0D 0
12 B 32ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxOJL7fUCJ8PChYH8X8MquvPCiGXgy4bu4xtIVFTOK9FUhL6jom7PkAkvXjlXmOcjFLcHG

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2D75 2 KB
3 KB 94ms
26ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36377845&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9be499d1bd180a6c21daeb5c572e3be91e26fd62c1b2cb4fcb440c4e19a15835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 40ms
39ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ Frame 4438 257 KB
95 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c067f7ae932ca1f7630bd1a14cc1b196e500ea884ff11b89b0cb8116202ec6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97185
x-xss-protection: 0
server: cafe
etag: 18119814467345886440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E973 0
104 B 182ms
75ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGLNe69p2k5qGu5crO-N6Mc&google_cver=1&google_push=AYg5qPJKJCwOVPPfn_JIgbuWIj6OYDTXd8kP6zXHKC033YA9EuGbYTlVj_nSnoU21M9eTrWUwmRarz9LqOn-Cvfj0adkmn9dwIU
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame E973 43 B
475 B 469ms
168ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESELM5UJoQxzxy8K6qhZzbnbM&google_cver=1&google_push=AYg5qPJ31ofrpvhMGzGuppAHn5WbdLuuxzd76FDe0RtHeLGsaBB0fbplFpazcGCqYmpjVBTVU1pJowSknuJWu2OV4boNyLQ9SmaO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ31ofrpvhMGzGuppAHn5WbdLuuxzd76FDe0RtHeLGsaBB0fbplFpazcGCqYmpjVBTVU1pJowSknuJWu2OV4boNyLQ9SmaO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 699529b0fd6cc2d1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E973
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfq...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkyNDg4NzM2OTU0MTQ0MTk4MQ&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN1...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkyNDg4NzM2OTU0MTQ0MTk4MQ&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-FibWJpdJ1F3He_MgvKc

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkyNDg4NzM2OTU0MTQ0MTk4MQ&google_push=AYg5qPLxcr8zqHczpXQKTBG5D8Ij-hcSnnnEOV7Y_1lwammBMLxmCJm-hxXfyNNgW3q2UzXEqfqiN11-FibWJpdJ1F3He_MgvKc
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E973
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d&google_hm=b4c40d39cde7287318b09793

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d&google_hm=b4c40d39cde7287318b09793

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgGulAOaO3Cdn3p1feYcqHWm7tUupERVMGXgFqbBLMDH9HhFZT1Lnn0W1EIXxQddJEGXsry8_2S_Nydh9jX-zT7j52s67d&google_hm=b4c40d39cde7287318b09793
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E973
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILVqs_AeUrb6ZV5_rpgoHo&google_cver=1&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIFwVWUld2eBM5JcaHYEK5pJHNQ2nFIO-N7OVtyo-qcZKLmZVlQ247TU_wiOiw3prI51kcA8kG8YuzmthurT0bNBwjmQ9w
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E973
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECy5Ru1sburnTR7M5300rOg&google_cver=1&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WA...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WAoMtTy5_dZfDJvJyQCd7EZb&google_hm=MzI1OTQ4OD...

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WAoMtTy5_dZfDJvJyQCd7EZb&google_hm=MzI1OTQ4ODg1NDg0MDg4NzUyNg%3D%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDrykFABiMa7AyldCY1Nqd8LmFqFeQJvBquMf1WuaqeBxirsyrpLVstSAKnCubY0BLq4V5WAoMtTy5_dZfDJvJyQCd7EZb&google_hm=MzI1OTQ4ODg1NDg0MDg4NzUyNg%3D%3D
date: Tue, 05 Oct 2021 08:08:34 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E973 0
12 B 15ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBPiMlBdPoqhHwQvaaK3mAimWueRvhezXms_lin8E_uwFNT9EEbODBbNtZGAP9pQ

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E94B 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 1ACF 64 KB
8 KB 338ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020793
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b15946145a-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 1ACF 36 KB
13 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49384
x-guploader-uploadid: ADPycds0dusQvG6yDjYYplJNEwILXGU2-moqDdKDFu_zJk864KEvamD29Gk0RJHg0GMr4gNJ9f3uH1ClnNt0lyjz9rs8ZzPzCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAsbea8lyTxnKNt5eerI34kuL57o1BqJ71w14RWtoUSTDPBghnE7vFP%2BgFQ520aiZYFmMasF0gF21dOPjSr5Ns2zTwGzH4fmWcGW5yUqXQdfh%2Bfe5YHzkvmCdWieA%2Bh3o%2BQKdR8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 18:25:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 699529af7f03145a-FRA
cf-bgj: minify

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame DE07 64 KB
8 KB 334ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020793
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b1594a145a-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame DE07 36 KB
12 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49384
x-guploader-uploadid: ADPycds0dusQvG6yDjYYplJNEwILXGU2-moqDdKDFu_zJk864KEvamD29Gk0RJHg0GMr4gNJ9f3uH1ClnNt0lyjz9rs8ZzPzCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ero5xklCwB7mJqz0rMM83J24SGmadkhMyxDJhIHrDDTNpmBbHEg2lCMDhzyrUD6VWPx4Iwi%2Faqnz2YJdDL2XcwlPKfZJWIfGYyhyEbh5ROFV7%2B7Cc6T7aCA8QdwXbdXWKTfP7zM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 18:25:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 699529af7f0b145a-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 10D6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a124911556cdac45139ae9395f7d64b1a9511cf84fcd8ecb6fe1de579f97bbae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7CE3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cedc8a7312fe47266003247e94f6df672abd1f58d34f5cee4237751cfe425a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 369B 35 B
467 B 21ms
20ms Document
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=6215866179648308132; expires=Sat, 04 Dec 2021 08:08:34 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7E9C
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626945708281059440

42 B
210 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626945708281059440
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626945708281059440
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9; chkChromeAb67Sec=1; DPSync3=1633478400%3A174%7C1634601600%3A197_219_201; SyncRTB3=1634688000%3A35%7C1634601600%3A220_161_7_56_54_21_13_3_8; KRTBCOOKIE_80=22987-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&16514-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&23025-CAESEAWa6B7GQPJmsscKLMJEO0U; PUBMDCID=3; KRTBCOOKIE_153=19420-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO&KRTB&22979-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO; PugT=1633421314
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-2626945708281059440; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 04-Nov-2021 08:08:33 GMT; path=/ PugT=1633421313; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 04-Nov-2021 08:08:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 03-Jan-2022 08:08:33 GMT; path=/
x-lat: amspug019:0:399
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626945708281059440
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5FB2 43 B
334 B 61ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 05 Oct 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261929

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

11ms
8ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=164201
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 07 Oct 2021 05:45:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca9615c-0802-4f00-9e7d-f7378455a273

0
260 B

64ms
13ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca9615c-0802-4f00-9e7d-f7378455a273
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca9615c-0802-4f00-9e7d-f7378455a273
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 2D75
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a8de634a59b79372e95e469e9f5684cf

35 B
247 B

15ms
15ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a8de634a59b79372e95e469e9f5684cf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-1.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a8de634a59b79372e95e469e9f5684cf
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENGQjY5QjQtRUQxQy00MDg2LTg3RDMtNjFDQjlBNEVGMUU5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

64ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:537
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWa6B7GQPJmsscKLMJEO0U&google_cver=1

42 B
592 B

62ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWa6B7GQPJmsscKLMJEO0U&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:341
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWa6B7GQPJmsscKLMJEO0U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2D75 43 B
612 B 56ms
13ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 04 Oct 2021 08:08:34 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:daa7615c-0802-4200-9791-2340bdd35557&gdpr=0&gdpr_consent=

42 B
341 B

58ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:daa7615c-0802-4200-9791-2340bdd35557&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:1064
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:daa7615c-0802-4200-9791-2340bdd35557&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6578588437221448683

42 B
544 B

95ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6578588437221448683
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:470
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6578588437221448683
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=815d072c-f784-42ac-8815-d6fae0a9b515

42 B
294 B

93ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=815d072c-f784-42ac-8815-d6fae0a9b515
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:499
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=815d072c-f784-42ac-8815-d6fae0a9b515
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=863285058235829675&gdpr=0&gdpr_consent=

42 B
209 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=863285058235829675&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:414
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:34 GMT
X-Proxy-Origin: 168.119.25.197; 168.119.25.197; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 58d21528-18e3-43d1-a442-1d0f6c104587
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=863285058235829675&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D75
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO

42 B
425 B

58ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:471
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 40ms
39ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 40ms
40ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 40ms
40ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4438 107 B
165 B 20ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4438 107 B
165 B 22ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A94 436 B
280 B 163ms
162ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&h=480&slotname=6744803991&adk=793851900&adf=4198862046&pi=t.ma~as.6744803991&w=320&psa=0&format=320x480&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633421314410&bpp=2&bdt=157&idt=107&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&correlator=8618992864024&rume=1&frm=24&ife=2&pv=2&ga_vid=1203624885.1633421315&ga_sid=1633421315&ga_hid=955176981&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2651448613&scr_x=-12245933&scr_y=-12245933&eid=44750572%2C21065724%2C31061691%2C31061693&oid=2&pvsid=3427297932877267&pem=894&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f1id1hvbgcq0&fsb=1&dtd=122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0edc69ceb8e6152ebd04c9217e52be8b4a4415fd0ed21fae269c575061116d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5822243610880583&output=html&h=480&slotname=6744803991&adk=793851900&adf=4198862046&pi=t.ma~as.6744803991&w=320&psa=0&format=320x480&url=https%3A%2F%2Fwww.controle.colunadofla.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633421314410&bpp=2&bdt=157&idt=107&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&correlator=8618992864024&rume=1&frm=24&ife=2&pv=2&ga_vid=1203624885.1633421315&ga_sid=1633421315&ga_hid=955176981&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2651448613&scr_x=-12245933&scr_y=-12245933&eid=44750572%2C21065724%2C31061691%2C31061693&oid=2&pvsid=3427297932877267&pem=894&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f1id1hvbgcq0&fsb=1&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUl6JYmIvpHLvattxZqqDJNxKdw11BYfYG7k3oWqf04zM2nmxAsfbVez02ErayI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 05 Oct 2021 08:08:34 GMT
server: cafe
content-length: 211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5E7 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E94B 0
0 19ms
19ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkNnnAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPcBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF9x4VqsnVWEVc5iekeP6MxWd_QOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=WTsYaLx2Xro
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E94B 0
0 17ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g4sh509sbmmtsq8wwr5a805yn47zf4nnyqp2nqkhjfgas7htqdjhjw48yfjgm304byv7vhq0vbfmp48030e7f6hterwtcm02nyxreg68w3c5vdzjn306pe7r3mnb5vs1vjym3w0m7r93222a0ey12ra8we27wbdas2gkd0z92j7kcx7s337r6wgpadghmb3edma14s9w8dv1a4b46csrmv7qfswz56jf4g3r7kg67vmw884d2fzx9x4r3wmvt2p1j90pd4a7df7bggf2sr71jbqdxbn6keqwnae9fchmzhdfmb2y1jh5kgyzb568p48g93npc0nyx8r3hb9x7mxsbz1a4skbshhm6a2065ss9rtsf05eekk3ah9qpsx3gqh774c0gx310&b=YVwIAgACw34Iu8g3AAElGx3MmGjqKufbkdlN9Q
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 99D2 2 KB
3 KB 248ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a645461688cfe551fa38f4a63b427b8e5926f18a42b91974079c29f548711b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b1594b145a-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame E94B 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F643 1 KB
783 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83377
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E94B 122 KB
37 KB 317ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame E94B 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E94B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_eVhml53N9T8KSrHPa1gsamRl3qORJRGt0fJzsEJrv_UEYZlPcWuNSkudCggokCO83ez2XaKQDclbU4BH1snLZT0D0w
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E94B 22 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D5E7 0
0 22ms
22ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvH7GAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPEBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQtpEeH1vhW_qVE8rGUezw_wqVjuAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=fpZ9388GnqE
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D5E7 0
0 24ms
24ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ktxga2ph62pwej7ewrwv95pp816a0jrsa308g7083xj2808k8f1dx80zvgrvs9axz4xxagag6khpjzqgymjfjzvsmk2aaq91haj5nyxs85802wrj7e78rk7gy9v32pr0en88e2s8x1e242zb62px4yr80dx0rv8xem61nc3k7wvndap0keq9wwnss06nzq1e24xdbqfjpe8r6fsafbksm01q8j3wrrp77wk72r0a9pdbnbcvrxf7t6be278mdt4mz8d1pv8hjvetjp3k13ghsb7cj9nq2qzmxgctec965c9hsf8cam0p3gqvx7j035hmxwqkh61hh3dr0fpmhj257cfe26jvq0e0kree1aw1qd7n1y0sfgw1bk6dc8sdnz7e0eva1268r&b=YVwIAgAFEZ0Iu8PrAAeRHGHRcIUuflI78NYYZQ
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 577E 2 KB
1 KB 219ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef97fb0d4b5056fb013dbbc00568c724bf4d5cfc7e9c03b08b24264e9b0392f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b1594d145a-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame D5E7 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B3A 1 KB
783 B 9ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83377
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5E7 122 KB
37 KB 298ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame D5E7 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D5E7 22 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame F643 0
191 B 32ms
28ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEC6XliZJKo0ow-VxfSGfTbE&google_cver=1&google_push=AYg5qPLDadidOd6P5KUXPbOQTtgaVfXjvzpbOmTfN6Z-howvdYG8xAgD7tPQf2xwPwoUS4zrOe3BbWVzY8NsQB-kZjxeDFTZFeAG
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBUqTBSs7LvTCZv9o_OwP50&google_cver=1&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM2gQs2RZYZin_W1evj&google_hm=9qf5WwULStiCt8moNK9uEcU

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM2gQs2RZYZin_W1evj&google_hm=9qf5WwULStiCt8moNK9uEcU

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKRe1XclwuPewfVQcQRu6_Gp7_q2s7cSsQE6zHKjNq_to3omgokf_VZ1FS30MpJ3X_13ev1mT9WtfM2gQs2RZYZin_W1evj&google_hm=9qf5WwULStiCt8moNK9uEcU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkV...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkVEQtSF&google_hm=MTg1MzI4MDY5MTg5MTc3ND...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkVEQtSF&google_hm=MTg1MzI4MDY5MTg5MTc3NDg1Mg%3D%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ85fFt9-d8ISk3enzlMl3of4F8w0e8WnGThXnex5z-hn21Msj9iZf3K5W35N-qxxQJ4GBdvJlj5gQE7NK8D9f-ZkVEQtSF&google_hm=MTg1MzI4MDY5MTg5MTc3NDg1Mg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame F643 43 B
607 B 74ms
15ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEALqMj9Jj_9ZgQQuwKsqjG0&google_cver=1&google_push=AYg5qPI8kahqAflqOY_BK3J034E5fl3E6X5andUyhLBute8iSz-loG_zxp87n2jVniSvBg-pWJE4NsNGUHX3w_tjq-s4gTEgFZwj

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 08:08:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIvq8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIv...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIvq8rA9KCFIJnsGvwDMbHsk

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPJi1zk28IaKtgl176hBo4wpHSYjJAz7wJzcupgOL-1dnkNcy4ldm1gETXRTccLyIlZQrkaNIvq8rA9KCFIJnsGvwDMbHsk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvWmc...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvW...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvWmc8BKavcoSksKT_QE-69A

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPKiHIDOqlWJ1v15uhY4f5SHKrryFMOq1f_qmDElVrBqPqAGSaYkV2hIzYP0iGUkO0GsE5dMvWmc8BKavcoSksKT_QE-69A
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOt9KBus_HNVmU2XkIknuyg&google_cver=1&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd9gxY-VhKlvR&google_hm=b4c40d39cde7287318b09793

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd9gxY-VhKlvR&google_hm=b4c40d39cde7287318b09793

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKj3A1mH7QGbcg2qeiw6LA223tb1EDDdf2rSn5t59gnhWc8NvFHvyvvME9ZLvSASITeIuzaPJ5ID5lQZwYcd9gxY-VhKlvR&google_hm=b4c40d39cde7287318b09793
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F643 0
12 B 19ms
17ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5EebyOOPaKDSZGwfwFvS6RRnJfw4wXAaIRrhGU2pG1DEiPe4fn4YzMHYaw6l8FAcOI8_M

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET /
google2waycm.netmng.com/cm/ Frame 2B3A 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B3A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOalioEAYKan_j1RohD1eLc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdqRTVmNU4xTXhGdjQ1&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCL...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdqRTVmNU4xTXhGdjQ1&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCLUmG1LQszL3x3uhCaKvnb7K6FbsWrZ8zHqki8umOVuZXojlb2aNTEl

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdqRTVmNU4xTXhGdjQ1&google_gid=CAESEOalioEAYKan_j1RohD1eLc&google_cver=1&google_push=AYg5qPLbUZQoS80Q6-lqSKuZ8PmY8H2eUSwaPJb7wWdAKCLUmG1LQszL3x3uhCaKvnb7K6FbsWrZ8zHqki8umOVuZXojlb2aNTEl
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B3A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOjV25Xv3aBz_LZGTGd4Qwo&google_cver=1&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5egtkQx-lNa4

170 B
188 B

19ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5egtkQx-lNa4

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPJTrLeJxGggsFtyVC66vplm_bp-c9qRitxJ_dKyQYKt1T-ScHO5IiP3BTbNK8pQgXsAjuXDpn_gxI5J5Cj5egtkQx-lNa4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 05 Oct 2021 08:08:33 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2B3A 70 B
264 B 40ms
38ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIQrxPvlQMfQn9sgNi_Sy_M&google_cver=1&google_push=AYg5qPLuiZZ53YFX68KCddmcrgOkGAvGMZvyrzEixfYjqsgfbzpQN7z1_vcTM9w8RKbKPgdHUkY0L6q1D6paq9Wg78DhE_MtgjwW
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B3A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws3oAzR&google_hm=MjMwNDI1NjY3Njg0MzQ0Mj...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws3oAzR&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIunG1o6xtxAfTJgkh_tFhtplvQ0OwUkY-Bs1xWaPKLrvyCdKxzuS7_0OQEmljXbMoZ3XMmfkwXzIwkVRyHdE2kVws3oAzR&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B3A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzFVRfZ-6IRWLDrA0XgazbEmILBaN8-PxmohpOL_2f-jqz76wXVhM-niYl6sYNAH-k0mmKnyWyrqnFnNM7u7_nG5wVSvQ

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPtptO0cQIaH02HLmk7x6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzFVRfZ-6IRWLDrA0XgazbEmILBaN8-PxmohpOL_2f-jqz76wXVhM-niYl6sYNAH-k0mmKnyWyrqnFnNM7u7_nG5wVSvQ
date: Tue, 05 Oct 2021 08:08:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 2B3A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPJvhaQGuJAB9uHFr3hBByBWiX2mChtUX...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B3A 0
12 B 15ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGifyBg_MdIYGWFoR31BMWdcwIuPAgkBLjit-aqHWKU7Cyrevb6OF3XnVRHw88hy4C2_v8

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAD2 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CAD2 0
0 20ms
19ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoK0jAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaUnSuDF2H1SIVETndkAfzhrEoeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=tzeD67VfwlU
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CAD2 0
0 18ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jca4ztehm48f0cqp833z8hq9qkfq2thy2xvqzza5yjnyhgnd2fk5cnshem44qe7j43w27adb9j7z73z72rfz4bes5tss5111ptd3c403vv6rm31tt7jhw3ek2s304swtwnnrcbq7m6nmne705jzqvwmd7h7nzwsrezce8f9byv0pz03q9tnjnmddry3tcw64d46d0xkbnbgq90c7gbf94czsfm5y6x2s6gtfhppejv427b0mbv2hwmnc6k3tn6an2ezkrxy30wwvms1vdgxd9jn2zex9kq7pyd92y0r4c9zrzg5635x5fas6r8hme89ve9q23pv2bgy6w2h62cw2q798hnpcwhh3g5qxdhrk1yj9e8kbbrv7dq8gg03j4x8q45dk6c870&b=YVwIAgAHLAkH_YpUAAxMI1IkPDQApfrqsmzT0g
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7417 2 KB
1 KB 142ms
24ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea839b5a3ec0eab07638335cf2f54f290181dc223bc21bb9871dfce2b025584

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b1594c145a-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame CAD2 3 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64DF 1 KB
783 B 10ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83377
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAD2 122 KB
37 KB 238ms
46ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame CAD2 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CAD2 0
0 17ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1Wc_8jqrrXJ2dOdxGmySZPNGB5TJBzvFuNKmqnSvBsQ0qgY3vKfTe6ZLnnThMUY4Qd69aSSrIFBb_ry05wwVaS3g8eQ
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CAD2 22 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_push=AYg5qPLQl4dJdXVEXQnfu5LwFKU5Gan6paKjNaRxSfkFapv63z48F4Hjsp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_push=AYg5qPLQl4dJdXVEXQnfu5LwFKU5Gan6paKjNaRxSfkFapv63z48F4HjspRk7LoUMgZ0mZNGhOAWl0tzsKxOqgFI4wGQpvZSubk

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1633421315.720888,VS0,VE93
x-served-by: cache-fra19180-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_push=AYg5qPLQl4dJdXVEXQnfu5LwFKU5Gan6paKjNaRxSfkFapv63z48F4HjspRk7LoUMgZ0mZNGhOAWl0tzsKxOqgFI4wGQpvZSubk
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 64DF 43 B
101 B 317ms
15ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEALqMj9Jj_9ZgQQuwKsqjG0&google_cver=1&google_push=AYg5qPK48sv1xRvrkni6ErOQRUt68hvrltqNY9GzA7jLamuW_MPTRK8f5qtcObftNJ_3tjIxsgrGRxbRat_e3F9L_lS8TBW-ciY

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 08:08:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOUu63Juyx0_3aGrlHvKXPU&google_cver=1&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23A...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23AETkUy

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23AETkUy

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLGBMtLnmTJkLCyhZSRcqQ2wCe1b52E0yHrawX7dYjmX1IoYw_nGxC2A-Ekk3bFUafcH0FXw2yKNutCXBSYnjNy23AETkUy
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE0_jU_zMoJHhTVyYfUCg9I&google_cver=1&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_mv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_mvx0_1MIfWGJWK9Qv73Phg

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3ODU4ODQzNzIyMTQ0ODY4Mw&google_push=AYg5qPI9fd_3kff6q6wzi-D7yZgKSFh7mWR1xhT_6x1K4CexQSRORT8DJxcic5XjDajasF3SqPznz_mvx0_1MIfWGJWK9Qv73Phg
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW
https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1tXtQ5sPERWlBg0XksqbIou9sXXquyP-fA2zq1U7IwjcJvr_MaXuINxknb3I2bXs0GGvEFBBKHUkDL7lKENCA_oZb3GPW&google_hm=gUqcZ1piz7kE6px0eQZQcQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vuut4cucobrdkb3hc85uri81744vguig

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILVqs_AeUrb6ZV5_rpgoHo&google_cver=1&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVfWFgBkR_B4bTjMryiVBkHUGeWUCyDEYIGqdgfk
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVf...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVfWFgBkR_B4bTjMryiVBkHUGeWUCyDEYIGqdgfk

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4NTI1NTY5MzU5NjE4OTc1MTE%3D&google_push=AYg5qPIzFRDFTsAMSLrpUYnMBZ-IiulRFKbX3uUsBHdSaL0DR03ktdgMhaOkVfWFgBkR_B4bTjMryiVBkHUGeWUCyDEYIGqdgfk
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DF
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDai...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDai...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcD...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEf...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPLt1imYq6jM3qiQBk85ayNYnwVbB0ymN2oE0QK-jQ3qI0CfcDaiOz-SpOAXEfwcXBJmQBIqa0gbHAyjc60gY5By5e94DQ7hxg
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 64DF 0
12 B 16ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZOt48ovHWcNnH5ZXgeKy31l-7wXz_Cs55kGZAQx7LpnNCXdIHo4WdE6UTnaHDnv8_Ozjqtg

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4438 11 KB
9 KB 30ms
30ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210929&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39d23117c6917b1c7b26f4d9e9bb2bb9bf549d86d517a592e9f7bc7cd0c9b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8660
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4438 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 336A 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 05 Oct 2021 08:04:33 GMT
expires: Wed, 05 Oct 2022 08:04:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4593 783 B
996 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f036171bb30adae66eba7ec4c3f22939eda3781485cf7f551bb9036f923dc66f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f58EeJes9IKUEEJqhH3vMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 05 Oct 2021 08:08:34 GMT
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-f58EeJes9IKUEEJqhH3vMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame F38E 27 B
0 197ms
102ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,&us_privacy=&cb=1633421314291&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.controle.colunadofla.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.controle.colunadofla.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-10-5%208:8:34&ranreq=0.49863439596655157&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET met-social.woff
controle.colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/ 0
0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DE07 3 KB
4 KB 61ms
31ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 05 Oct 2021 08:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921719
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C39DynaeKzsZ64k38l9EcN6wh4aitk00QTnGwyYW2N9McoVnLgVZvIrdQLzZeWqSCD3xtYQrKFANV3Cemj%2B9i38lzugwoxc6MdHZQjsDbs35IdnGWz0%2Fx4C3NyAhU1wZlQ7OTUkE4fQgaaDMgCzqR9N"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 699529b25fdf5c44-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1ACF 3 KB
3 KB 62ms
34ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 05 Oct 2021 08:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921719
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0POYKend1D2SZbtubypbzA7ywlmyo4N8dBoqFVORW37ZjQ6YgUBCGxGUY7dEhqx341DqsolLaW6XnmT4uhmqons1cesmjDYR9Yxh88UI%2BNLwy5xaJ84H5z5XHKe6KOD442qpDbM8OPb6LOObjcPHeVY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 699529b25fe25c44-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 2B93 2 KB
1 KB 19ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 05 Oct 2021 09:08:34 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1818317
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJVa%2F%2FEayz0RPJHiDgJ6slYMEpuiF16b9preJlXqoUddyzaMKkBZnDY3Yu8NFADmjhQvFZtP4CrCNFgl1EOZheLPLnrn2mHb0Q3DRgCS%2BVbLyv0F7MUB0dgL9Yeu95FMFv7WCwk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529b24a7a145a-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4m.at/ Frame 99EE 2 KB
1 KB 17ms
16ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 05 Oct 2021 09:08:34 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1818317
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyiUbL8Qght%2FqcjCyLBMiMP9HYULuM%2BrWKavWRdM03jKuKmdbiJY6GZV1wULLZf%2FZ6MrSRxqMpKXxin90T4%2BS78MYQsAQdqPugVdcs9sFcd74ePfW%2FdzQy3Y0TItHCu1ag%2BzwyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529b24a7c145a-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 99D2 64 KB
8 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020793
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b27aa6145a-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 99D2 36 KB
13 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49384
x-guploader-uploadid: ADPycds0dusQvG6yDjYYplJNEwILXGU2-moqDdKDFu_zJk864KEvamD29Gk0RJHg0GMr4gNJ9f3uH1ClnNt0lyjz9rs8ZzPzCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKvT9tWrF%2Bf4WoIlAD6TThKDa%2Fz8reqFk7tZ%2B5ibMEFsnCCcPaMEMvpspMZhvXqVGJwOEeML6C1golOnDhunLFkTSLrxgLM1qD%2B6UMuGWKziDgXHJ8Fl3%2Bobhk%2FroQLMxWAzNVc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 18:25:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 699529b27aaa145a-FRA
cf-bgj: minify

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 7417 64 KB
8 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020793
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b29ad3145a-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 7417 36 KB
12 KB 29ms
29ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49384
x-guploader-uploadid: ADPycds0dusQvG6yDjYYplJNEwILXGU2-moqDdKDFu_zJk864KEvamD29Gk0RJHg0GMr4gNJ9f3uH1ClnNt0lyjz9rs8ZzPzCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCbdPi%2B8HG1lbiFhNfkZWrEKb6rz2qU6%2BgswOfL%2BWeAGqaxXK22uMaPmiyPBXl%2BhD2HIlDTDA4CD4eG0LwJe5EGjiO5c4sw3zcZUMmMnQGqlUWy9kIadjTw5P8CdqDO43U1oA7Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 18:25:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 699529b29ad5145a-FRA
cf-bgj: minify

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 577E 64 KB
8 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b2aadc145a-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 577E 36 KB
12 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 05 Oct 2021 08:08:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49384
x-guploader-uploadid: ADPycds0dusQvG6yDjYYplJNEwILXGU2-moqDdKDFu_zJk864KEvamD29Gk0RJHg0GMr4gNJ9f3uH1ClnNt0lyjz9rs8ZzPzCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlVnYsPWE3a8HSP7QGJv8IzE6JOeqstnXJlY8wOy%2FQuhb2A%2BVf2Wdmd0UkWPyToWMkbhzTqvFGNE0SddBaZFGqJMLFhebiz0IZIQ193nwrj%2Fau8r0IupsTnv29BKnOSPxob3vOY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 18:25:30 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 699529b2aadd145a-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame E94B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ae628c13fe946610272c1ecd265e36388d584b4357825e369c37efba6bbefb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CAD2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e63d7d31a0e51043e3190d4c56de191e4ef46900e6f484b7544b0736d735e567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D5E7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e60fde5381745fca5a64ef6daebd80d6a1b01abc1a31118872930b729eb9379

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 99D2 3 KB
3 KB 350ms
46ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921720
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvdftB6%2BOYKySU%2Fk3IjeMjUa3tMKAvqje7IRXLV9eA%2Fnf2KvPqlp7g2jWhGOjPlJbQaQXTinSNKEmCn5pK4jtr35G1ZPzYD3QUSu3%2FTKznDQZlGHL8KtbzXIGWyY09fjaZayZ6ZWVH%2BRiEbTjC8tMVor"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 699529b4cdf15c44-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4593 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210929&jk=3427297932877267&rc=
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 frame.html Show response
ad4m.at/ Frame 458C 2 KB
1 KB 19ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 05 Oct 2021 09:08:35 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1818318
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC19ccREt8QWIAn%2Fb0P04d%2FAJpLFvOesVWCaCyRJAb8q4VJ4GwZSyX9O9R1HbUkF6yq7Rk%2Fh83sOAln68PqUfGwy%2Fmkkb1YcR%2BasXTaUjSfu8rV0KChhxQXXaUInxFMijWb5zD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529b2fb34145a-FRA
content-encoding: br

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 577E 3 KB
4 KB 325ms
40ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921720
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Fs5n6DMg9l47zpqd7QyOgAk7r0qPOzvYjEZJABL0R4diJV%2BjxVasrozZVnWo3wMYiItGX%2BW%2FBC0KyRh92UtWSO5698fVOEOwoZGJD3dTiOiXlqSh1fji1aSY14gTxJ4W70QdE3R7o8c4%2FIUTNSku2g1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 699529b4cdf65c44-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7417 3 KB
3 KB 325ms
44ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921720
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVPv%2BrZlHArMbw0eBcHVxeDlOv9u2eLXfwjmmRd0hHcdjY9OPmRZMqy1vFiQki4xA6L7yqo7oCJXqkTezxAgFEcuKTQWpNInz0bkVsPpjUksnqTcB%2FBvzJ8VcAI8saDnJY5Edt6%2BzFX%2FylgWiXPl6B0p"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 699529b4cdf45c44-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 4408 2 KB
1 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 05 Oct 2021 09:08:35 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1818318
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFeV5MaCAzIOYYhHS%2B%2FFrxeqUt8k%2Ffc4y%2FoquGJMfXPOAa80N22OjS1Ea3uic1xv%2Fi2XHFKt%2BAfT0NqmYSK59z3a6edS0vOFf0RNyaktxjsWaZLJeBGG1KiDJCZyo7s0%2FbAgmWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529b30b55145a-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4m.at/ Frame A385 2 KB
1 KB 19ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 05 Oct 2021 09:08:35 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1818318
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOwt6bh4nzK0vgxM%2Fvi5QGPAbVI%2Fypuuj14%2FxhTcgm1sWPSnAsKGcjnVzXXbYLc7fWcgRxuazAatx1nwiPoX0XLpbHI%2FNxfNe0xcKjKccW0l9ozTYFfExxbVQSVS4UAMgyLWYDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 699529b30b60145a-FRA
content-encoding: br

GET
H2 200 LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js Show response
pagead2.googlesyndication.com/bg/ Frame 336A 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 17:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13320
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 04 Oct 2022 17:58:43 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame E69C 972 B
861 B 83ms
83ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 66922939d740e5b997156483d0b9c7f98fd80044d06890cecd2956644d8d8150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.controle.colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 594
expires: Tue, 05 Oct 2021 08:08:35 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame E69C 0
61 B 60ms
31ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1633421314&wa=0&e=96&ier=901
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-length: 0
content-type: text/html

POST
H2 200 rs Show response
ad4m.at/ Frame 1ACF 2 KB
1 KB 48ms
47ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7dbcc98134ee5d06adf55f7df405d9b29c74dd13e005c57798323e5b05d511

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 699529b39d9c692b-FRA
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMnylcGrmESFL53QSWpwaOqLZMVRKoIZa917xfaXWIKHt6QgrrALxkGepFnInzOahCdwrm8ZTkjlNCO%2FPO0eGFBsqiXQ11fYa4xW3ha6%2Ff788NJ3IZeY%2Bg%2FYhTLLPBVbv3a73BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-v52b

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 50ms
31ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-v52b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2clbUc%2BWz1XYG%2BmzTgB3H7jUTfmmo9%2BVjHobRqC2Kpb0q5sZ%2BMP22QFZqmvl2mtDmAN%2FfNtoPqQe4JgAhBG%2B7Vtn3sCSUfT2EfvgcXUxYVcXAdiH%2BcK%2B3FFDiujYFu%2Be75b2tc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699529b36d02692b-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame DE07 2 KB
1 KB 36ms
35ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2c042ff7b9dfc4a7c1d9b881525c5e42ee335b3f1635fbddc2857ea8d59505

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 699529b39d97692b-FRA
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTZbu7h5HpBd9la6ZXY4wJYby6OmY5cXyj9sznuUqhWlUXYc1ET2pEGQGZTFLumfVa35jKhjVvD9%2B0%2B4roRIh4F7cpdPGmXnq1RED6xbOj11mV5patUbtgE%2B9O98F0dgvpguiyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-v52b

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 44ms
30ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-v52b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsUksrKvFyRo9tNVZ97VIHgOcE0kqRWYnuAGMzVN5R%2BQqz5NsN2VVIT04Fz%2BDgc4udK59MSrxWw2CZej7r%2BcahisKT%2FPETTDWEBeX1cQTiYNcAXj5nfsM2ZccDEcKa1eTT6p1AY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699529b36d04692b-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 99D2 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f3a1821b3f6664731e4cc4c5783df5c21769efee2e52cfbccf2b57bd18742d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 699529b3ce08692b-FRA
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbQPAT3l%2F1MZ%2BdRwyPhwVLuLaIlOkdwplp9ODGa6xePOe%2Fi9Ct2ue7nqlp%2BSMgeZnLZF3A3YKj0lyo6471Efw6LwYvkXv%2BdpzT9kDybQADy1ITgilVvCeX%2Bf0QZZzRQU5R7%2FJa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-v52b

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 29ms
28ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-v52b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHId3jo%2BFLq9QghoaNduX6c0MKhmPLrUnq75WQFZqxuU7BJiMWFs8l6tKBgaW0dNP56jh7it8lFAUWpeeABy1swoHgYOqfRy1%2Bm%2BaV%2BJ8%2BwVR965jtpvxBFu1LfG00Y6KWlRHvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699529b39da3692b-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 7417 2 KB
2 KB 54ms
50ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d4643c211672b345244d6d09f53858687ebe7db5fdcb2f6b82ff50f8992589

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 699529b3ee3f692b-FRA
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qP2jgxXMxVzHRbeAwKY8wLz3ab6g%2BgKMXgJs%2FzpdVn1gNj92H6u2MA3M0p2FNZx0asv0grrJlNO4rFbb4hOXskaCfxpS2FlqS3yKFsl0i0T5CXTP2r6vMsJWbQXGhL7z81z%2BtTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-v52b

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 27ms
27ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-v52b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2HqNAtRWP6qcnorHHXl7NppAbCnV7wP6Q5ogmWIYeTAacTFBZw4nyuLsNRQU1At0eGXH4i5G3n0Ix%2BaA3GKb37xZEjpW8zxfg8lL0Ju7CdVndFjhSK1hxlW8%2FspkqKQG2h28EE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699529b3bdd9692b-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 577E 2 KB
2 KB 51ms
50ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2191c14ffd7dc8d19f07da20f30cbb5f778606224189242f81e1daac4e83f0d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 699529b3ee42692b-FRA
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RudrKw07zSNL7aqeOf7pAJOY1RMui0YdpL6yotHaaytNcJU3ol0kk6JUvzfoZ%2B18Czd%2F1VTolmuGkQQDTvxMZyiZG6ojO3nWAaxQrqo76tNynNWwKL4I4QkWer4J1XufK16Z8SA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-jtjq

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 25ms
25ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-jtjq
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B31Rjg2Ke6UxDTjKHz%2FHAArBHKaVuMCeWjqLoeQ0tiDfsskEovMRxwg4bIp%2FZuw07NWFFazjWrfVZ3sDoBxrFQslbyr62Sh4Q7MNgc5QIo1npdOoMMnO3fOk7o75ZqSO6SX9OQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699529b3bde7692b-FRA

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 3DD1 152 KB
36 KB 18ms
17ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2EAD 6 KB
4 KB 37ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c060ebf9daf55c7d19f078cd2445ed5400dc91c37723c3a305c26530ba01e9d9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j1xm92m6jv91jwdwybwbq42stypsz4gta7jsvd4vezf4yqm0qp9w4zh4b1bz5pbs80ddexdqwvq0wrttvjgktfrq67p9spye82vs81ex23677twx57gcf9z0gcvfrsny4vb6j3f1vfav7bdsp7st46ehcmx2k5m6yteyq3ex905xvkch4780kxfrkzwkmcvpcpyzxbq3ke7hxj3ajck6fyv1w8d62zbn83tqwdn1kddy7de0265x4h1yb17pq4bnb9bmp1hv0eams6qv85kv1aym3jf3zpjh9kkdqy0c94ra68fpbh768n0gpr0yq9dx55vmfaff2r2jxfmptk6ryy7hx4kw5n0z22baghe0cq782c72esxecj1cjpc5r792wdzedkbfze76a8gbzwdwz8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b3eca5145a-FRA
content-encoding: br

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4A6 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame A517 6 KB
3 KB 34ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18eb03dddf2db006f32ce2c6159b1267d138c198f5079c0b7cb12c7aee03910a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hz09bp2hby963cm2xtwcv828793f55hhngrf4vz5495ynt6t3cssbdkcyprq3gd7z0j9a5dqsan72msp7jm803n2mwmk652tz3066tm1dkb1av73tafvvzjztawwyhvq7mfack8xezp5gngghr4yrarj3g5mfdrr0wwkgkeysbf9mstc38dbx7b1j5wp2872dv5yvaf66y0y2p6j0g8y45k8y5stv28v0g0ya4eppm3fbnhfd4t9f26fe049x04pcqc4xyc95njr897k0v92bp9wsy9v9pd00ysx13ksws87ewy4625q4xmm5bqxy35vtrby2s2d1vqag64gbex4ajz04z4rtrgz3ydq095ev2erzyn0a3vmegfe1zqzm3hxrjk0efkpvywmw0fsh26j5hr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b3ecb1145a-FRA
content-encoding: br

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7D9C 38 KB
14 KB 20ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9; chkChromeAb67Sec=1; DPSync3=1633478400%3A174%7C1634601600%3A197_219_201; SyncRTB3=1634688000%3A35%7C1634601600%3A220_161_7_56_54_21_13_3_8; KRTBCOOKIE_80=22987-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&16514-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&23025-CAESEAWa6B7GQPJmsscKLMJEO0U; PUBMDCID=3; KRTBCOOKIE_153=19420-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO&KRTB&22979-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO; KRTBCOOKIE_391=22924-6578588437221448683&KRTB&23263-6578588437221448683; KRTBCOOKIE_377=6810-815d072c-f784-42ac-8815-d6fae0a9b515&KRTB&22918-815d072c-f784-42ac-8815-d6fae0a9b515&KRTB&23031-815d072c-f784-42ac-8815-d6fae0a9b515; KRTBCOOKIE_27=16735-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&16736-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&23019-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&23114-uid:daa7615c-0802-4200-9791-2340bdd35557; KRTBCOOKIE_336=5844-2626945708281059440; SPugT=1633421313; KRTBCOOKIE_57=22776-863285058235829675; PugT=1633421314; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=30263
expires: Tue, 05 Oct 2021 16:32:58 GMT
date: Tue, 05 Oct 2021 08:08:35 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3DD1 38 KB
14 KB 18ms
17ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.colunadofla.com%2F&schain=1.0,1!vidoomy.com,52453,1,1633421313403,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:07:52 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-974e-5c4c7cb53d8cb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=30263
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13946
expires: Tue, 05 Oct 2021 16:32:58 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2280 7 KB
3 KB 29ms
28ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9b481f1d7b93ca1423659040fd2cce6bdf35bc8cf04938aa7b9113735ff5d7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jqjesgcc9e5kdhrw4538ygcx2bky8kbph3w8mfgmzychghnk4nmp5z1khfbqrbceknqy5x2pm2x7ky3nm9h8fc036k226x1rgmgb1pmkra8x9naty37ek1eyxmy9pmam29179yaapb7pebhwpn8mfspa82cjfkt8d57wm2d2048p0ybw8g09ftmtfxg3gpxyqa1hykvkvsxhckt44ek8kw526w397a0m0q5yddmz78kpe3czvfewkqg5s9507svskkpvmkfbpwmf6xmtqs8qdatancpkfzbvrvws1p5090anxsjy3crs59ek56s3820avhbnt4rfw1dpz5c1vefwqbg5hgckj727mw3jnpd5mjtdaqdwjkz6c00kw6bqjf21rnnqjd0bt1z49zk75bw9djh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b41ced145a-FRA
content-encoding: br

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C4A6 0
0 21ms
20ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAEv2AghcYaG_Mf7C7_UPttqWqAnovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE8wFP0MGHr-XoOvzT9ATs1SrEhi-_dGPEKiOI8muYKuZnDQU_arZIeGb2XRNGoeQY9QadsnUPhGQUt-aVQr9sDoCpBd0O4bNYet00pv4sdCLxuHGI9KIRlcb8h3krD7Uu2ch2LHwUQqTH67k1qe3kkpPtax0dl_cccfbFrqAiExoGIGKJBuy6ctRL-0J5FISDfESPnPE9C-zzkf5OIVgyszqlcBidHwmyiDIjvnF2OaYviVbYtba4Sigc2o1JhbrEUHACekKwZxPWwBHkEmd3WhCr0vdMdQuuzTIlpIATxQrPQu5_W4KpgNQn4J9Tt8dIX8_KGCrgBAGABv-d1fi66YnpgwGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=6c-KSRQcJrQ
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C4A6 2 KB
2 KB 36ms
21ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=45346098;rtbwp=YVwIAgAMX6EIu-F-AAWtNtjzX1GZUJa36aOocA;rtbdata=sE7aJDcJueh3On_-eeYFLClp44mgHv7KjXEDQ9KFwQboSpqmlTCsbQ6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHEOnvh62PKSrSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGx4iVuK1hPu0HhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C0QWCAghcYaG_Mf7C7_UPttqWqAnovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE9gFP0MGHr-XoOvzT9ATs1SrEhi-_dGPEKiOI8muYKuZnDQU_arZIeGb2XRNGoeQY9QadsnUPhGQUt-aVQr9sDoCpBd0O4bNYet00pv4sdCLxuHGI9KIRlcb8h3krD7Uu2ch2LHwUQqTH67k1qe3kkpPtax0dl_cccfbFrqAiExoGIGKJBuy6ctRL-0J5FISDfESPnPE9C-zzkf5OIVgyszqlcBidHwmyiDIjvnF2OaYviVbYtba4Sigc2o1JhbrEUHACekKwZxPWwBHkEmd3WhCr0vdMdQuuzTIlpIATxQrPQu49WY87HGCGjDXykwGgJA4KfD7j-hngBAGABv-d1fi66YnpgwGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2uElkMHjfB8ismVQ_eNjklnHcFKw&client=ca-pub-2845463438153782&adurl=

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

35e715d274dfd8263080365564384aa7610beac4bdd1db37c7debd90b6f74e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1759
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame C4A6 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4A6 122 KB
37 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame C4A6 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C4A6 0
0 19ms
18ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQSXtjjWFhEMA1NBL5zQ6fVsejk-jnA3z5cYnJ1F0BTs08pyyUieDkAxXJvhx9EZPNljcVF9gM87o_vK8RcgC9oewyMw
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C4A6 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame EF6B 7 KB
3 KB 23ms
22ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81134ee05789a8562b81ed42f98810d3b80cae148723bc7bfafc28d80a19a2f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gek8gbk2j676cnjpg4ywx7k1h6k89hyp765edfqzmr86fsya69bac8zbnae7afgqmdc4afretfatbzv7b6axp9pbnq3ajn5v1084dxdxxwzbkg2e4nntt5amxzx2t6cmmwwhrsjeppwsgjctvbqkjctk3y58zadbwb2g2h4jbnx295zh8vyeerzt747se7bp553r6rpk0pndvjh1t90f11s97edrnmdy34y6856g7nce8rr2hf10y1zaqy4dyv8r8xh5zxqt4gj7x7tx75x1d158xjr412fdh2es0023rjs5hvnes8wdh1c02z0pgj6w4g0chqbtcp4mhcs3cacavf8hfw8bfpg9h4djtaj1kpkf884e47pstahqc2ntt6655cpz1drtb2vw29z2kqp71p9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b46d58145a-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 6DFC 6 KB
3 KB 23ms
23ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caaa75462675d2ec7d7cfe52decf752231e1475954d1095ec1bb8c88a3bdaa1a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hv1bjnpbrkbphc9nkfpat4xecf0d8179eamdxzgczqdgw7z96jc1x6gwbv0ft7sz3vxzneg8bggj9c32ftkzhfb2g6v470t2wfr84ytezx1p5vwfsx9zam9b89e4sshspaqrrymr7hnk8wph7dxs9j8wh71xp0exghe4kcn0x7k153wsqfe8189pv80q1kcgb2xdxy8cprssms25dnkj78z074ezpca41b0y4qzktfkbazk6m71n1znx98bc949g5py11tjm4dq5mqm2wd5avhrt3g406x0pawgy5m03jpjw0b08anrh3az8dxrht7htxrz3g01cz2hwjg39bg1prdpdjjvxsv0b00w8zrewc7r7avf7k5ezahscypdpq29e9awf5tzcj2p88n9d8xn3dhm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 699529b46d5c145a-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2EAD 64 KB
8 KB 102ms
101ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b47d7a145a-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2EAD 18 KB
19 KB 64ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 995574
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtLv9DIyHUgJ6Zyex4tS20Did3H1ifD5M2pw7xac56O0Y-99X8xEZbXyODP82Db4fFkxqVQG4ZiAM5syzaFRWY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD5lmC5KBnoVxRtneEk0oPfLRFdfbwKa7sd7dqrqCIaA3tXH9q%2BFrieRiuXaiYmka36aKDQLPTOC5ZZMKFKO2nTDFL3cXs3u%2Bb%2Foen8%2B2vTVPUh10fMHrKGKtoFI2nO%2BXtHh2SGC35%2FT181o"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 699529b49d9b145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 2EAD 2 KB
2 KB 39ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477747
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtOXKh-KgMEbAoWKbYiCu-WMg0adH-aHpDyPIWHLvkWchc6kFLvDt5AEV3oOoBXgmEGV61d4RPu-E-_3Qy1F6ool_w5_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xofhMpWWV9dJ6xkVVYyGjuUE5nOE4LHU9iiKGHT7Hjftfd3d81MrASANt%2BUD423qfAnF3UvE8fpzOshvOberLvWdpZx0t89yvL4HEq0iQHOKJ12zNmtXXmqknFUEMCli%2Bp9kWTDd5fvOQktx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 699529b49d96145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2EAD 43 B
703 B 106ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 2EAD 38 KB
39 KB 33ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478452
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdt5jYgyHhqHGXqhhg-5llnE6xVo0L7cRnEQ0RUY-tws91bLI5YlyPZPMHIbIm3weFZOqOf7pw5fB1Qp2wRXsXTChavgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFnZFMEDLfQblG0uos%2BkK9K0h%2BU7T%2BbLUTfjBTZ1Rio6YnzR%2Bn4blB8%2BWXug2JP4IKuk3NbvKusL7HNt9OWleKyAK2ihwsLAEQrElFVXJofH4iPThj1qGr7sf4RXF%2FwYSjrHq%2B3N38QRcG29"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 699529b49d8f145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 2EAD 113 KB
113 KB 67ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 484192
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvdkJsC2502W_gp4Iybmwz6lFgwEzlez7xgVOLtyYoPjXs9bDggPpRWNZ-fleqAbnWrVmfsXjWCAna92K_vtFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ochFBeuj3dZCSmfYvJNKBijAxlaIEZ7uIkaMNl1YLU8b0XQ9pbDfiyCD6XeCdsZZsT%2Ff81aI6FCN08vWxt4V%2FF4Fw5RHhOMjthVZuJ3dKAEFOwT4yNegAxknytGVTy8c3wpCC1IpmggTjta5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 699529b49d98145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2EAD 43 B
704 B 101ms
33ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2EAD 8 KB
9 KB 45ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478246
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdvwXSuciuOnt6jfgnRbPt9-n0JCGQp5QG9OAiAvaJ_2ZEL_KKwE7UbdyQdDZ-7dR1Rx-WQgY2sVOo5ZQ7kuPl0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65IXXaTuqQkF4I7K3mFgE%2FfsyOJAybL1NCRp0aFWxLPlIEVJ54FmFL702wR91P08qNKyP76RZmnCI6FhCiDyRXryi1i63vmaWl8VO2W31hr9UPRFQ%2Bs7zE%2FKEERtremfWycRldi4GhHPAZ8j"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 699529b49d9a145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 2EAD 30 KB
30 KB 39ms
31ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475805
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdta-dOCRoW6JvhoALWtgnakSZfRljViptj8kii_DETkdI2qnJZnQ_eiQtykg3XyvOkwzFnm1aV9wfKTminxaH0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi2O6%2BIBBF5hb67J%2FcmmAE62mNTQqqLhRS2nxpiDEM4bgGQZi2gPjpK05%2BWgE6s85%2FieIGA8nknzvIetehjmyEZKkB%2FjD9IDrhsFh%2BL4uQfaI%2FWtZqPfpAYgMg5A7vvOUvqb7UdOd%2FsmCxVP"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 699529b49d9c145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 2EAD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CM6KksrosvMCFUPKuwgdUCUDcw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703f67e0-25b3-11ec-855b-692d0ae1a3be

0
518 B

77ms
7ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703f67e0-25b3-11ec-855b-692d0ae1a3be
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=719526291443a6dae9324096fe70e835%2F15761800707878220384&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315131&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h03xxm3arc6t047rmjd8ta1jmtase795qskrpxt821cefhwbr9xrd9qgx0aeq5cp4c1t0jtjrfa4ndxmpdvzzp59vn80955ampad99mwk435c0j9y7t2j0a8xrj9ns1yfnw0bcqgf30q9sz266rgp0knq660bat0rkj5x2sg02d2qmrbp9nwr6ewy3t6h5qh9p8zaztpg006akfx0vmxvw7q19zkbp4834pwccajwq8hmzrxvkp3r5stj5b86cve20yfycwg8yfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6KJ9AghcYayxA-bG7_UPuIS7wAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPUBT9C8iVX_qrvexVz9OkqqldjNYyXM1VW0Ooy2YKDpSHlsoQQHlHmVKeNK1yWkt354yX0Ibh4uDwYAV8SuHlQkXqBHeLskcefXSu4VNTB7_va2NA776GthzUIP6il452mtZJ4S_wwW84nAtY_2r-Fj_l6-HiiEInLkMWm2EHSFoK4U6lSAtPDi2S8HFeE1o4g6CxptOrZSgGC61Are8EHAtjrtaQatrialcBTha4oKUPj3LP6R-A_Xv_h1mkHkdpGDnVRXzlR04CGbINWSW6_SYcVADc_DGJpDYD-dk1q_vIdCNdSvEc93nfu9fi4FncGa8CoYoevgBAGABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0u2z6TTg3BXfdWPHLa6sU_KXIeQA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703f67e0-25b3-11ec-855b-692d0ae1a3be
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C4A6 33 KB
16 KB 125ms
34ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=45346098;rtbwp=YVwIAgAMX6EIu-F-AAWtNtjzX1GZUJa36aOocA;rtbdata=sE7aJDcJueh3On_-eeYFLClp44mgHv7KjXEDQ9KFwQboSpqmlTCsbQ6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHEOnvh62PKSrSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGx4iVuK1hPu0HhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C0QWCAghcYaG_Mf7C7_UPttqWqAnovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE9gFP0MGHr-XoOvzT9ATs1SrEhi-_dGPEKiOI8muYKuZnDQU_arZIeGb2XRNGoeQY9QadsnUPhGQUt-aVQr9sDoCpBd0O4bNYet00pv4sdCLxuHGI9KIRlcb8h3krD7Uu2ch2LHwUQqTH67k1qe3kkpPtax0dl_cccfbFrqAiExoGIGKJBuy6ctRL-0J5FISDfESPnPE9C-zzkf5OIVgyszqlcBidHwmyiDIjvnF2OaYviVbYtba4Sigc2o1JhbrEUHACekKwZxPWwBHkEmd3WhCr0vdMdQuuzTIlpIATxQrPQu49WY87HGCGjDXykwGgJA4KfD7j-hngBAGABv-d1fi66YnpgwGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2uElkMHjfB8ismVQ_eNjklnHcFKw&client=ca-pub-2845463438153782&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5eed273d16f8b9f330c78d58eebc4c1cfb64346a84a9bc8781afe1bc69077d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 07:04:15 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 06 Oct 2021 10:57:23 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame A517 64 KB
8 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b48d84145a-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame A517 18 KB
19 KB 34ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 995574
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtLv9DIyHUgJ6Zyex4tS20Did3H1ifD5M2pw7xac56O0Y-99X8xEZbXyODP82Db4fFkxqVQG4ZiAM5syzaFRWY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC3x7IeVCrcwBdTptbxSgBwKUw9fD98v2JsVNqqXi6qDuZu5JaS8lF4g2Ni5hpylu%2FCnrQz7bIJIucs3ugwxTWZYNZk8hXwp7cnXf3pGPBIsaPNZAs3F2kAYYOXZlIvrRQ4mBv3l12i6kEfS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 699529b49d9d145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame A517 2 KB
2 KB 35ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477747
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtOXKh-KgMEbAoWKbYiCu-WMg0adH-aHpDyPIWHLvkWchc6kFLvDt5AEV3oOoBXgmEGV61d4RPu-E-_3Qy1F6ool_w5_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMP5us%2FVMXbDRNPA82T7rp4QHgCqf4wJmYKFm2LKWUUlI95deK5%2FFNEEKgYkpasmddrF0cnXTG%2BHhExXngXDo%2BjDQjHJ8Y8TOL0ie%2Fta9aNEfsfJdZ0WZP4CYE1DbuhrYGuGlmCvy9PyE9YH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 699529b49d9e145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A517 43 B
703 B 93ms
29ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame A517 38 KB
39 KB 94ms
89ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478452
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdt5jYgyHhqHGXqhhg-5llnE6xVo0L7cRnEQ0RUY-tws91bLI5YlyPZPMHIbIm3weFZOqOf7pw5fB1Qp2wRXsXTChavgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF1RPM1ZW3Z2MVjJaUzvgv4hxdr7H6qJ%2BqwLWzxSAwFFygtNiKsgQ7K6BMFtPiVgXW6g%2FAFUBvDxvklMJvmthfnJ73iLEI%2B%2BoxKpdLbHVKOYgVMmvPa8wvRgM579fqCd8px0%2FaSRKqif2gff"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 699529b49d92145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame A517 113 KB
113 KB 43ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 484192
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvdkJsC2502W_gp4Iybmwz6lFgwEzlez7xgVOLtyYoPjXs9bDggPpRWNZ-fleqAbnWrVmfsXjWCAna92K_vtFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d82E7CEgZhvofKjnoHBwZZa3qyLI1nzt8suFD%2BA7e4mcv5jNLpmhfaAZFo38XSAUi6ALR8%2BieETDI4EC7XSQ9Hc4ITuNFaul7LAAWVnT6Y5nodIE3oEhGr%2FmHSk%2BVjbQ%2FYUpgfMNDgKCUW0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 699529b49d91145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A517 43 B
704 B 92ms
29ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame A517 8 KB
9 KB 41ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478246
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdvwXSuciuOnt6jfgnRbPt9-n0JCGQp5QG9OAiAvaJ_2ZEL_KKwE7UbdyQdDZ-7dR1Rx-WQgY2sVOo5ZQ7kuPl0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqlqpX%2FtP1%2FxMQcGh6xK4zy8QbrloRG0W7zYqk1IROfVd6tpCjaRlvzSU%2BRSXVgUY1veXFTw1o%2F9h6UTCC3yGJS1%2FVnkLp2pJIrp0IjS6t%2Bch76JVSAidh24vUQDVWZroj1fbVoXKNacIzcZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 699529b49d93145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame A517 35 KB
35 KB 38ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477217
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvilNMNfill7Ohpkiry4znpTanx3UUkMjMp1v7Hi7axJ-h-nwBJXC4I4Y93SKNZ14fDwyxY43Ad5amjCaY5ENM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLSaCg5yof1vwkidC%2FvBDOFbnEbI%2FFXedwEyV7d0ppOgMHyHZUbVolqz6uiD2C%2Bhp1jqydxRgoCIUa2unOQR3l%2BSpY%2BlIidQxW5i1b0l4zyppq7eIvEUEc%2FPjT0XlP1xMccIpEfRgDFd%2BI3Y"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 699529b49d95145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame A517
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPaKksrosvMCFXTquwgdMc4Jww;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidBY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6asuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703ef2b0-25b3-11ec-855b-692d0ae1a3be

0
518 B

80ms
7ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703ef2b0-25b3-11ec-855b-692d0ae1a3be
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=BY5ffeBBfqRvQ0YcZFYg_xBi56Htyca6&g=cf08d8f3dce77a1f4df500d8ffebad7b%2F16549929805746602872&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315143&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxjjb80b2ttby34h0hsrnx912j1jde5zgeygyt6bn0jmwyfh575xjvxx774y3krw8a2f5k6v1zjet3643bhyeeb5pn4gq97rerzhxahb98r5p3t9tj0b2n58hxdvcjphqw4s8m4xcx5mjsjwxt4hrws09bc4da7kygmsh2svmvfq1dfhpzbtpnb1bhb4qnbv65x3rskcqzbgttr6qekzhkfwjvvcx90s1268mxgf4cqnng0hbdkeebm0ge6wembp86phy40498kg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQIvQAQhcYeqVNefK7_UPkbuw8AKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPcBT9DDELDfkcOpuaSDT3pyYGW8JoPWFCgPZ3raaKx_qHwLYTjwZtvbWV7P8j9352I3u-9XA66QFG0JeRtcrOuHKKNkyhzRvNYynRc0zNQRy7uERwGLqDseWvtvLWfcLh6CVDogf02q3h1ZN4GAKOE7r_fBNPwQYTrbBsOZqdMaUemK-jDgCdn23lX1FlUa2oEtBurF0A8XYcOnYaKZp0HrxbsBitbuCYBDG22POTpifMCKX9qbWtafEV3sxJ2zs8aAd4mA3cI20E8AvAyj048TzKa9cHVLBrI509sjPKvZ5cyX7HmUxNxPLrBQfzacmINQHolLGknoaeAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2QJvXJRsXc1-k34DNRje_DHZv6GA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:34 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633421315_703ef2b0-25b3-11ec-855b-692d0ae1a3be
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7D9C 2 KB
2 KB 25ms
25ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47092670&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2df4c1d51110ee70b5f32e1e65f3dc1ddbc98d0602c0d2b75872dd3ab20f0392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2280 64 KB
8 KB 70ms
70ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b49da3145a-FRA
cf-bgj: minify

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 2280 38 KB
38 KB 46ms
46ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996154
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdvzM0F2t2US7NpkMMTly1lLt350Np_QYxS1nbMXbaBbBZdW5HNaoa423-qLUE4qslLrx-jKOtbbDsVd66__dlw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7B9DUjALSVzrWikqWWguPrUlzJLgRqfzyqKHgNPDfXHkhIv1zdk%2FHEC5jMmLatu%2Fsrlg3ubtqF1YQkBDFz%2BQoeosyLdCwmbE1%2FaeXv35HMYMXyMWzfbXT2FCFAiXedqKl6deCfo%2F%2FwoZVhS4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 699529b49db2145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 2280 84 KB
85 KB 73ms
72ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1835730
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWBPGykcF4F8XS2O0stDTVFUxxJ%2FqIgeUvdeL9GjzE3Sr4Vjpvw7j1V%2FotqGCtqH%2B3hwn6e6xVrECb8USMG3U5H0ot5ZG%2Bg6uXPiTA7DiWL3wRVSDuWjOL05gUNt%2BVHIOzGkf3fUzofm%2F6AT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 699529b49db5145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6DD0C05291A523FFCB92D8BAA9BA8ED472A2085D8CDD841907FE2DCEE54B58B71396665014E1487A87BA0EBAF14ECCC74567764FD493B3A5B29E7D7D44C8D157
assets.ad4m.at/logo/ Frame 2280 18 KB
19 KB 68ms
67ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/6DD0C05291A523FFCB92D8BAA9BA8ED472A2085D8CDD841907FE2DCEE54B58B71396665014E1487A87BA0EBAF14ECCC74567764FD493B3A5B29E7D7D44C8D157
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 921ecb67a877ca98c57f86d15b845335942c4f3eb3e5f020db3a1cae309cb99f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1086022
cf-polished: origFmt=png, origSize=32344
x-guploader-uploadid: ADPycdtlRbBm6XjNRAU8wGgLfEzQM3UdrWjlk1giKTecKFOCgd8DTGcytl425XrZnlGLWMy856_vCBzuMmNwHgXtfjg
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj%2BDTqakcN2kVucsrD7rXYiAnTCawi6s2qhAM4sqXs3PBxwA0NqDvGwjj1DFP2mFDYtiD%2FgJQ6RbEsi02XCa2wPbkWfiWuPrsJHVgN5jpZfmYMUq19PreNveGKM7w%2FN513XDoQuNnkNlhheb"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18488
cf-ray: 699529b49db7145a-FRA
expires: Wed, 06 Oct 2021 08:08:35 GMT
last-modified: Wed, 15 Jul 2020 07:10:41 GMT
server: cloudflare
etag: "e91b3214f8f2873866e5d5e84569ca5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=LZ3Gog==, md5=6RsyFPjyhzhm5dXoRWnKWg==
x-goog-generation: 1594797041128903
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 32344
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 BBD5C967313D5ADDE8ABAA42CD360B2321749CE0F91A544B376D30C9B8477CE0AACC4254C126FC4BD438C59651D65CC8D8DC6705B6AAEDD2A5880E924901EE67
assets.ad4m.at/product_image/ Frame 2280 52 KB
52 KB 63ms
63ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BBD5C967313D5ADDE8ABAA42CD360B2321749CE0F91A544B376D30C9B8477CE0AACC4254C126FC4BD438C59651D65CC8D8DC6705B6AAEDD2A5880E924901EE67
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8d8e6e4a5072b8c74f77857e165b1861f3b8412dcec7f3bb9a3e2c358030f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=hpcZ+g==, md5=8EjW5d8t8FgfXMdZvBFvyw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478119
cf-polished: qual=85, origFmt=jpeg, origSize=117789
x-guploader-uploadid: ADPycdtYqxqGWaPkXORwTwYWySKZNIJwADq86BsrbiQYE6ifusSEZ3DeNC0be1UP1MdKZj0w83iU2ht0gSSDgI88X4w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53060
last-modified: Thu, 16 Jul 2020 10:33:26 GMT
server: cloudflare
etag: "f048d6e5df2df0581f5cc759bc116fcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkMylaKIIAH1oQL%2FfLYeuroaYRtRDihFDNmIcYKCN1W8tJkDNFmbqZot3DCq%2B%2BYFptmlVbIo%2FuJJayFUHuquYYgCBkOwhkoHS5a6aIuQ7YGww7L52nxZNg4%2FKkO7UTNkdbFlJQyz8o1ktQD3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594895606154878
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 117789
accept-ranges: bytes
cf-ray: 699529b49db9145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

htlp.html
trck.arag.de/trck/htlp/ Frame 2280
Redirect Chain

https://www.awin1.com/cshow.php?s=2283539&v=11600&q=351068&r=412871&pv=1&pref3=oneiddEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consen...
https://trck.arag.de/trck/htlp/htlp.html?from=zx1&utm_source=Awin&utm_medium=Retargeting&awc=11600_412871_1633421315_70352eb0-25b3-11ec-a5f3-692d0d349c1f

0
1 KB

157ms
36ms

Image
text/html

87.98.242.143
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trck.arag.de/trck/htlp/htlp.html?from=zx1&utm_source=Awin&utm_medium=Retargeting&awc=11600_412871_1633421315_70352eb0-25b3-11ec-a5f3-692d0d349c1f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

87.98.242.143 Saarbrücken, Germany, ASN16276 (OVH, FR),

Reverse DNS

affiliate.icrossing.de

Software

nginx / PHP/7.2.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:07:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
X-Powered-By: PHP/7.2.21
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-HTTPS-Header: 1
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://trck.arag.de/trck/htlp/htlp.html?from=zx1&utm_source=Awin&utm_medium=Retargeting&awc=11600_412871_1633421315_70352eb0-25b3-11ec-a5f3-692d0d349c1f
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 2280 6 KB
7 KB 68ms
68ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 483975
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdu5gcDY_sGmMgG5jLOlzH9V8-9RlFFV87BYh7AHM0zTvXnvQRjaI7zHONPuDpM5gln6dtUGTH-OT7CFxY2c4a06TN2DCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uEytE4QOfnRhmQPe0Odj5jN8sRQlzogXY0JietPpFgOUglMvLMMGouo9ZQskPtghx41RpnIGnRVe7rXgupegFKR0Xh6fzgpKZGNmxch%2FeO3QbjlfQDvwgo1uxdMHmDlqCl49jrHigJN%2F431"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 699529b49dba145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 2280 9 KB
9 KB 72ms
72ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477904
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycdudnV4eO2aZpHFCA4XuAKyX-A5pH3tRuyLrJDgri9x-waX1y4h64Y653nk3O0vUREnIe2G8DMTD-CtRFm0Bm0uZEx1tjQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHuYWgXXJRTvae7C93ajf9ZXkvkwlUZEU9iYR73f4q7j%2FzpvFCOJVqMB5lERXe%2B3GQ0U2qbL8wClFTKmoCERa782QDU5GCFXtm3eotiFKON8EMrQ8AVkRXIta7WCrJYBR%2B6EyNGHSj11twYD"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 699529b49dbd145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2280 43 B
704 B 92ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame EF6B 64 KB
8 KB 50ms
49ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b4de25145a-FRA
cf-bgj: minify

GET
H2 200 A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
assets.ad4m.at/logo/ Frame EF6B 20 KB
21 KB 45ms
42ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=To/Z0A==, md5=KhBt45iUESpR/gNmK/6mLw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1004738
cf-polished: origFmt=png, origSize=42492
x-guploader-uploadid: ADPycdtQ6F8FhPNbaAGNy-IZQ_An_7eCiFky-YVrLJcLN5rbbxIsEYAQzNcrC5FCWR77j552SyPy6-VMu5eIC5aPxk8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20462
last-modified: Wed, 22 Jan 2020 13:07:53 GMT
server: cloudflare
etag: "2a106de39894112a51fe03662bfea62f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYB7NEhy7qVyqb3uBrt5MeakcubvfKQ1aOroSCeOzOZolQVqlXyV1pC0akL3gQjzfI8XOTmyqtz246fItobcER%2B91m%2FFO5CFb%2B%2FpidJbK3GajsgUSsygfHoNMan5F%2BGxfekvHakhLlQpsRDt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698473273442
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42492
accept-ranges: bytes
cf-ray: 699529b4de28145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
assets.ad4m.at/ Frame EF6B 41 KB
42 KB 50ms
47ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=qNATdQ==, md5=rtrnh66lL12Rx8tGiazR5g==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 476509
cf-polished: qual=85, origFmt=jpeg, origSize=136044
x-guploader-uploadid: ADPycdsz2fX3dmUCApBzTUltEztPkLszIH3OhXdqSk__bSQLLWrxRqRL3W3icfvSb6_0a54RcYCWHJnv_ZdM5oUe9pA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41838
last-modified: Fri, 04 Oct 2019 10:13:18 GMT
server: cloudflare
etag: "aedae787aea52f5d91c7cb4689acd1e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn%2BoOD3h7B81gjKhfzILbXEe6G4RTqsu%2BuEVXyq%2BtETcbRTLvTyHHQg1st7ATCipkaeX6FoCLqFO4a481R8x9CGhU538kV1D2nwgDKnGQC6%2ByeYqBWeEtQe7dfh0iafkpMsJ4WcnXbMXqgO6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570183998426851
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136044
accept-ranges: bytes
cf-ray: 699529b4ee2f145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EF6B 43 B
704 B 67ms
27ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2578359&v=11671&q=344795&r=412871&pv=1&pref3=oneidEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame EF6B 46 KB
47 KB 54ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1921669
cf-polished: origFmt=png, origSize=74333
x-guploader-uploadid: ADPycdvUFc3ubdVf33otHzioABwwdFuZNbFxy22iIfxB_m20Q5MYcG_P_oHhRok7q07ENKxB52Cb16RR_zVoTFAi7-4
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guVnS7VNt5Oixie9mz844oSB5IRYJ6Rg4k04ppibqpfqQ1cJcuBTMLlFZHiSxgemBYeQzSaKrOKnmla%2FD9RyGG33xO9PQNl7gn3jFbw%2BcsBO362bSHiFRnkptFJ70g7WoLJhgG3ge%2FH7vc4L"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47320
cf-ray: 699529b4ee38145a-FRA
expires: Wed, 06 Oct 2021 08:08:35 GMT
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
x-goog-generation: 1589193884048730
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 74333
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame EF6B 290 KB
291 KB 134ms
129ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1003332
cf-polished: origFmt=png, origSize=489686
x-guploader-uploadid: ADPycdvypi1fb5DkpOruMa6VjDHnmd_nAufOTMZFfiWUwr7b6PRZUFf_45iAQjkytx2rHnuMqaZth_0w46P6rohiNos
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 296674
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDrO0EZ08b4cfjzbJW0OB9Wrn4398GcBDyAsfP2qVi91%2B78bzVBU4t3ENEnI0Ox%2FEed5Ha6OcKYXo78uaIYSoklbS4fg3wUxkw78ta20UURpRT3NXQSMOtawToAEvWSRgreVOHzhzva6OSJ3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605612267020757
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 489686
accept-ranges: bytes
cf-ray: 699529b4ee3a145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame EF6B 6 KB
6 KB 62ms
57ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477289
cf-polished: origFmt=png, origSize=12441
x-guploader-uploadid: ADPycdvG2TCRJEjtAEybOCBqcLUUK0_OhhehueH7a9If8faFxPfNeu5uNTdkBxiFyqO_XRy74R9aExZeQtMTcPTZjIE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
last-modified: Wed, 22 Jan 2020 13:02:46 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJuQfzHDoDEC4uLWz%2BPmaYSMgBRuOJ7eqoToOEp4cQYOlfkjcm%2FDSdA6EzZlZWQaqYdiMyrgE6io4qnF3dPY7va4Qgc1meAViKcF7p73%2B1cNpm1bce72TI5eDNm4mM%2B9evZb6mkno%2FvWsvnw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698166841638
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12441
accept-ranges: bytes
cf-ray: 699529b4ee3d145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame EF6B 37 KB
38 KB 44ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 476131
cf-polished: qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid: ADPycdtF3NsLNWy-BYTftKbAKh7gtuU3wGyB8ODbgoUXYwdZodvKEBtwVcSGrYlsSD0JIWRC19bp4IOzE0rjf5S1XMI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38376
last-modified: Tue, 30 Jun 2020 10:59:41 GMT
server: cloudflare
etag: "9a6735ce88738411b521c572479825a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gzrtVsnRRkXP2%2FPLuXfWxbyX7jQ2wCqLmejItZ9I0CxpML1nspp4pyLYkexmRqmnB9mh1rfZtUDaq%2BtsFS0kEMd7N46dGtiJNhjNOVZvp2S0IwEGiouR41aqNrU1DmCH%2FWmaMP%2Bk3AAgzYc"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593514781204583
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 98417
accept-ranges: bytes
cf-ray: 699529b4ee3e145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 view
t.adcell.com/p/ Frame EF6B 42 B
468 B 106ms
50ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidEjeTDfEfgVhzHAHjt4tq6daqTVTZAGoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 6DFC 64 KB
8 KB 131ms
125ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1020794
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 699529b4ee40145a-FRA
cf-bgj: minify

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 6DFC 12 KB
12 KB 60ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477261
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdvfpzivrajkW-uUTcgH53RywfwRuOoNmCH_CmtaAMZBoqbUcQMmux_zxSJ2Uo8ZUELyNil5y9-GmF34SzY1QFU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGJihrg1E8VCyGwUegTVj7uzlF4%2F6dBiTiyQ15jGhbgOUcebHdKuNWPivzTZ5C2yAxSxNXfpgRsN6MgNJquSxU7r0%2Fzywp8ko44GmTVQthiafIQ1scKwsbAPoTak2DBrtvl0uD6oL6Sds09e"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 699529b4ee41145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 6DFC 10 KB
11 KB 58ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 476388
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvr6UyuuI8p7nlEJW4J78bYCg4wJbnzfmziKwkUnx-l7pikjB1XSdRkk0jX7ifkktyRxBzXQ2yCfeP_ZTjDoD_eCn5qHg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAK9nQxscSuUscIebS%2FvKKsiazLWjfNBMenWjWeIIe6wR5MX5nBDUTcaPCc2bzNJ4n1QrgmETbRfiamlfLyoWPTnuIe%2FiHn2pyzKsap8HY3iftIdGBXIf4WxVhoYo1Owu9gcBJypmD%2BjaMtd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 699529b4ee43145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6DFC 53 KB
54 KB 58ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1002454
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycduV8Ul94YwZQ_o3u__f8-9HHQ3sgWL4LVQ0LyEWZ57j3FnWrrRUnKlM1gB3KdPxZKE_kUSIsGuj4quF5XZcQIQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO07YVqXUxW78nsNTrD8dI%2Ba2J%2FI7NLudz8%2FFwh1zSUGTX9vOTZ%2Bm26G9L83aEel6CWs2%2FtYTVrq7Hf771eeyDR3WWEsfZl1DRMDXkhNnPSC8MbBS39rR7Pt81MZR7vVd8%2FLoSv%2BlOYPVQ%2BT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 699529b4ee45145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 C31B4120F3B365B92C4C523C88C8789BEEA9E8CC26B9F41E58BC366DDCF0521417F6F05510784895073FAC9D660080EFDFD3938DE00589DC0E31AF612C1593A3
assets.ad4m.at/ Frame 6DFC 114 KB
115 KB 63ms
59ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C31B4120F3B365B92C4C523C88C8789BEEA9E8CC26B9F41E58BC366DDCF0521417F6F05510784895073FAC9D660080EFDFD3938DE00589DC0E31AF612C1593A3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2491540e7ee7eee20afcaeb741cab423dece6ce14fb7db22558df4e45efc214c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=I3DWwA==, md5=Pay1X9i9ZLNeLRszRlJgkg==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182541
cf-polished: origFmt=png, origSize=230236
x-guploader-uploadid: ADPycdv6d6-cXC9ZvcerG8E-KfEPpugDsSQlKztY-r8qZ7y4uldEHKjkgZB5qZ8Fw3cACllk9Usx3DhFIpDt1_JI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 117030
last-modified: Fri, 21 Feb 2020 10:45:14 GMT
server: cloudflare
etag: "3dacb55fd8bd64b35e2d1b3346526092"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qESrWmyOSN5ctUfCPqY5Lt8NWMQxum9bZK8nsFol4yHURX7VT1MQ2R%2F7nfnAIaQl5n%2BNepliaw48Dr8sA3Ymi0eC590hZVvjbl1KmcrWPb%2FKRlcr0Vsy1%2FzRV1qnJaTMgpWVZEN2lI%2BVrk3j"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582281914042092
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 230236
accept-ranges: bytes
cf-ray: 699529b4ee46145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 6DFC
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202110051008355674646...

43 B
780 B

33ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&wfid=117679&vlz=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021100510083556746460235X117679V1226132702MSoneidMxefzfrfWjzFWHEHGtDt66BT9T4Tb6koneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&wfid=117679&vlz=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame 6DFC 467 KB
468 KB 75ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=dyeWTw==, md5=eBhBXL35Vn6m9QiEHE/ipw==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 997455
cf-polished: origFmt=png, origSize=706198
x-guploader-uploadid: ADPycdt8gNN7LsWDU2l5xJ81kEBy8habrV3VvjRtKb_Jk-KC_lJy4kaPLkE5tltr99CtXjCF2MZ_OiQ46pJnO22rl0k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 477790
last-modified: Tue, 03 Nov 2020 16:12:21 GMT
server: cloudflare
etag: "7818415cbdf9567ea6f508841c4fe2a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shP2W9RCUFxd%2Fixaqgut7CXRgGkGxhCrBai%2BTpCdaJg8MMzVVmEoX9iGaJMJb6KoT37XOgL14AIEpI%2Fu86gydqsnOMrLxma%2BrId0%2Fdykdwl4lWFd6C%2BxC%2FJVW7pNudjra8CaeBWAs6TMea8q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1604419941958117
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 706198
accept-ranges: bytes
cf-ray: 699529b4ee48145a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 6DFC 28 KB
29 KB 75ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=IDewpA==, md5=0GHKFV91j0kDQOFHYE3D7g==
date: Tue, 05 Oct 2021 08:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 995962
cf-polished: qual=85, origFmt=jpeg, origSize=133780
x-guploader-uploadid: ADPycdtZpVT5VG-w0d_KPmgDoSdbE1fv3PdY7wd4z4Iu7UlWYxgY0h3o_NJj0tFfa-PFdAZjIM7eaClwaNfHG2f_2sKsbXrKew
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28740
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zXEZoGTTZLyIcXJmPtQLBje95Affwn1Z6G1eXRUYw90NR5SFRfb4ZNiwS8UKJmjAxcePqrINdjEekLI%2FUZFLjRxp7BK95G9%2FStAdXWE40ka03El1St9Ze6KiVVR56YJ5QSLEZZAwnIkZJuL"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582021321117606
content-type: image/webp
expires: Wed, 06 Oct 2021 08:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 133780
accept-ranges: bytes
cf-ray: 699529b4ee49145a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6DFC 43 B
705 B 62ms
27ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2412085&v=14702&q=365825&r=412871&pv=1&pref3=oneidZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5EE4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7015491124227668121

42 B
366 B

40ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7015491124227668121
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7015491124227668121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9; KRTBCOOKIE_80=22987-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&16514-CAESEAWa6B7GQPJmsscKLMJEO0U&KRTB&23025-CAESEAWa6B7GQPJmsscKLMJEO0U; PUBMDCID=3; KRTBCOOKIE_153=19420-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO&KRTB&22979-tHbT77J_1r6vcda-sXXL6ud0heqvcdPp5nQEOQtO; KRTBCOOKIE_391=22924-6578588437221448683&KRTB&23263-6578588437221448683; KRTBCOOKIE_377=6810-815d072c-f784-42ac-8815-d6fae0a9b515&KRTB&22918-815d072c-f784-42ac-8815-d6fae0a9b515&KRTB&23031-815d072c-f784-42ac-8815-d6fae0a9b515; KRTBCOOKIE_27=16735-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&16736-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&23019-uid:daa7615c-0802-4200-9791-2340bdd35557&KRTB&23114-uid:daa7615c-0802-4200-9791-2340bdd35557; KRTBCOOKIE_336=5844-2626945708281059440; SPugT=1633421313; KRTBCOOKIE_57=22776-863285058235829675; PugT=1633421314; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1634601600%3A197_219_201_221_226_227_235%7C1633478400%3A174; SyncRTB3=1633996800%3A2_223_15%7C1634688000%3A35%7C1634601600%3A220_13_71_7_56_21_3_22_81_161_54_8_166_55%7C1634256000%3A63%7C1635984000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 05 Oct 2021 08:08:35 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-7015491124227668121; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 04-Nov-2021 08:08:35 GMT; path=/ PugT=1633421315; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 04-Nov-2021 08:08:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 03-Jan-2022 08:08:35 GMT; path=/
x-lat: lhrpug011:0:470
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 05 Oct 2021 08:08:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=7015491124227668121; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7015491124227668121

GET

redir
rtb-csync.smartadserver.com/ Frame 4D07
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFX1pFN0N1QkFBQUJkTUctN2M0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE_ZE7CuBAAABdMG-7c4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE_ZE7CuBAAABdMG-7c4w&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE_ZE7CuBAAABdMG-7c4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

0
0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&addseg=19,36,42

43 B
43 B

58ms
15ms

Image
text/plain

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-length: 43
content-type: text/plain; charset=utf-8

Redirect headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 7D9C
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

27ms
27ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
frontend-id: 9
location: /pubmatic/1/info2?sType=sync&sExtCookieId=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 7D9C 95 B
455 B 154ms
78ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 699529b56c5b4ac3-FRA
access-control-allow-headers: *
content-length: 95

GET

p
a.audrte.com/ Frame 7D9C
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9
https://a.audrte.com/p

0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LgzgOUJE2uUfHKohxoEuHNLlvEL.FoU-~A&gdpr=0&gdpr_consent=

0
48 B

29ms
27ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LgzgOUJE2uUfHKohxoEuHNLlvEL.FoU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LgzgOUJE2uUfHKohxoEuHNLlvEL.FoU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7D9C 43 B
661 B 50ms
48ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3cb6e279-e868-4eb2-b8b1-163a5ee21b65
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3cb6e279-e868-4eb2-b8b1-163a5ee21b65
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=017d5f14-e324-4adc-aa5f-f5f5819becba&user_group=1&ssp=pubmatic&bsw_param=3cb6e279-e868-4eb2-b8b1-163a5ee21b65
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cb6e279-e868-4eb2-b8b1-163a5ee21b65&gdpr=&gdpr_consent=&gdpr_pd=

1 B
181 B

27ms
27ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cb6e279-e868-4eb2-b8b1-163a5ee21b65&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:483
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cb6e279-e868-4eb2-b8b1-163a5ee21b65&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 7D9C 0
103 B 62ms
36ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4CFB69B4-ED1C-4086-87D3-61CB9A4EF1E9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVwIAgAGsRcumwAR&gdpr=0&gdpr_consent=

1 B
256 B

41ms
40ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVwIAgAGsRcumwAR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:873
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1633421315.354871,VS0,VE0
x-served-by: cache-fra19180-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVwIAgAGsRcumwAR&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385373946195215795&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

41ms
41ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385373946195215795&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:814
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385373946195215795&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

29ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:34 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:295
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7D9C
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5c4c6f68-d99d-42de-8446-678912a748fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
111 B

26ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5c4c6f68-d99d-42de-8446-678912a748fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:487
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5c4c6f68-d99d-42de-8446-678912a748fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 79ms
79ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210929&jk=3427297932877267&bg=!-vml-b3NAAZE-GIIRPg7ACkAdvg8WuSW0LSq3Lo_PZnv2EeuiisHLE2MDPKwAzctES7U7fY6qnwF7gIAAACxUgAAAC5oAQeZAz5cyHbdIYQS2KDYeuzsXtYJBpOMj2S8DMJmJ1df2RJM8XWcOt9mZ52KOQe4mcblxZEL_uLMO_jDo98y__9_L4-7zgYLg92fyVGsp_bARfuEyKBEzML19kCYPSgnDW92Z2muTqvyTxHl18R1nDEiGdXM8AnGimZQFkk3U4ZebIY-F0lKV_gDTuaaztCZR_qsLLLqFjPG490pcqeGvNz0txrK1sy6G4Bu-k9Y8DkVRN7XW4Zhvd4go0UtKHxquUhcapggGo3tM73usRHUEaiTtmgjim7PL-Ff0uzjj_9qZXxLU7Z96Hzzl5NHkGPwwzqNzPZ2QXwYWMSFBU_9zGxuweWnzZQj19C4vVZjCprVmptDvtUKuv-pkBD0Dw8LqUXNG9WKyTfbqy0GmWh-lTXt1cm4DB2rqjnUcm-WGvxzgODP3C75ErHazvbo2O5CpNNWZ-8t_ZfEG1K9uh_doQ9mzSuWp6eCIUCp3fN24pI_vHFu6yY5yeYYuZ-iGafsLrGuDtF8j9CixPs9I8Vhl1rW18-BfsCJf1EZrzmgqYnCdNOtFKlxcQ3aNZxz6NIASvnWB_KQ3BsTa08kRTUC-DKfdhVvKNXMzTRLxzx9JboirNWx5w5wyu3h227vLAc5zeUNWudqUAzBqzFg7Z2E4LEKNjxzHmI3HUn1GcezdRwC46LM79bZwxo1XcdbyCngwUFkdtkwNnLy__nMlwG671JY3uS6JbNXVBdNiUeF37myDHO_gUsiKiQJslRJr7OpbhtlqXk1IVb2_E4Ccfxlss8MicOPszYOLFBruDtPm5TPsRnDsSH3Oe9-QOHUkY1qP_ffVahWLG9fqgEEDV-sCKAzYUa5L_64-YKhpomXSYDg44xpJAv4wSVcvgXtsetONZCw81Z_yifC0ycHLkRFF8wDK80HmKZyF4AhPeA0IhRtgvpIKwmO8v-os8Zz83C2BCI-ZM443UzNnjJyfi0qwesPx0efLoC1Dke68lCItOX8EeQ0l5wp3Xs2MrhZOsGJ5gsWv3xSmSTU5Jtg5fqzrnNPpeFoWGmciSmN-Lzq0Dd0Wh6RO72JIhSELqdDxjTO_F5MguxeCX_t-Fc0U5-L2WNb1w
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 2280 1 KB
2 KB 315ms
118ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84e6c41316c49024af3ad36ca8a309891d3d932e0feb1c2559965b6092946759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1352
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame EF6B 1 KB
2 KB 286ms
114ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1krqbxkg2by031x6twyt368kzmgq87681fgxnvth68sfc19e8s80r90p0qyvbb8z3rbzh670m8c9sbjw60vsx9mw747jeec3aq7zmvyj3gk802e684j37kb2jpprwr2h8q0tp3xzjptkzbj18ghn3qa8vymz5c762c05sbnxnptf98mgyh3epasgp5rj6eb3pj3qjtkws6f7hqvb66864ybr7z2xahfaknsvcmpx1brgv027qcs1rg9r8dbbrnwxrjmmrf9bb26dva5anngqshy9cbbqn44rbqxvkxw5eehxsc2vak8ra%26a%3D&clickref=oneid13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mjoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&viewref=oneid9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: cae69f1bb9e7e16c9c5030222ca2740784fbc2084625e87c1ec492b1ead23843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1463
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C4A6 7 KB
4 KB 48ms
48ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=45346098;rtbwp=YVwIAgAMX6EIu-F-AAWtNtjzX1GZUJa36aOocA;rtbdata=sE7aJDcJueh3On_-eeYFLClp44mgHv7KjXEDQ9KFwQboSpqmlTCsbQ6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHEOnvh62PKSrSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGx4iVuK1hPu0HhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C0QWCAghcYaG_Mf7C7_UPttqWqAnovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE9gFP0MGHr-XoOvzT9ATs1SrEhi-_dGPEKiOI8muYKuZnDQU_arZIeGb2XRNGoeQY9QadsnUPhGQUt-aVQr9sDoCpBd0O4bNYet00pv4sdCLxuHGI9KIRlcb8h3krD7Uu2ch2LHwUQqTH67k1qe3kkpPtax0dl_cccfbFrqAiExoGIGKJBuy6ctRL-0J5FISDfESPnPE9C-zzkf5OIVgyszqlcBidHwmyiDIjvnF2OaYviVbYtba4Sigc2o1JhbrEUHACekKwZxPWwBHkEmd3WhCr0vdMdQuuzTIlpIATxQrPQu49WY87HGCGjDXykwGgJA4KfD7j-hngBAGABv-d1fi66YnpgwGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2uElkMHjfB8ismVQ_eNjklnHcFKw&client=ca-pub-2845463438153782&adurl=;js=1;adfxid=1x;3330;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.colunadofla.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

85eec0ed36dc8d2fef5cb0d7108b18618e112e78b6636ef3472a72a93fc4d83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3303
expires: -1

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CE3 42 B
119 B 32ms
30ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscQptWCsrAFP0u2vH1FIXO7jZGXWiRNAZXhR9GV3g0o9qMTIqsZQ4Qy9KLt7jg8jiAvPbX72pb3kgyJtQHrV1McA&sig=Cg0ArKJSzGudUNi6N2qQEAE&cid=CAASF-RoMIUQdSZowcWnSdBh19k1OkxdbOUw&id=lidar2&mcvt=1006&p=0,0,90,728&asp=1110,436,1200,1164&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3299812059&rs=4&met=ie&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633421314240&rpt=227&isd=0&lsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 6DFC 1 KB
2 KB 292ms
127ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidYxGfrf3fwBgTVH9HetgC1JWSAT1T4pJoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&viewref=oneidxEbfQfAf6gJUPHdHztQt3jqhJT6Tqkxoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C20351%2C19769&b=xEbfQfAf6gJUPHdHztQt3jqhJT6Tqkx%2CMxefzfrfWjzFWHEHGtDt66BT9T4Tb6k%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3q&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJ%2C62Zcef3f2MwfeHmHYtECWW8a2T1T2qJ%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=4f1216d4ff7761cca3a9400b65de7faa%2F8341715647940987345&i=27720%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315203&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jay8x9ph5fx3c8bdv27zg4k7naydcdbxyjnpr5s6d70yjgbm4jksh987n1b6576ndg4kbh96y7m7bdnwtv81bk53v5psqz7trnjbdy1m7ykg9kwdtxe70e8evvd9mq1w1v0621c7j45pb98ym0d9peafpfnq8kcamvz43vt5eyxn1a0t8zxjmp86r9an2qzvagr6eyf05yb98g7bppcap7hfh7bjmeg21nbqqc3tmn6j9yme0vz0jhcp6r6ncn2as3awtnp3e25j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqkdHAghcYZ2jFOuH7_UPnKKe0A-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPQBT9Ay_NnI37PWmMv0tSv8D74CCmRCNmlVrhKqjc6uhTSgR8zorKPGxyQHpGLjMhfiZpEpclqw8N8GnVG12YJ3UiR2Os61xr2FQ39I9hHfNgWqb1twXg8WsPHz-zOe_hX6fNhUBgvj9rzzaF2CwJQFKTggc8E0pomjRFerimgpZrT41enKroh61pRprO9lFnMAV28MV4Nx6WekG3b1v0ohzkBA_mVk_VmnLs6uu2q2a-jMKWKGAib_hgujmTKrZ_nFIAVk1Q1fS_6ZGoIr9GlMI063zo-4W2r3hZbeRifQttMcEsk2jn3V202Oxza5bfismkRySOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1TrtzdPg-3p_EJR3tzIhElJrrbaA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 04ad2593410cea6c88ff2f7bfb8074a2a2431487252f4dd062f59671757cc2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1369
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3448 1 KB
788 B 9ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83378
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C4A6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f47de55cb5bea6a956f9d11c36be0aeed14356af1532667fcefe0d8d13c0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3448
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVZ3SUFnQUdzUmN1bXdBUg==&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPI_kMcy4fU2EyppKttYAjLQwVqkyJ...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVZ3SUFnQUdzUmN1bXdBUg==&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPI_kMcy4fU2EyppKttYAjLQwVqkyJGNMjjFuRtyhYYc-IXxwdb-FXv5RQ55vASaEshArmYDFxY5HqXebTjFtW3-t_gfhg

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1633421316.544376,VS0,VE0
x-served-by: cache-fra19180-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVZ3SUFnQUdzUmN1bXdBUg==&google_gid=CAESEIG69c5TPps-ToRS5y19OS4&google_cver=1&google_push=AYg5qPI_kMcy4fU2EyppKttYAjLQwVqkyJGNMjjFuRtyhYYc-IXxwdb-FXv5RQ55vASaEshArmYDFxY5HqXebTjFtW3-t_gfhg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3448 0
141 B 41ms
15ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEA4EmrljFHZbusG2MSkaSU&google_cver=1&google_push=AYg5qPLqLQafwvvBH7uh7L_wxhMwuhqb5geUWbi1J_O_RwS6sq6Ysq-Ushv40qRz1vv6_-iabz0vDNe1WH9BhmNty4ypPMlU4Q
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3448
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELqEzKa1cssgnjSCbKfvEcM&google_cver=1&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQy...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIrRtzbFbt-YLKmbZUJ6uJE_7dHnJlehVR60v7OjtlYtoxw_ZYexDUQPkmMLpu3lwMnhT8-5eCJonLT6LuQWvIeerHzAg&google_hm=MjMwNDI1NjY3Njg0MzQ0MjQyNQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 3448 43 B
124 B 17ms
15ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEALqMj9Jj_9ZgQQuwKsqjG0&google_cver=1&google_push=AYg5qPKw9TBzNs0z3YljOd914vZR4tmbGuRBTkbqQ46OXZT_qKeNx5KbUZwYAoZ7zcf3S2rDbBM8BFir-_0I5nO5Gr3_BcBBbw

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 08:08:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3448
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEG16Y-0pl42hyIvEYSTbd8o&google_cver=1&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM&google_hm=gUqcZ1piz7kE6px0eQZQcQ==

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLfwuIjfEJNM12jSIh-iDidcCMMRM0KTuMEhKBp0gn24slWrfuxXKYEF8ity06YoS22kywNkhvGdrad5nVdd5qwbh6k7wM&google_hm=gUqcZ1piz7kE6px0eQZQcQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: f8iv545h7qpi1u1gh5060t1idu5virs1

GET

pixel
cm.g.doubleclick.net/ Frame 3448
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVwIAhuDqW3NOeRloKyELAAABKcAAAAB&google_cver=1&google_gid=CAESEGRwP0LmkUwlyBPKylz0zoI&google_push=AYg5qPIXbT8V0tqyYEbCQLF9HWXbUQF2xu3GA...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3448
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcE...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqk...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc3aSU-MQCXGA31m7E7gxWUn8DdFIx1JOGve

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPIHvCJPR1XtTMPCgA32bpDVh9JkWWMGlZNzsFlLN4HQZiQBqkcEk3sTKJYJOc3aSU-MQCXGA31m7E7gxWUn8DdFIx1JOGve
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3448 0
12 B 15ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTAlBxnUTL37KAVjtdzKa7850dHNOm7qpIHRH_2MRIeifKjndM04xOeqYjS33w3pB-igz62A

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.209/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame C4A6 85 KB
36 KB 23ms
23ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.209/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ae8a9ee03c283c1394c0996cc74bf700a20e086bc816154f0f2a88c5bf7127d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 07:04:15 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 06 Oct 2021 10:58:02 GMT

GET
H2 200 container.html Show response
4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3089 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.controle.colunadofla.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.colunadofla.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 05 Oct 2021 08:08:33 GMT
expires: Wed, 05 Oct 2022 08:08:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3089 0
0 19ms
18ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCB9ZAwhcYa-bFLrO7_UP8LWFwA3ovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE9wFP0GPhJHcqFguv989UnhgSQp6RdvSR50ptXv5473O0x9JRzcokRu9BsUJfiAO1I4chGmjcafFTSi2jbTEyK2rBI4TRl5j6t1j0LK0anGelYbXv4NHAEoIK_HXHqMUQQsKQ9ip0x1Y23tRamv3gcjcB5mj1aJ70dEMSu8t1o3P5Q3xibWBVB_9cV0qS0OPjPWwgmMm0J69FkyWcSGYSsHLcV91Xk5EtalDye2xWGfNEPf9NjemJvjGawdLag_sfnh9D9BHjB1x34iNGg7Uzed-evyoHXJcpnYOrb-GDMe4Zx2upeK4pPRentEzlD-Z98deoErHP1Tcl4AQBgAbS0eHDs-SaxzCgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=iZywyxf0CQY
Requested by: Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3089 2 KB
2 KB 22ms
21ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46122688;rtbwp=YVwIAwAFDa8Iu-c6AAFa8HRUMc-EjtZT6_Zlcg;rtbdata=sE7aJDcJuegtJ2_a8HrCRmhWVGPQvx3Toufkf_oMaTcmrVSoXWc3YA6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHPk4eIyZepErSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohEDGA49WkzhpUHhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cmor9AwhcYa-bFLrO7_UP8LWFwA3ovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE-gFP0GPhJHcqFguv989UnhgSQp6RdvSR50ptXv5473O0x9JRzcokRu9BsUJfiAO1I4chGmjcafFTSi2jbTEyK2rBI4TRl5j6t1j0LK0anGelYbXv4NHAEoIK_HXHqMUQQsKQ9ip0x1Y23tRamv3gcjcB5mj1aJ70dEMSu8t1o3P5Q3xibWBVB_9cV0qS0OPjPWwgmMm0J69FkyWcSGYSsHLcV91Xk5EtalDye2xWGfNEPf9NjemJvjGawdLag_sfnh9D9BHjB1x34iNGg7Uzed-evyoHXJcpnYOrb-GDMe4Zx2upeK4pfxWqJtBRrorXUPNu-soOFVMx9Lbe4AQBgAbS0eHDs-SaxzCgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2tHNHoQ1uxGQ1nyp8n9OigAxEtnA&client=ca-pub-2845463438153782&adurl=

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bf79b2e267b3addf8ce7448d3c1833c648a23f63a8edae083a20458e0b6b8c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1760
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 3089 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 08:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3089 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 08:08:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 3089 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 07:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6203
x-xss-protection: 0
server: cafe
etag: 14739191248580884080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 07:53:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3089 22 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 08:03:48 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame C4A6 35 B
494 B 20ms
20ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=45346098&csi=MTnSPghbi5mhn9UQB-ey9Bcc_ylMcH8qzI_r3pLbMykJDwKV3Zer3PHDPIhbJd0lnZAeE7w6o6ZAtQaqXJ8WGGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44511262.png
s1.adform.net/Banners/44511262/ Frame C4A6 31 KB
31 KB 21ms
21ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44511262/44511262.png?bv=2

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

163c449371e33239be211739a6a68af70c1d5ba1fec19c1ee78017c653339154

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
last-modified: Wed, 14 Apr 2021 07:16:50 GMT
server: nginx
etag: "607696e2-7c2f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 31791

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3089 33 KB
16 KB 22ms
21ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46122688;rtbwp=YVwIAwAFDa8Iu-c6AAFa8HRUMc-EjtZT6_Zlcg;rtbdata=sE7aJDcJuegtJ2_a8HrCRmhWVGPQvx3Toufkf_oMaTcmrVSoXWc3YA6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHPk4eIyZepErSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohEDGA49WkzhpUHhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cmor9AwhcYa-bFLrO7_UP8LWFwA3ovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE-gFP0GPhJHcqFguv989UnhgSQp6RdvSR50ptXv5473O0x9JRzcokRu9BsUJfiAO1I4chGmjcafFTSi2jbTEyK2rBI4TRl5j6t1j0LK0anGelYbXv4NHAEoIK_HXHqMUQQsKQ9ip0x1Y23tRamv3gcjcB5mj1aJ70dEMSu8t1o3P5Q3xibWBVB_9cV0qS0OPjPWwgmMm0J69FkyWcSGYSsHLcV91Xk5EtalDye2xWGfNEPf9NjemJvjGawdLag_sfnh9D9BHjB1x34iNGg7Uzed-evyoHXJcpnYOrb-GDMe4Zx2upeK4pfxWqJtBRrorXUPNu-soOFVMx9Lbe4AQBgAbS0eHDs-SaxzCgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2tHNHoQ1uxGQ1nyp8n9OigAxEtnA&client=ca-pub-2845463438153782&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5eed273d16f8b9f330c78d58eebc4c1cfb64346a84a9bc8781afe1bc69077d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 07:04:15 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 06 Oct 2021 10:57:23 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3089 7 KB
4 KB 22ms
22ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46122688;rtbwp=YVwIAwAFDa8Iu-c6AAFa8HRUMc-EjtZT6_Zlcg;rtbdata=sE7aJDcJuegtJ2_a8HrCRmhWVGPQvx3Toufkf_oMaTcmrVSoXWc3YA6lzVbaIVSC5L5LL77Ct7G3iu-JCHfMjG4Xs7OEm8P2RCXwxiQ7-ZUSxFA_n3xXpRmQZP2mOwfarUjzMHSitITx2U9-Uow5q3Ld6QnzCVYK5S72xqliKpHPk4eIyZepErSOZi72Z4a3a1Pokyu7_zLKFV3IK5FMFQnkW84F48YOferpEVA82eAwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohEDGA49WkzhpUHhIpkoas3H0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cmor9AwhcYa-bFLrO7_UP8LWFwA3ovpiUXKCls8n9CMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyyAEJqQIgydnvCO6EPuACAKgDAaoE-gFP0GPhJHcqFguv989UnhgSQp6RdvSR50ptXv5473O0x9JRzcokRu9BsUJfiAO1I4chGmjcafFTSi2jbTEyK2rBI4TRl5j6t1j0LK0anGelYbXv4NHAEoIK_HXHqMUQQsKQ9ip0x1Y23tRamv3gcjcB5mj1aJ70dEMSu8t1o3P5Q3xibWBVB_9cV0qS0OPjPWwgmMm0J69FkyWcSGYSsHLcV91Xk5EtalDye2xWGfNEPf9NjemJvjGawdLag_sfnh9D9BHjB1x34iNGg7Uzed-evyoHXJcpnYOrb-GDMe4Zx2upeK4pfxWqJtBRrorXUPNu-soOFVMx9Lbe4AQBgAbS0eHDs-SaxzCgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTMyNzYzODY3MzgyMTE1NzT6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2tHNHoQ1uxGQ1nyp8n9OigAxEtnA&client=ca-pub-2845463438153782&adurl=;js=1;adfxid=2x;9919;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.colunadofla.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5a35d286e4992dd7f196d4fc3f79007647e43529f40ce936efbfb8db42cf815d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3307
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 3089 43 B
208 B 20ms
20ms Image
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=26&asset=23&sid=276&rid=10436&cid=42476

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:08:35 GMT
last-modified: Wed, 20 Jul 2016 08:18:17 GMT
server: nginx
etag: "578f33c9-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D4E 1 KB
783 B 8ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 04 Oct 2021 08:58:57 GMT
expires: Tue, 05 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83378
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3089 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3a43240b5997be336c55e868bf026cc8b88d1520c841be6217a8c03e2b029d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EF6B 51 KB
51 KB 42ms
10ms Script
application/javascript 143.204.209.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1krqbxkg2by031x6twyt368kzmgq87681fgxnvth68sfc19e8s80r90p0qyvbb8z3rbzh670m8c9sbjw60vsx9mw747jeec3aq7zmvyj3gk802e684j37kb2jpprwr2h8q0tp3xzjptkzbj18ghn3qa8vymz5c762c05sbnxnptf98mgyh3epasgp5rj6eb3pj3qjtkws6f7hqvb66864ybr7z2xahfaknsvcmpx1brgv027qcs1rg9r8dbbrnwxrjmmrf9bb26dva5anngqshy9cbbqn44rbqxvkxw5eehxsc2vak8ra%26a%3D&clickref=oneid13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mjoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&viewref=oneid9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 51890
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 04 Oct 2021 17:43:46 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: -7DqPLDlsP7WjlXcOmYzQtrBU5P8eHt5jxA-F5CCt0yflIA4V61ihQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame EF6B 40 KB
40 KB 127ms
52ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneidw4mudfjfDDqZUPCRH2tXtEdQsKT9tD36oneid__asuidMEgxJvJp_wKTwZ81IS32FyDPdRGokadUasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=2647615
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13833%2C56666%2C765&b=EjeTDfEfAJktzHAHjt4tQXYuqTVTZAG%2C9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAG&f=ADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQ%2C13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7Mj%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQ&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=2d73ecabdc4a63dc59a6104e922d5797%2F7293828727376879634&i=17743%2C22427%2C1676&j=16%2C21%2C4&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315179&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwg7qv6cfhkcqmaxfywmemvv4xj5z4929hpy5mvm0gxsrgmdg0q56je9dzz2vjrwbvv5rt1g104br37t3cg2x18wqwmeem5p95fdkqyadkp0t2r3qbkky19f58g7dk85smgey8qnghk1e4mccnnntc8e2hqjyaz7p6xgk5hn8y4vg1mkvxjzytbnrymsec1m56n4b43jmb9tzfdsd5k61ryarvg6h25fqf1j6y0gvy578fbsq774ndm0mrv7mg58h7m0y0y0ndyt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCICZtAghcYYnYHNSU9u8Po5ix-AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCAbZ5ppV4sz7gAgCoAwGqBPoBT9Br4IBB95KCAVKjWJX7ycAaQMxOSEwhmnCo_w7lGXFQs0N2TpFwSvm-wGu9NHLydgbuiZp0F01ntKM68WofEYPN5Ju9ic9236Y-D1NHLNP8soRwpektsL_CQa-zU5V6Xk6m_f3xFl0ZNJe9j9jxgGtiZrfH2aBXj4AI_GFl66VAC0EMAPXwD6BSF9vmicf4qMDNw4_v5n9h0D2WTpS6WtsBgHFJYNBtj7a2qEuzknuNSP_GIGZLUh9nj0I_CmsGVsoicn6RfgW4UmuReB9NICeu2FqK7FJ_LR5b0hUm2UPItV3yaQvQtaOhytPInMOv4JpWXOj9tdSmQOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2lvicol7pXZdHMSNCjcwg2O-LZmA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2280 51 KB
51 KB 50ms
19ms Script
application/javascript 143.204.209.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7oneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdoneid__asuidFd08lodeE9NP9VhrI1cHZmXx8XL3L7shasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 51890
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 04 Oct 2021 17:43:46 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: EK7L_dEpzchaGeDSMM52AkDJeeKaFsin5kXK6_Mvr-JuaKUOMSLyng==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 2280 85 KB
85 KB 121ms
47ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidAe7SYfqfK2PaAHRH4tktMA2T7T4TD5oneid__adf_Netmix_Reach07_Single&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C35349%2C64769&b=r2GcQf9fd3jTAH7HjtqtBwxu5T8TKxd%2CdEQfEfkfkJ4fEHjHwtEt3R9H3T4TGW4%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3q&f=PxefBfbfRbzh9HjHbtgCPzEHZT9TPM7%2CK1eHRfZfkPKf5HMHktzCYWEc8TATwGk%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2&c=300&d=250&e=Fd08lodeE9NP9VhrI1cHZmXx8XL3L7sh&g=5f5a0c4bc6878e0cf09c838f00582b9a%2F276105526105808924&i=20430%2C27829%2C27835&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633421315157&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4nt7958svajergvt053rtrjha50hjaf7d4snm1ax31b8q1xhvcy3v37wrf7v092chy0g665b0w6jesftw8j8bcrhgza6db08abmtsphx49mb9gtcm4yqgh11jhwtrp186a1g4nmanajnw7hvb95ex511g2qfvcryy701cx2jw5wxzax2h4pjq3wsv4pv7aa75pc5t7145rjabb9hh13st5x8hqhkvywdp4zr1yp1vp8tpaerrgq5kkr9bas6y600qnyw8t7km5j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaAyiAghcYf6GC7eQ7_UPm8qE0AaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yODQ1NDYzNDM4MTUzNzgyoAHCrujdA8gBCakCaPHbpmd1sz7gAgCoAwGqBPoBT9BtM-oDGrdhNMPfjY9xbaSvndr-bBqj-5Qu9D-0F095QKyClyokXvlOfOSMyFxjGRM9kaAIYO_6Zlg-85OBj-Fknzt-g_uPt8zYT9mhnt5xuLlBlqckdQDs30Ngt1F5qIzNCBrssApjRvsI_pyp_IiTJIvyQBFl0WIA-XvmR2V5ZDgmbuCB_ill7MX7ACNRoOhYPIg_HEgpE7iegJpB5qHmcQD9-qUxM5ff-OcPmcEcLjIlK9TJ2ecWF9ls_TRbclTCctbSFBiNUiZmRzyZ2Xl257Gqcj_5HoCsBMcs8dmqmijF91wXp1sCjcIcLqDs7iTFV5VGVOVNruAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMzI3NjM4NjczODIxMTU3NPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2dfcd6bdTpHhPdIt87g7i5bwySNA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 08:08:35 GMT
Last-Modified: Tue, 05 Oct 2021 08:08:35 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET /
google2waycm.netmng.com/cm/ Frame 6D4E 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOjV25Xv3aBz_LZGTGd4Qwo&google_cver=1&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP5rSz3KVBzjo

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP5rSz3KVBzjo

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=2qdhXAgCQgCXkSNAvdNVVw&google_push=AYg5qPKK3xRGbwN0d0B6fxR4-8aUMY8h9Q_pHXZlYI1ggHQmIuPl8u9pmEgWV4mLiqcmbQGHrEg7kakkcs5nCvqP5rSz3KVBzjo
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 05 Oct 2021 08:08:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHDpPVkZKDL1Nd6ZZ9evzEA&google_cver=1&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kFO-OIms8lul9I
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8B1B3FDFE7A476F9F4434383BF126E8&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kF...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8B1B3FDFE7A476F9F4434383BF126E8&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kFO-OIms8lul9I

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:35 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8B1B3FDFE7A476F9F4434383BF126E8&google_push=AYg5qPIvBAZX89hg9uCeBEQw2tym6Jyg3RmICNY1dKEUNV1YVbgRgyuSuGLnIHQ9lI3hSrtxR3QsG-nYZdAC7kFO-OIms8lul9I
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Oct 2021 08:08:35 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6D4E 70 B
264 B 35ms
33ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIQrxPvlQMfQn9sgNi_Sy_M&google_cver=1&google_push=AYg5qPJx-agGnAaMiyXAbNZUwq15wXuNPJ9clD1aHtn-98G3yzr72XSPA4GQQwZyCJRDQWA91UAekrqyU306nJDojYMM_xkJsQI
Requested by: Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4E
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEA4EmrljFHZbusG2MSkaSU&google_cver=1&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsF...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsFR31M3VGIT12k8&google_hm=hmFcCANXnOSJaadXTA...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsFR31M3VGIT12k8&google_hm=hmFcCANXnOSJaadXTA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D615C0803579CE48969A7574CBLIS

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6eT4ffiPcBur-7lG4YDU1wp9owOhI4pkf5pNu8BndyfYswDnY71_slsun3ZilQHuwxyktwX34nkpvsFR31M3VGIT12k8&google_hm=hmFcCANXnOSJaadXTA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D615C0803579CE48969A7574CBLIS
date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEN2CaZT8W_T5y9BGAOV6kLk&google_cver=1&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHX...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHXNwVdxZdByic

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHXNwVdxZdByic

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Oct 2021 08:08:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIzlyAjwG3Y_m7lDcuhj9aazQwFl1YSGdl2ODPm6NeO9suPgLVGh65erq7cVAGRlb7T1h6qNryegiUealHXNwVdxZdByic
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VLZ-fzOgqNpG5yxJsXhZ7nytDxpgPVcbC3YCjNHCAv4EClOp-0eqfQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D4E
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJM...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMd6bILplKCffxS6I5zfa5I&google_cver=1&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPt...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtj...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtjky2bP9XCofOhSeJfKV5ZAq67q-zMzgT6q4

Requested by

Host: www.controle.colunadofla.com
URL: https://www.controle.colunadofla.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 08:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Oct 2021 08:08:35 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2ZmQ1Zjg4NC0yNWIzLTExZWMtOWY0Zi0wNjFiOWIzYjk1MWU%3D&google_push=AYg5qPJDZz-3pUpsi9tnLOt-aHRpnJiBxoHepOJ4ZeN61VZDJSAIPtJMdOwIpVegtjky2bP9XCofOhSeJfKV5ZAq67q-zMzgT6q4
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D4E 0
12 B 17ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyTPH4QmrWrxRt42YR9eHH07UVZEwS_bMYlKuVQCZ4Go7zrDILm62X1XZ4LLFmSrcQv8LlEw

Requested by

Host: 4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com
URL: https://4592410630f1abfb8089932fdc5849ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS