www.diarioceleste.com.br Open in urlscan Pro
2606:4700:3031::ac43:b242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diarioceleste.com.br/
Effective URL:
https://www.diarioceleste.com.br/
Submission: On December 01 via manual (December 1st 2021, 3:58:12 am UTC) from PH — Scanned from DE

Summary HTTP 703 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 92 IPs in 12 countries across 82 domains to perform 703 HTTP transactions. The main IP is 2606:4700:3031::ac43:b242, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.diarioceleste.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 5th 2021. Valid for: a year.

This is the only time www.diarioceleste.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 44	2606:4700:303... 2606:4700:3031::ac43:b242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1 51	2606:4700:303... 2606:4700:3031::6815:11c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2825	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
52	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
5	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 3	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	52.28.186.152 52.28.186.152	16509 (AMAZON-02) (AMAZON-02)
9 10	18.194.4.47 18.194.4.47	16509 (AMAZON-02) (AMAZON-02)
1 1	52.57.134.242 52.57.134.242	16509 (AMAZON-02) (AMAZON-02)
1	75.2.29.42 75.2.29.42	16509 (AMAZON-02) (AMAZON-02)
6 24	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
7	146.20.128.101 146.20.128.101	27357 (RACKSPACE) (RACKSPACE)
20	146.20.128.158 146.20.128.158	27357 (RACKSPACE) (RACKSPACE)
5 5	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
107	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
20 38	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 10	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
54	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
29	146.20.132.145 146.20.132.145	27357 (RACKSPACE) (RACKSPACE)
12	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	54.93.162.63 54.93.162.63	16509 (AMAZON-02) (AMAZON-02)
4 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
7	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
3 8	18.194.154.127 18.194.154.127	16509 (AMAZON-02) (AMAZON-02)
26	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.58.32.98 52.58.32.98	16509 (AMAZON-02) (AMAZON-02)
2 8	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.156.157.11 35.156.157.11	16509 (AMAZON-02) (AMAZON-02)
12	213.254.244.13 213.254.244.13	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2 6	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.214.119.250 52.214.119.250	16509 (AMAZON-02) (AMAZON-02)
5 5	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3 4	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
14	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.111 185.64.189.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:9000:206... 2600:9000:206f:b200:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	23.88.75.187 23.88.75.187	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.206.28.97 34.206.28.97	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:d29... 2a05:d018:d29:3602:e219:12f7:637c:c071	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.83.159 3.120.83.159	16509 (AMAZON-02) (AMAZON-02)
2	3.128.15.210 3.128.15.210	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.171.206 94.23.171.206	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.227.208.19 35.227.208.19	15169 (GOOGLE) (GOOGLE)
1	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1 1	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.77.47.243 54.77.47.243	16509 (AMAZON-02) (AMAZON-02)
6	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
3	52.57.42.190 52.57.42.190	() ()
1	169.197.150.7 169.197.150.7	() ()
1 1	18.185.171.80 18.185.171.80	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	() ()
1 1	3.227.93.166 3.227.93.166	() ()
703	92

44 2606:4700:3031::ac43:b242 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

diarioceleste.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.diarioceleste.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:3031::6815:11c9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.diarioceleste.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diarioceleste.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2825 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v2-ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.186.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-186-152.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.194.4.47 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.134.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-134-242.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.29.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com

stg.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2.18.234.233 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 146.20.128.101 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 146.20.128.158 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:678:cb4:bbbb::11 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

107 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.186.66 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.220.244 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 146.20.132.145 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.162.63 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.194.154.127 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-154-127.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.32.98 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-32-98.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.157.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 213.254.244.13 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20237.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20230.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.119.250 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.45 (United Kingdom) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.251 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:b200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.187 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Ballerup Municipality, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.28.97 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-28-97.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e219:12f7:637c:c071 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.83.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.128.15.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-15-210.us-east-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.171.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.208.19 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 19.208.227.35.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.42.190 (None, )

ASN- ()

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.171.80 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-171-80.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (None, )

ASN- ()

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.93.166 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
169	googlesyndication.com pagead2.googlesyndication.com 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com tpc.googlesyndication.com	836 KB
95	diarioceleste.com.br 3 redirects diarioceleste.com.br www.diarioceleste.com.br	923 KB
85	doubleclick.net 21 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 8019191.fls.doubleclick.net ad.doubleclick.net	463 KB
64	lkqd.net ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net	225 KB
60	pubmatic.com 2 redirects vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com aud.pubmatic.com	354 KB
54	2mdn.net s0.2mdn.net	868 KB
30	stickyadstv.com 6 redirects ads.stickyadstv.com cdn.stickyadstv.com	446 KB
20	doubleverify.com 2 redirects cdn.doubleverify.com rtb0.doubleverify.com tps.doubleverify.com tps20237.doubleverify.com tps20230.doubleverify.com tps20519.doubleverify.com	214 KB
15	criteo.net static.criteo.net csm.eu.criteo.net pix.eu.criteo.net	694 KB
13	casalemedia.com 5 redirects dsum-sec.casalemedia.com	12 KB
12	advertising.com 7 redirects pixel.advertising.com ads.adaptv.advertising.com	6 KB
11	spotxchange.com 3 redirects sync.search.spotxchange.com search.spotxchange.com	11 KB
11	adnxs.com 7 redirects ib.adnxs.com secure.adnxs.com	10 KB
11	googletagservices.com www.googletagservices.com	348 KB
10	yahoo.com 4 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads-eu.v.ssp.yahoo.com	5 KB
10	bidswitch.net 9 redirects x.bidswitch.net	5 KB
8	google.com 1 redirects adservice.google.com www.google.com	1 KB
8	teads.tv a.teads.tv s8t.teads.tv t.teads.tv sync.teads.tv	134 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900011.redintelligence.net	10 KB
6	gstatic.com fonts.gstatic.com	122 KB
5	turn.com 5 redirects ad.turn.com	2 KB
5	onesignal.com cdn.onesignal.com onesignal.com img.onesignal.com	110 KB
4	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	175 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	criteo.com rtb.nl.eu.criteo.com ads.eu.criteo.com cat.fr.eu.criteo.com dis.criteo.com	25 KB
4	vidoomy.com ads.vidoomy.com a.vidoomy.com stg.vidoomy.com	6 KB
3	amazon-adsystem.com s.amazon-adsystem.com	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	722 B
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	1rx.io 3 redirects sync.1rx.io	2 KB
3	openx.net us-u.openx.net rtb.openx.net	771 B
3	sitescout.com 2 redirects pixel-sync.sitescout.com	791 B
3	wp.com c0.wp.com stats.wp.com pixel.wp.com	33 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	652 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	audrte.com 1 redirects a.audrte.com	1 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	742 B
2	3lift.com 2 redirects eb2.3lift.com	942 B
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	dotomi.com dclk-match.dotomi.com pubmatic-match.dotomi.com	207 B
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	83 KB
2	cleverwebserver.com scripts.cleverwebserver.com v2-ui.cleverwebserver.com	52 KB
1	bnmla.com match.bnmla.com	114 B
1	w55c.net 1 redirects pm.w55c.net	904 B
1	deepintent.com match.deepintent.com	44 B
1	ipredictive.com sync.ipredictive.com Failed	522 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	466 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	adgrx.com cm.adgrx.com	408 B
1	iprom.net core.iprom.net	277 B
1	ad4m.at ad4m.at	916 B
1	erne.co 1 redirects green.erne.co	324 B
1	zeotap.com mwzeom.zeotap.com	454 B
1	loopme.me 1 redirects csync.loopme.me	216 B
1	rfihub.com 1 redirects p.rfihub.com	781 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	agkn.com d.agkn.com	650 B
1	contentspread.net cdn.contentspread.net	44 KB
1	o2online.de portal.o2online.de	609 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	321 B
1	googleadservices.com partner.googleadservices.com	445 B
1	google.de adservice.google.de	792 B
1	facebook.com www.facebook.com	295 B
1	clevernt.com sender.clevernt.com	354 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	googleapis.com fonts.googleapis.com	2 KB
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	sundaysky.com Failed vop.sundaysky.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	exelator.com Failed loada.exelator.com Failed
0	atdmt.com Failed ad.atdmt.com Failed
703	82

	Domain	Requested by
107	tpc.googlesyndication.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.diarioceleste.com.br pagead2.googlesyndication.com
92	www.diarioceleste.com.br	www.diarioceleste.com.br
54	s0.2mdn.net	www.diarioceleste.com.br s0.2mdn.net 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com tpc.googlesyndication.com
52	pagead2.googlesyndication.com	www.diarioceleste.com.br pagead2.googlesyndication.com 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com ad.doubleclick.net
38	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com www.diarioceleste.com.br
29	t.lkqd.net	ad.lkqd.net
24	ads.stickyadstv.com	6 redirects www.diarioceleste.com.br ad.lkqd.net cdn.stickyadstv.com
20	cs.lkqd.net	ad.lkqd.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com www.diarioceleste.com.br
14	simage2.pubmatic.com	ads.pubmatic.com
14	securepubads.g.doubleclick.net	www.diarioceleste.com.br securepubads.g.doubleclick.net
13	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
12	static.criteo.net	ads.eu.criteo.com 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
12	googleads4.g.doubleclick.net	www.diarioceleste.com.br ad.doubleclick.net
11	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
11	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
11	www.googletagservices.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
10	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
10	x.bidswitch.net	9 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
10	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	cdn.doubleverify.com	2 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com cdn.doubleverify.com ad.doubleclick.net www.diarioceleste.com.br
8	ads.adaptv.advertising.com	3 redirects ad.lkqd.net vpaid.springserve.com
8	ad.lkqd.net	www.diarioceleste.com.br ad.lkqd.net
7	image2.pubmatic.com	ads.pubmatic.com
7	search.spotxchange.com	ad.lkqd.net
7	v.lkqd.net	ad.lkqd.net
6	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
6	image6.pubmatic.com	2 redirects ads.pubmatic.com
6	www.google.com	1 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	ups.analytics.yahoo.com	4 redirects googleads.g.doubleclick.net
5	hal900011.redintelligence.net	1 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com hal900011.redintelligence.net
5	ad.turn.com	5 redirects
4	aktrack.pubmatic.com	www.diarioceleste.com.br
4	vid.pubmatic.com	vpaid.pubmatic.com
4	tps20230.doubleverify.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com cdn.doubleverify.com
4	tps20237.doubleverify.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com cdn.doubleverify.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pixel.advertising.com	4 redirects
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
3	ads-eu.v.ssp.yahoo.com
3	s.amazon-adsystem.com
3	match.adsrvr.org	3 redirects
3	sync.1rx.io	3 redirects
3	pixel-sync.sitescout.com	2 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
3	t.teads.tv	www.diarioceleste.com.br
3	onesignal.com	cdn.onesignal.com
3	diarioceleste.com.br	3 redirects
2	cr.frontend.weborama.fr	2 redirects
2	vid-io-cle.springserve.com	vpaid.springserve.com
2	ads.creative-serving.com	2 redirects
2	a.audrte.com	1 redirects ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	vpaid.springserve.com	ad.lkqd.net
2	eb2.3lift.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	sync.targeting.unrulymedia.com	2 redirects
2	r.scoota.co	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	d.adtriba.com	1 redirects 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
2	pix.eu.criteo.net	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
2	8019191.fls.doubleclick.net	1 redirects www.diarioceleste.com.br
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	a.vidoomy.com	www.diarioceleste.com.br
2	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.diarioceleste.com.br connect.facebook.net
2	a.teads.tv	www.diarioceleste.com.br s8t.teads.tv
1	match.bnmla.com	ads.pubmatic.com
1	pm.w55c.net	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	sync.ipredictive.com
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	tps20519.doubleverify.com	cdn.doubleverify.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	rtb.openx.net	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	dclk-match.dotomi.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	d.agkn.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.diarioceleste.com.br
1	cdn.contentspread.net	hal900011.redintelligence.net
1	ads.yahoo.com	googleads.g.doubleclick.net
1	hal9000.redintelligence.net	9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
1	portal.o2online.de	www.diarioceleste.com.br
1	img.onesignal.com	www.diarioceleste.com.br
1	stg.vidoomy.com	www.diarioceleste.com.br
1	sonata-notifications.taptapnetworks.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	www.diarioceleste.com.br
1	s8t.teads.tv	a.teads.tv
1	sender.clevernt.com	www.diarioceleste.com.br
1	v2-ui.cleverwebserver.com	www.diarioceleste.com.br
1	pixel.wp.com	www.diarioceleste.com.br
1	ads.vidoomy.com	www.diarioceleste.com.br
1	www.googletagmanager.com	www.diarioceleste.com.br
1	cdn.onesignal.com	www.diarioceleste.com.br
1	stats.wp.com	www.diarioceleste.com.br
1	scripts.cleverwebserver.com	www.diarioceleste.com.br
1	c0.wp.com	www.diarioceleste.com.br
1	fonts.googleapis.com	www.diarioceleste.com.br
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
0	vop.sundaysky.com Failed
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	loada.exelator.com Failed	ads.pubmatic.com
0	ad.atdmt.com Failed	googleads.g.doubleclick.net
703	136

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
twitter.com
youtube.com
diarioceleste.com.br
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
wa.me
wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-05` - `2022-03-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ad.lkqd.net R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-12` - `2021-12-10`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh

This page contains 92 frames:

Primary Page: https://www.diarioceleste.com.br/
Frame ID: 74740B286F3BFA806CC39FAFC0DBED2D
Requests: 195 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 95016F1ED0D8C098E28EE6B24B37BA74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1638303598&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638331084170&bpp=3&bdt=703&idt=127&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5203399669807&frm=20&pv=2&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063694%2C31063782%2C21065725%2C44748553&oid=2&pvsid=2978480186622626&pem=316&tmod=1479939750&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144
Frame ID: B3BD025A19C6B34D9CE9E32C64C7DE62
Requests: 1 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F71B88950253915A38672ED94ECB5971
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 8519B6769A1EDED3AD0B81565588534A
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 04121AE5911704186FB9AFC7AD4D07AF
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 64E47A0E3D7DF4FBEE56F6AFE5E187C4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: EDE811DD00A427065920FBF50D1F8D31
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9A838D54065C37C13F13C79D5F55BBC8
Requests: 6 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C41D8CAA656801ACC7A94F261B8ACA41
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNVszGf5xNQGWUYtIWsP8J4dMqxUBCjKVnUT5pMZUthDfPx1Qn5b-BZgyJgUqwqPRS3Aw9Shi8VoSLd2zLP6qL9lpRk4FtWRSMGL8qqg5GKeVnjLrFKSGSCWvfLdq7VAl9apLwhCOaTYr2-TAt85X5K99oYWWQHnOObhkTM6MBwZ8oPswBc
Frame ID: 42AC77793DF367BD2F3FB4F69BC83E90
Requests: 5 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B6BEC21EE0A8B754A4D2D606310EEDD8
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 460FC87E5CC606978E9CD7BE4357E803
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: AC868251E8A4A7CD44DE88BF71F63F24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4BE75396C316179A2695B66D2FDE4B6A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2
Frame ID: 5A3308C8A48355AD9BA103B7C9A88D0C
Requests: 8 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25F672F6027D2C0C91350A1328274877
Requests: 13 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 497BFC1506064F72237FBCC9CB513267
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWIwkobvpJSw63lC0oSGxmjHfKZSobqxFNDfYB-OQicyudD8rS9VSSfRknW-3CInUPxDXML1uRuqHRLpfVcrKp8J0t6bIHB6Qj_8LXRBd_hzrtIov9Nn7-bGDBA7Nb4ZTCIwBVHvHESMBBG1TeYHv47VHD3IVCrfhlym3UwB2OBBDz2DnY
Frame ID: 2367338DC0FA874224A3B57BB1A3A8C2
Requests: 5 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C182F17522EEE9D70A8128668EB19715
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65FF109EED967B99119CEEC840AE0B6C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI
Frame ID: 3878D16358443D8A214D5B41EC24EB4C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 82737672A38FC81DFAD30D5980664834
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: DA704F0F5AA14E606ABB1AFD5D7AE6FE
Requests: 10 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D1A4A4E79C5181B55750213A3C7AC37
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
Frame ID: 0C6551FBBDBD9AF4C1BAD2D84AAF33C9
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228
Frame ID: 93B96FAA4003DB8A4DEEE36EDDF8084B
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
Frame ID: C6AC9CF30AA91597E08E09CAA4D77E19
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVSwOMJx3egsCpTWzj3Xawrn-9KwKp0HF84BRzLvbOcTT0XcrHkicoYThrzFfrC6yTfX605s5UdyTvDLsLe6EmUZd8Q6Q4DHLgkiTLQjVWhkW3ydyqj6Rqrn5InD745oDdws1CgAYeJSFzGhXAe1wNqXgxnKJmS68qtdJoCQSdodSuBK_o
Frame ID: 88A1210E1AF421BC951A73005E518E62
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2B43D12016A4EA3B200A55D744E1F8CD
Requests: 3 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 923AB60980933B74C7B739C77DB1CFB9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
Frame ID: E4E539B107C4459E904E2B808DD87F95
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Frame ID: 21C878329B3A5DD6987B1B027B8F624F
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF6ED95E39A1F85208AC95A9FF370A66
Requests: 3 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CF43640A4D747E4228B4A0BDF549E484
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhjz56ymATAB&v=APEucNU-l1_ESXwrOjMD6dCzVAGNpFmu3DFTEneWTB6zX2QVYA0TnHM1SYuQvL4RXFQ7ZFb4aimhe54rE3xY2bh8yk6E-Qrjqe7LCigOpy4PbGsmuy5AXi_lLl4nFZuvgAXJxzkDQBAVhHV-T93YL4qtLVAf73ueURHInSBqKBsVbqzVk9eiiLw
Frame ID: 14ADCEE9E4BD9487AE838B7EC6627263
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/10326444/1619528968743/index.html
Frame ID: C3A0FCD82CB3B06AC3633C6489265D17
Requests: 9 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9EA15880F409F3747EC82FAE5658CC4F
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F4BB5FE67D077F70E05416504443CD3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhjtvYScATAB&v=APEucNWtTL_M0FAlmlCXsWyK3_zvfBPnDtK5xf7hpL2DEXpi7vjxCcHA6FEkbwuaniaYmnmj5FONZzrcdTZ2oSv66BD_dtzzws0oyb27kc2RPhjiOUmiSXsf4WyBLwt5LFRe1lwrYf0J83G9i9abDbeLnh4QALDlH3JVSiMezqQkhuLdOinHBpo
Frame ID: 430582D34ECE85211BFD5E5ABA0404D4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FBD33BD506F96196AA3A3329DC1B4268
Requests: 3 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D24B80E206BD7982A8CEAB5B7E6AF919
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYsO2pvAEwAQ&v=APEucNXULTYy9tV9VEcY4lVIpxcEDK8aklah64mRTfl9GiK_h5nu1yMsYfmT7yjEtGfJVrKuK46zxYfoOzyZlmLnNe1EAEKku8htEeF_ItAZZLqFPxAqMF2JgJbQ7kRHPsgyN1njXGScRp_mjoGgKUyzk2ZKqSNHuKYvi8Bi--_u5Bh7Xa1yU1s
Frame ID: F4590E05643D3CAE4EEF8E41F1D7F89B
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Frame ID: E621156FB31D075918A95FD33D99993C
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
Frame ID: DAF6DC8955799C62D7027397BE3E3115
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 862BD08FB7771BD1CEE2607D0EE7FBAB
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C8DC1DCB59E5DB43DFFF3F9D18A655E2
Requests: 13 HTTP requests in this frame

Frame: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 451E32EC8213ABD180C71F7F180A01FE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 490FAE3C616E44A2537D7CA4888451C2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6A9CFFC7979ED2C8BD9EEF2B6AC47864
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: DFF1B279F267B54FB43B0E3A3C5DCD47
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E642EDF3A9295FDBFC99179B4E29C51
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html
Frame ID: 4A89701A29A8604CE00C0FD4ADF4B8EA
Requests: 70 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: 3F8E78EE84A2BB7DC9068545BE15A1AD
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C
Frame ID: BFAD9F4E9B8C70A35D29D476529CD73E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5871054209374493530
Frame ID: EE95364567FBEF908DAE9CE9C223FB70
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 78B31A41553EFE7C0F2262D3C4DDC771
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B00C49E74C7CB526FA757135DD829D6B
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Frame ID: 5F416AEF4E240D518307E1E220503157
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7D4E0A6684DA6126B7DDF53FC647C240
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6A54A9AC21BCCDAB02091D07C17FE4A7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47DF4DCFAB769A3F23848FFD6009B00D
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: F92678118E020130C5A247D8664CAECE
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Frame ID: 609055BCA193A4DD959A728021DDD9F5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 42E6546BEDC3EC022B2AE085F54B89DD
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036578434397829259
Frame ID: 168845047D6FE477B9590C78943370CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yaby0AAIlrEttQBR&gdpr=0&gdpr_consent=&_test=Yaby0AAIlrEttQBR
Frame ID: 286BE335CAC646A1CBA36705D88655B4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: 103342FFE8B75B4215A5A6A44343303E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 832253D5A4EFFDBB1724524758FE7D5C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: BD20AF66DA0A7979B3F2861199FBE943
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Frame ID: B2FFB4554D2EE3CC91B3DF0FE6BBFB09
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0670A55DD4E7A18E4E37BC87CAA5AACF
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003
Frame ID: DD9BBBE298659EE00CE3C5A18988E9DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ka4watdtAeutogcHaBXnX6Du
Frame ID: 7B6B8A0F79B67C556EE5D45E70AB0D88
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 19BF614EB275FDEB40BD833D37FD3F4C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 5999428E1722BDFD27612E1AC6EDE7AF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 16CE0C2A3E5FD91357E9D5DA716B7D99
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2B2C8E1DD29E816DA5E3F3E2C63DEBA7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3360CDD5DEB4E9722F1C115FCFDDC177
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: C89BE691FC361ADC0FAB284F44A26905
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4BBEFEF3497FFC84521DA04EFD4EB149
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 95594AF0BF05914E04ACFB66EF52E2E2
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: AA98EAFD60CB2F5DE17BDCD0624B2394
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8225BDDD250ED8520818E96A9D2B077A
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E11961950E045AFA1B1AECA8EEAD3A23
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762510967062%2C%2C
Frame ID: 68F283E8CE796C7E91F60E2972B7CD5D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9B3296B4AA133A7AD5942F3761208C59
Requests: 3 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 6E60A52F09F5C6CE327C9CEA13D130FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr8n91Tq1MSgL05&gdpr=0&gdpr_consent=
Frame ID: 9E761A324C7CE495A448CF33261319D6
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5A7FC8F62657082A9962A3AC665F2093
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:00B497BEA5EA430B947EF2E8CB3A7D42
Frame ID: 3F804AF510890AE1219B95248B76E3F7
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: CA63F73143033B6193470A6D1D023AF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cruzeiro - Diário Celeste

Page URL History Show full URLs

http://diarioceleste.com.br/ HTTP 301
https://diarioceleste.com.br/ HTTP 301
https://www.diarioceleste.com.br/ Page URL

Page Statistics

703
Requests

88 %
HTTPS

30 %
IPv6

82
Domains

136
Subdomains

92
IPs

12
Countries

6282 kB
Transfer

17648 kB
Size

120
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://instagram.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://twitter.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://youtube.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://diarioceleste.com.br/
Title: Início

Search URL Search Domain Scan URL

URL: https://diarioceleste.com.br/table/campeonato-mineiro-2021/
Title: Campeonato Mineiro 2021

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/diarioceleste/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diarioceleste
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/diarioceleste
Title: Seguir

Search URL Search Domain Scan URL

URL: https://twitter.com/diarioceleste
Title: Seguir

Search URL Search Domain Scan URL

URL: https://www.youtube.com/diarioceleste
Title: Inscrever-se

Search URL Search Domain Scan URL

URL: https://wa.me/5541996486135
Title: Site criado por CF

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/gdpr-cookie-compliance/
Title: Powered by GDPR Cookie Compliance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diarioceleste.com.br/ HTTP 301
https://diarioceleste.com.br/ HTTP 301
https://www.diarioceleste.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg HTTP 301
https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg

Request Chain 147

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 148

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=853017851.0570108161865406.64570095 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=853017851.0570108161865406.64570095 HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_0e1dcee8-6724-41fd-a444-34fd5f4a1d82&bsw_param=020d0411-e776-4501-826e-0048af0a4f8b&expires=10 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=020d0411-e776-4501-826e-0048af0a4f8b

Request Chain 161

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

Request Chain 166

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8950286189169049107

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8Ab61cjGNlZBQ-wvqswCs&google_cver=1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1

Request Chain 210

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBz79vzyUpfcUuYsB72AV9I&google_cver=1

Request Chain 212

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Request Chain 223

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

Request Chain 237

https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.diarioceleste.com.br&random=6905245812440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.diarioceleste.com.br&random=6905245812440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFGg5qre7Mv_xjbg_upPIcY&google_cver=1

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEB5A6t_BPPV-v8SC3jkeCYU&google_cver=1

Request Chain 259

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1&__user_check__=1&sync_id=e3505c66-525a-11ec-b051-1e5bf6c20506

Request Chain 271

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=e34d33e9-525a-11ec-8099-17ca89300306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTM0ZDMzYjItNTI1YS0xMWVjLTgwOTktMTdjYTg5MzAwMzA2

Request Chain 337

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8

Request Chain 338

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlMzg4MmY3ZC01MjVhLTExZWMtOGJhYi0wNmZlOTIxNzFiZDg%3D

Request Chain 339

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kMGwzbW1sRTJ1RXdBd2U1emhVVFM1b3pOS2VDLkZmaH5B

Request Chain 356

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dcaid=0521-ms-jumpstart&atb_dpuid=adlicious HTTP 302
https://d.adtriba.com/px.gif

Request Chain 377

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDX4WDSYiKt_8bWwBwbcfvs&google_cver=1

Request Chain 378

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

Request Chain 379

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

Request Chain 380

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Request Chain 401

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

Request Chain 402

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

Request Chain 403

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

Request Chain 404

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Request Chain 447

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKpcFfreVBI1gjXFiZ6whY4&google_cver=1&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v689zqMfem5Z1GcsLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjU3ODQzNDM5NzgyOTI1OQ%3D%3D&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v689zqMfem5Z1GcsLQ

Request Chain 448

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEGTCnYJ1fQBcytMI55Wwoo&google_cver=1&google_push=AYg5qPJmNlffulEqTUL6LUmbqwI8VBisjYAes8jEMlFDb7Jf-6_j_yXSPEIOJMqgZN5Fal9yAX5g-JvI_9ZsZViet3H1Vdds2GBm HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=062c16a1-40af-4d96-bd50-977c0b30715d&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEUjZ0sCQ&google_hm=Ag0EEed2RQGCbgBIrwpPiw==

Request Chain 449

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOLCkjWG4DtNYjRiX62ul60&google_cver=1&google_push=AYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg%26google_hm%3DA7XqV3NuaU8alOk_vc9mwG0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg&google_hm=A7XqV3NuaU8alOk_vc9mwG0

Request Chain 450

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFKPVQ46OQoT3Iz3cQYEZQM&google_cver=1&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z8FNP5CTz69xpu7yYFUfL3KgcpUy_W9VQ22F7V415DAr7KM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nTEp5QnRGRTJ1RmoyNmREbTJLQTBpQlI3cEFWNGVXZH5B&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z8FNP5CTz69xpu7yYFUfL3KgcpUy_W9VQ22F7V415DAr7KM

Request Chain 471

https://c1.adform.net/serving/cookie/match?party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C

Request Chain 472

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5871054209374493530

Request Chain 474

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 475

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=762361a6-f2ce-4b00-8ef3-835532d82ac7

Request Chain 476

https://pixel.onaudience.com/?partner=214&mapped=DF76A8B7-E559-47FF-B629-21A3FA94937C HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=81f4bbe6-2392-4623-a7c6-9b065981d726&icm HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25

Request Chain 477

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY3NkE4QjctRTU1OS00N0ZGLUI2MjktMjFBM0ZBOTQ5MzdD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 478

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGXiVPPWRNVWv1lnoJmOMUI&google_cver=1

Request Chain 480

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=

Request Chain 481

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4414064395881013374

Request Chain 482

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81f4bbe6-2392-4623-a7c6-9b065981d726

Request Chain 483

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2797749063738055443&gdpr=0&gdpr_consent=

Request Chain 484

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK

Request Chain 489

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC7XyLyslK3nl-ZMUUDTqTU&google_cver=1&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEUjZ0sCQ HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519723606990&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=Ag0EEed2RQGCbgBIrwpPiw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEGnhTJ4mxZenFBOhFElTMdw&google_cver=1

Request Chain 492

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL0-F1OmlmbMxv19hLYu99M&google_cver=1&google_push=AYg5qPJHE2dOjt3EMU3wSD9ECPT95vXZ8vsGkKLKPAbFmTMN8kvkduts_cLs50X4w-nLIqUVGC84pIGoWyk7dIlP6ZnHL027MqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHE2dOjt3EMU3wSD9ECPT95vXZ8vsGkKLKPAbFmTMN8kvkduts_cLs50X4w-nLIqUVGC84pIGoWyk7dIlP6ZnHL027MqE

Request Chain 493

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1

Request Chain 494

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMUx6hYZMph3OCSDCK-Nig8&google_cver=1&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw&google_gid=CAESEMUx6hYZMph3OCSDCK-Nig8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTMwNjQ5NTA3ODE2NDgyNzg3Ng%3D%3D&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw

Request Chain 500

https://cdn.doubleverify.com/redirect/?host=tps20237&param=akipv6&impid=912073241ed34a308d34042d8e0ffdcc&cbust=1638331086950213 HTTP 302
https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&akipv6=2a0f:9441:5:0:e5::1

Request Chain 501

https://cdn.doubleverify.com/redirect/?host=tps20230&param=akipv6&impid=182aa42d19e4490884e6e729e6deb3a0&cbust=1638331086983978 HTTP 302
https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&akipv6=2a0f:9441:5:0:e5::1

Request Chain 504

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 596

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036578434397829259

Request Chain 597

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yaby0AAIlrEttQBR HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yaby0AAIlrEttQBR&gdpr=0&gdpr_consent=&_test=Yaby0AAIlrEttQBR

Request Chain 598

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Request Chain 599

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 600

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF76A8B7-E559-47FF-B629-21A3FA94937C&addseg=19,36,42

Request Chain 601

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 603

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DF76A8B7-E559-47FF-B629-21A3FA94937C HTTP 302
https://a.audrte.com/p

Request Chain 605

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uCX_MGBE2uW7duddYNzr4x.t_Lnqang-~A&gdpr=0&gdpr_consent=

Request Chain 606

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=a031bb8c-1d07-414a-ba46-b3920170b40b&ssp=pubmatic&expires=30&user_group=5&bsw_param=020d0411-e776-4501-826e-0048af0a4f8b HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 607

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9166458971282832915&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 609

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 628

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674074957 HTTP 302
https://sync.1rx.io/usersync/tradedesk/81f4bbe6-2392-4623-a7c6-9b065981d726 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003

Request Chain 629

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ka4watdtAeutogcHaBXnX6Du

Request Chain 633

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 634

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 635

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4133454471 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DF76A8B7-E559-47FF-B629-21A3FA94937C

Request Chain 636

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ee2ac840-1afb-479d-9c2b-ea91ae3da3e3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 637

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2797749063738055443

Request Chain 646

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=77be93f040989744c28fdd7d46c8504d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l21ce_7036578451570069572 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTHYB8CuZ7k2sPQSL-ot1s&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=81f4bbe6-2392-4623-a7c6-9b065981d726 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/77be93f040989744c28fdd7d46c8504d?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2797749063738055443 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACrkE07DTeYAACtY6DCPLQ&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yaby0AAIlrEttQBR&gdpr=0 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=9166458971282832915 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D

Request Chain 649

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Request Chain 650

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 656

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTHYB8CuZ7k2sPQSL-ot1s&google_cver=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=81f4bbe6-2392-4623-a7c6-9b065981d726 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/77be93f040989744c28fdd7d46c8504d?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2797749063738055443 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACk8Hk7DTeYAACsT6DCPLQ&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yaby0AAIlrEttQBR&gdpr=0 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=9166458971282832915 HTTP 302
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=0703220402daad39f896e851&gdpr=0&gdprConsent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6914951&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0

Request Chain 660

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Request Chain 662

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 668

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=null HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4414064395881013374 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Pr8n91Tq1MSgL05 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACeeME7DTeYAACqk6DCPLQ&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent&gdpr=0 HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=8877894&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=e6e3419e-525a-11ec-81ab-33deef32883a HTTP 302
https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=l21ce_7036578451570069572 HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=0703220402daad39f896e851&159=CAESEBTHYB8CuZ7k2sPQSL-ot1s&171=9166458971282832915&23329=Pr8n91Tq1MSgL05&25522=no-consent&25746=e6e3419e-525a-11ec-81ab-33deef32883a&26913=ACeeME7DTeYAACqk6DCPLQ&45=Yaby0AAIlrEttQBR&529=46d061a6-f2ce-4200-949c-585e6ba19a78&617=4414064395881013374&717=y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI%7EA&892=81f4bbe6-2392-4623-a7c6-9b065981d726&951=2797749063738055443 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t

Request Chain 672

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Request Chain 674

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 688

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

Request Chain 695

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=979c47a5-2aa1-4d91-9c21-4dec7d86d95c&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOC4zOTAzODE6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTk3OWM0N2E1LTJhYTEtNGQ5MS05YzIxLTRkZWM3ZDg2ZDk1Yw==

Request Chain 697

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=61b968fb-c3df-409d-8c37-eae713c01dc3&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOS40ODE2ODk6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTYxYjk2OGZiLWMzZGYtNDA5ZC04YzM3LWVhZTcxM2MwMWRjMw==

Request Chain 705

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=6e896e84-6097-4960-9b66-0f037e80a0fe&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkxMS41NzI3NTQ6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTZlODk2ZTg0LTYwOTctNDk2MC05YjY2LTBmMDM3ZTgwYTBmZQ==

Request Chain 716

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr8n91Tq1MSgL05&gdpr=0&gdpr_consent=

Request Chain 718

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:00B497BEA5EA430B947EF2E8CB3A7D42

Request Chain 720

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e6e3419e-525a-11ec-81ab-33deef32883a&gdpr=0&gdpr_consent=

703 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.diarioceleste.com.br/
Redirect Chain

http://diarioceleste.com.br/
https://diarioceleste.com.br/
https://www.diarioceleste.com.br/

609 KB
66 KB

485ms
467ms

Document
text/html

2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5757a2a2c9650560c0ebb82f8dcad638b4678422f7a147dbe4b871066b1e87c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 30 Nov 2021 20:19:58 GMT
cache-control: max-age=3, must-revalidate
x-varnish: 8847557
age: 0
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTya%2Fgdz4w2JB0jANVCt%2BggZmGTA05giX6iPpy3UQ%2BnsKwd7fxc%2BN2UGpktTKpDdhZTvL2J3YSdnhNt0eunC6o%2Fo5cyUIbRqVZOReGrgTUjgH80oZJopg5a6ZPbj0lC9S5shRS1UWI5iQ1Uli8wYmG9O5C8UAE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b696514bc750eb3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 01 Dec 2021 03:58:02 GMT
content-type: text/html; charset=UTF-8
location: https://www.diarioceleste.com.br/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=3, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
x-varnish: 8437997
age: 0
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf%2FXOygwPczjihLy%2F3ZSsTCPIS%2Fjx5EU887Y875v0WwED6jJZAjVQ3vWy0tm7zFLwfuoHfZHUmYcGDgLDumRMgddHuO5A2L40l5UPRLXLjVy6gfueYw%2FwkophwQgQii24ixgQrNjbU%2BSUAaEnmht12YQew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b69650cae800eb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 46ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7COpen%20Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a59bdfbe2d7603d0fc66a490c8362f95b13e26ff839612dd613d430b6d94bf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 03:58:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Dec 2021 03:58:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Dec 2021 03:58:03 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/block-library/ 79 KB
11 KB 26ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/block-library/style.min.css?ver=1638303591

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e264f87064204f7fc6293fa99f06349ec225aa0b889d04a7d94b999ae16fb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:51 GMT
server: cloudflare
etag: W/"61a68767-13aa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7Ogi8l4gyopMi02QBaXIjAcN%2BEo9i3U1LbqZiF9Cdi1YWJjYMNyCqdDev%2B8ze5Re5POzaIO9Bv%2FU7XbvFpquu8GrSoAAqxuf1krHohQVA4yPlpKHi9q021yC4BSMst%2BnPhRxP1byLjxcayK513nU7LN3MX5nyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517ce900eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/mediaelement/ 11 KB
3 KB 28ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=1638303591

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f09e693617089e72638ad17063d8128f3308a445ddb2115350644ab0d47b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:51 GMT
server: cloudflare
etag: W/"61a68767-2c9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVtKbc7ArQnACiL%2BBfKIRAzwNnfqGj4mTibwb0ZrAniy%2By625PASqfe9WplpStDlMsEp%2FQ0Rs7%2BUYY80uIrJpstqBLV4jNc0axzyaZViTNRhKCjL2rCoSt0pjpKEuc6PAZfm9M38Rhqqvfv4sKNH%2FNAtHuu1k8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de920eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/mediaelement/ 4 KB
1 KB 27ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=1638303591

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:51 GMT
server: cloudflare
etag: W/"61a68767-105a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woZAtbm5T8WqL%2FVgdOWTq9d9LwK9eIQ5%2BdCoPFBVDiyRIvYDYkouOSXml3CBoZ9OkS8XTlUpF0Z1F3cvfGWZf2JMMjzDuNW7CkyMU8fCRULEU6LMMh8ITaD4mRUFpHDowuOEedjOl%2BAKQSDK0SzjUQ%2BDLXo99p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de930eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 51ms
42ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=2237
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-8bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbC3g1xjnXpTRZDn9zDOtBNrAtGocbpfsp8qlNvYrM6RVHYO%2BVMSqduPBUKXEWAJB568bJYn2ukkIaOJEP6m%2BrvMmiZhz0scKV63e7eKwB55B%2FtOzaT%2FjtVJeQUJ84T5XuAvb5grZSLpJkpQkSG%2Fh75Ph9Pyrbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de970eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/ 58 KB
35 KB 29ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dashicons.min.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8603e4a41ce33ae3e68b1bb4998bad011b3654bce031bbe5bb43b17c6dc9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-e712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v5xh0I0sXJOWe99hskI%2FBdTYfXxam1LjhdtA4i20%2F%2FuRbHi5UIYHa1ROg%2B%2FodEJHX9nyMGo6mi27b8ePok8n61QFgh8b71vNAxTweoTAhiTc3YWsNGYvhMok%2BQAvRMXU%2F2cZWlAkDApZj4b54vO8asPye6ieZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de980eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 9 KB
2 KB 36ms
27ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f14ed14dd9abbfaad48acd17db70e943f736894002505f4bbb96f61af4c390

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-25ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh2E%2BmMl%2Fas2jGQzHNajXDLKdY8qToXdJwrS%2FRbsihAt6QTNQ1A08D1PvzQ%2Bq2rWawvzBsd6CVEKF%2B4cW3YSFsHH7GCnvTD5L2efagPpdtfIQOv%2BLufiFvuAaOjQjPuNkW33h2Jz9ocb6yaI7U3dPcDzB2%2FRQOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de990eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 2 KB
983 B 53ms
45ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/icons.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36cd2358d33d2289faf0430857a15235e545c1d480055ab09307d2ed14d4536

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=2517
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-9d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs03%2BLOlKcifeUgdZ9kVZbQQMA%2FokV3fr1zqSTRk3mkz7ICAHoTyrRfiBWjII9g5xL%2BFWt4mZdj%2B2hz0n1T4MvRgTDBccLC9B%2FlN%2BW%2Fhxb%2FhQHk2Iw5TmCOwbaoyZUtq12IJdhwY3v6dyd5RG1V656NbU2jcc5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de9a0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-league-menu.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-league-menu/css/ 698 B
564 B 28ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-league-menu/css/sportspress-league-menu.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32613ddf2bda8d21eb9b0cc39a9d8ebeb1a016e66827e09e139d34999ffa6804

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-2ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf%2BZqoACF9nOHwo9wB%2F7jFiSeu7GJyxaeVyBK9t7JYOZbnaLohJZwnWdlulnIO%2FDkqOuN5gh%2BV7c%2B%2BS%2Fp9qacNTtCUtY9ypuZJXdZXklVntWmjpuq2EYkGr0o1k7OwhgoayBis6ghGnU0Izc43aINX5E%2BbksG8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de9c0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-match-stats.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/css/ 847 B
639 B 38ms
30ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/css/sportspress-match-stats.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43de706623f90168be59ba091b084a6e66f66b2475379921b06f76d1e5998bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-34f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNkFFswx%2FgfP3v6yrpmm6AU7x37H5m2hmNOFBrAT3Q7FJKuXdFgeXzAIn%2BD5ZPIhVrD1RyJ9c6BpcuAlRoMlMJ88E0vxPo43DbtRorZK%2Bi1xmrFO1KZBUVvRhpShDUI0inShLjAFGVJnrehs9UW5BTEL98%2F38a8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de9d0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-results-matrix.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-results-matrix/css/ 857 B
571 B 39ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-results-matrix/css/sportspress-results-matrix.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65e5305403b1c801926e39441f4414dae67fa36b1a4e09a0531f8f20a4a0cef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmmBWrUSmN%2FsYvkWAavzmyZ6TJXdf48ws%2BcZfNHYkQjyVva8bXDsikpSM1PHjFR9cznNP%2BOqbWzUEOX9badZmQRixliG0R106FXzy5qkNqliI3FzvFKQymxOV9hNGjkm%2F5v5V7io0YLv5NUhVndU68QQZrhnEP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517de9e0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-scoreboard.css
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/ 1 KB
742 B 42ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/sportspress-scoreboard.css?ver=2.6.11

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf2da8520b0400860e1beb934968653ec32c8a15b87ff2ec095ee548032eef57

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1132991
cf-polished: origSize=1233
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 14:29:07 GMT
server: cloudflare
etag: W/"60424033-4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhJcKEOmdU7fpSYPcpGBmnWwXteii6javHUPD3dGoMpCj3Tgqr2lJMf9kN8%2BfsSUCKrDurH3at6Xcgzd%2Fj%2BFLUEGGZljyHs1dEBLzSwNeSu2qalx9nm2Vhmk2kGdii8urOX8RYzttgSvxBhQGbxsUoBLw1YFdtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea00eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-scoreboard-ltr.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/ 283 B
484 B 33ms
26ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/sportspress-scoreboard-ltr.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0592fa62b9132e3bc2c24d6d29d3f2cea400db035c075b4a6501655d60cf3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-11b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC7OcdoUvUq6n%2BmMnt93p2UauG%2BFCLJU2s5Yr1osTRv1Sy8VxTX%2BXw22hJw67hBJaG1zPIENh1fPnOiTN1%2BHD251JRnLH8%2BgNmoumv3skoKKiqGysa9XuHVpgOHe0WZ69ubGikRu16FChdltMioqP6m9JGpQfRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b696517dea10eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-sponsors.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/css/ 727 B
648 B 24ms
17ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/css/sportspress-sponsors.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96aacc6205c84b303c8c2e6d2ff36003c9e6a9d5bf2e0098a12159eca7098055

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=739
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-2e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yw6af%2BVMFDvoQXrJX8oVZUpZ8phbP62bY%2Fc%2FRCeGp%2BMLYr49JaQLeZaOjB2S0lzC1PlfHUP2ii1W2%2F8W91PYUHzGLNqkYrU%2Bxtkri%2BJBRIOvudGuN3zlmRVUx25ae0QfW0C57cAAeGaCl%2BZ233ytlyoF4j%2F%2Bfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea20eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-timelines.css
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-timelines/css/ 638 B
911 B 35ms
28ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-timelines/css/sportspress-timelines.css?ver=2.6

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a76157c3a2b72cb175a5029b332dfbc0239f484b075465b29ffda96435ad729

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1132991
cf-polished: origSize=777
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 14:29:20 GMT
server: cloudflare
etag: W/"60424040-309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7fCm%2B3DKjZkaxkHZ1aU5Te%2BChZWsLw5arZnFQq2qUc2fTZuSlee9pLK9R9K77EtnYHlisSC21fkL%2BFz23mkfT5nJ5Pny0Tiw4wblE2NLLr6cCstar5IEfriQGx18dnLfWPuqv2m22mEDB%2FM1VsogHRlFJstYb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea30eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-tournaments.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 1 KB
770 B 36ms
29ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/sportspress-tournaments.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd2301e84fbcd01b27f249c83c662c0806783c9857d9a3b7bd4e560f691d131

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=1461
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-5b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zi8SJj5VVosTQ%2F8BGgWiRKsMKIGG1MmRioAVKIohuOMm9nkl0abg40JMMzF5MCQgug5cE543jW%2F4DBhRM6v7%2BOBPf8v7%2FIwnlHES1E6G%2B%2FCLugSzlQuXZf%2FX4RDTTsZ%2FRMh1bJzw%2BeQC8deQlzkCFbrMObP%2BK34%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea40eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-tournaments-ltr.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 1 KB
551 B 37ms
30ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/sportspress-tournaments-ltr.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce799e9506617aa913ebfac893d1b2c8475852696ae9e77e0882bb71218a433c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-411"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deYokfgCUX68G8Uz3sTrQnOvJpFggCIRpBZt3C1ex3sYAVZgcPfOrhDwBBOjFT2aAgOfhHstwlByMG45KUcoSxnvQMzrdSCEmI5D68%2FDbJBiZpe07GlF6BB8J%2F%2FCgHoaPAsMe%2B1GEjvJcaHRqPNvOGqi5VuDGlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea60eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.bracket.min.css
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 5 KB
1 KB 36ms
29ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/jquery.bracket.min.css?ver=0.11.0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

942b6757fcee126e043999470c953af3fcb67d0a17249bb08914d3a86a47bd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2859882
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 14:29:20 GMT
server: cloudflare
etag: W/"60424040-13ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO42xtpTRl%2FnQ1lxd4cJRjtrfi8n%2B1qJPRX%2B1u18LstWtxZ8T9v2XZv%2BDwKK5BG2V2%2BjfmG0SYd64pkpLqpJYy69VRlqKoRbGhuL6qp7X%2B7xxZFkKLHeCaP%2FeH62uAwWh%2BKHMntm0MDSEEektiWc77NIltdjCOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dea70eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-twitter.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-twitter/css/ 141 B
456 B 32ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-twitter/css/sportspress-twitter.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6285d29393de6c7efd139687e3966ad2699067aa49b5ff1316e3665f209f1ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lrvg8e0vOZLdDjL4aJkAUt%2BkoZqCdCVWT4veBYywsIJ60xGRvbAMsnuWSU7%2BAjbByTI%2Bei%2Bvna5IcbUcNokQkQ8OFAdQcsbjGY6mhgrqxrAOJoXIuKBRgF1NwZxDT9mhxVMXP%2FLLYkAKX4ZkkRK0lLb9JfxY80%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b696517dea80eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-user-scores.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-user-scores/css/ 179 B
686 B 38ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-user-scores/css/sportspress-user-scores.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40a9850c036aceb7a250b00ce36407a49aa35ee93a0c50e844b3ca9244c18348

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=183
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bsk5yPQx7ZeAMiQP4ls0tzZQqEFA3NMN8Y3Iih70zOZ89dx7KodJwjO8peSO3arBWC%2FKAfszoS5IvfdHjjSIIg%2BHFV5CYpbDPDp8h8W9p00Ebpxf8mVJtftsNVHYUUtVo9v66%2FzVnJ4YGs7vPmAeFjO7x7d9OqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b696517dea90eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-style.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 12 KB
2 KB 34ms
27ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress-style.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d093b5f5c3b3b1f0f18f31761a85538b7d2cd38be68159f0f6400c8af8778bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=12653
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-316d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDtVdpcioYH%2FemdZb46tSNh7KmCgeuIhjTmNkxWF00Mfhb9%2FvtGUgn0t8%2BX1upFxMZg8DZhfvyN6pO1eDd3Uz3N4sJaqwGyB4g18hCa1kW0hFb8cJfq0qiqpnlaSFeeFIr1SIarjaog6DpSO%2FL0K2VcBYwKnUrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deac0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sportspress-style-ltr.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 561 B
539 B 31ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress-style-ltr.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

febccba9f7895bb2dd56b52054baa6f80647e2abb20518ff01c3628efa369893

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egHV3beHqh%2Fl1ZSAJ6ko9%2BdwMrQ2tW%2FryQXsOP7zsIfGL3F1VrchoSI6aSGV0JlQYinOgotM7RtaFFqprgmI3LkGLYcNKawbHMUNHAT6431XKk4PsmHaRrD%2BCDl9VvpNVdLc913eKHGA9B2hdKIQe9UCWFBNBrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dead0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/td-multi-purpose/ 34 KB
5 KB 32ms
26ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3968422bb4156ee11a62520675778378ff1b8cf93bd5e75e372aa539b5ee5749

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=35175
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-8967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stNN%2FHRqr66BgpiCy0zWjZXkB1gMt5XYx5H%2BgUVo2X69mKBSyBK4QmPyBtGzWQorXNOyfY5AZprbU24xPLWGsTog7scrgRQa4f%2BAcAFiDJLYVdM8oWiplsY%2BxzukFH9t7r055GkzcOJbBh5Mgw6qaSB7HsjS3Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deaf0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-widget.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/instagram-widget-by-wpzoom/css/ 17 KB
5 KB 40ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/instagram-widget-by-wpzoom/css/instagram-widget.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2277774dd9a2cdd038a54679a1cde3e25480b66cd44a17fcd86b6319f510e133

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=17651
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-44f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fslcjY%2FfB9rkl25BWrJXskof6lmoHTNkgRhJbO8oI1X1eHHy62oZHLYzTIT6eTup4RyvHtl8B3NiyRMmMHspzGJP7ATkpIaqGFMRFQ2bu8qtMLuvlgWct4HWvmsv0V1w3UguEzeN%2FSaHIRGZM4cS9FczWKZMcGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb00eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.min.css
www.diarioceleste.com.br/wp-content/plugins/gutentor/assets/library/magnific-popup/ 5 KB
2 KB 39ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/gutentor/assets/library/magnific-popup/magnific-popup.min.css?ver=1.8.0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2931189
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Aug 2021 13:11:29 GMT
server: cloudflare
etag: W/"611e5881-1473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbXS5k9urfYfIHWhb7DChypMKS6mTvyn5KU83oLXAR%2BsQbgr6Gvem3N2ec%2FLDqNVrqHAkqBLoy%2FgahnRphUnhSBmkMKJk1DaYAZMndoWENGakiOxTmlvADkWxxzVwnOZGb3ibteU4mBpnt7vkStoYc7UkfkwZ70%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb30eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/instagram-widget-by-wpzoom/assets/frontend/swiper/ 14 KB
4 KB 37ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/instagram-widget-by-wpzoom/assets/frontend/swiper/swiper.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4df7b0488db29e9313c056aa8372a79225be86a40cab4b074f7ce6d0e943aa03

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=14559
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-38df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4F3FtbgN%2F8qxU5dbpam96ug7HlHJeqXiJFp3%2FYrSlVpyYkyvbeHH7erJgDAnFGcvX%2BIMpUwlLBX5mpRrz3tY5ibOpTbGyMqKFa5A%2BVehTdCJWpiB1LtGiErhWfzMwbHgl2TbbtJIuwQ50wKV6wlpZnnTjfIYBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb40eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 2 KB
916 B 50ms
44ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/featherlight.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21002c0b475650f8871ca35b2430fbd9f01a7d62be3b943378044a28d38f908b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=1590
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-636"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMVve6ph13modKKrotT8%2Fu%2FnYGynNDltsuWtT47N32I%2FS%2BLUeOMsdaHhI9HoDLKvI8QEB15sg7b9WnYfgXEKp8J5Yc9sa1%2FX0EbM70hQ2XcJheMFYX0jfmWT9RPuKrIUyWTsX6ZKNC4H2ao4drfMk7TJ%2FFbswrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb50eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 19 KB
4 KB 43ms
38ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/jquery-ui.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb75c9125fc85e4f42e5a54d3de1990eb8429a49e693ae40798a3b7168d00c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=19767
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-4d37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyVzhAztdQizTd6NB5hzteRp73oxEOFMmV60xA78swug0G6ldfBZXyFkUMbGk9Em8Xl488dY8B25hpplS4QW9EPqJk8Lshz9LY4wajkbrg0F8hr3MNNDUlxMjKu%2B67ZQjMOvSru0TxgVcgkq0lKN68ZfXgdsRRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb60eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 survey-front-end.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 12 KB
3 KB 42ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/css/survey-front-end.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08be67910e475f4e44bc9809a8b8765ce9b8f17e1d566a22dff92e0e17a5e958

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=12269
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-2fed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L13dM8dy%2FNELK8BN6LriPD5gpFomuAqZkjuRNPFWZdeTL184lLatDFBheW5DFZBfKYIz1QsNnz1j3vT7Ch82gwLGonrPgELVf0y6gy%2BVCNaUF%2FPZ5Z7MRCmcLO%2FLdDV4b7XJLbg1DZrVaBGXpTTFdz9m1ukudNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb70eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 survey-general.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/backend/assets/css/ 54 KB
12 KB 38ms
33ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/backend/assets/css/survey-general.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b492872931e7bd6dad45385981bb4d6098743290a225cfd6a675edb3d864f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=56025
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-dad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLAT2PQ9JQDDp%2FYoDTFUAM0tlPJKnJQJfiCRjFNGXW1XZWF6Ai8W3Hm0ngegq3sM9QUnvW1h8RG5cfGSOqmt%2BPEANT17frIEHGbVR3rOBLMkapxuZI1dkgCaWnUl2Qc%2Bwbm76jMZM5%2F%2BLs4MxOiCcJdw1uXT1IE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deb90eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 default.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/tablepress/css/ 5 KB
3 KB 42ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/tablepress/css/default.min.css?ver=1638303592

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f73867445571ebeef9ff8db2f77138d1a0c4960d11e752fbe3b5a95717031b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:52 GMT
server: cloudflare
etag: W/"61a68768-140f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uH0NIbEeKxBh%2BWJykXlt3Bq22o%2BuRux7cmnR87m78T6OJdj7Uvru5hTObt%2FT%2BiS8kvEGKT6uJK8OY8MBKVfenznGzVSQOs1by%2BMuRTQyiKLyoFnsJ1xjKfzCeje7ZuAwpMplwy7mM6P%2BRy6uQgpXNHqlriUqyQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517deba0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/themes/Newspaper/ 103 KB
20 KB 42ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1638303594

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6ff15f9bf076311dafa6ab2223e2dded103b6924a462b05c44e7f16a8ab191

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=106405
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:54 GMT
server: cloudflare
etag: W/"61a6876a-19fa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9%2FM38VqpgfJXWjeyOTtjGPDhE9CGhAnNwqdUX%2FSQA74ErAQ5BHif6Ni6l8xn5uOQpE%2FRP3jFeKm1%2B1aaRCNPh2qBahTo9IoL8%2Bqw2zx4H%2B%2FzWMsfISwXko%2FJ1rF4bIpoyZadihQx5%2BWJaVJMvRjvTwVkGG7xg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517debb0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/components/ 119 KB
17 KB 46ms
42ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/components/style.min.css?ver=1638303594

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd2c0abfefe3d61600cbcd5ee18856508c6498fabdf7d6f8f1e2b420f437ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:54 GMT
server: cloudflare
etag: W/"61a6876a-1dbce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0%2FofAxyOfiRfDP7opFZP3Qh1qEpIl60UQkvazEh18Hoho5bxJO%2F2Fk2vLo%2FtwHYv98G8WSZtSBCNdzZc4blZEhlsFxIt7mxIM3suIZ4xGLgSrFdBgQDJnt%2BS8SfV3BOWwFvoMdkXyuNklPqhVLNWCGCPT%2FotvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517debc0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/block-editor/ 99 KB
14 KB 49ms
45ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/block-editor/style.min.css?ver=1638303595

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a456774176f31718c9ce26f8077ca182362f6d153bd0f5f5fa145d93fb48f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:55 GMT
server: cloudflare
etag: W/"61a6876b-18be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rEU1XIXYSh3v0WOQyZqrA%2FknvWcSdu%2FAEMJ3QyNih20o71etIbHjpDRfFgk9l8JJHohI2DdBjWD37CWo3G7zFYz1ZFLOp4XMKfGb29KjL1WonFLXe1rHzisUIl3Uy1sfxVJfoc42GmJfRX08YcbttUUiYD1kcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517debe0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/nux/ 3 KB
1 KB 36ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/nux/style.min.css?ver=1638303595

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bd9424eb278cc12ea7f2bc088b174527296e2cbb1194a196cc510cb0b85224

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:55 GMT
server: cloudflare
etag: W/"61a6876b-a3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE138urXbwhKuJ8VooESAh8RlDkn6hUBzxNiZzmBTTZjW02ncX64GC%2BGVpk4WuBaYZ5k60usmpdz7R40of8eEyjLATQXCmLUtn3atUi0rB9SzBuu%2Ba9iE4jYPmocO8faAvrMCy2MBnPV6See3LnNVRtqJUIfq%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517debf0eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/reusable-blocks/ 389 B
520 B 49ms
46ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/reusable-blocks/style.min.css?ver=1638303595

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115e6b5dc9d38bc61444ea742ed56610be8c69c6d04d41f49eb3c550f54cc87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:55 GMT
server: cloudflare
etag: W/"61a6876b-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqS5wnSqmErD9Ax87qFGdLCHBYG5rCsI4WOGALK8dxw8FgzxsyMuYoaDAzT5DJR5wm3qgQhrqETTDMT%2BrnvDBrKStWLa1oLJm9mmFyHNaZMurYOMIYFAScVsTE1LkQOvWT0bY28aN4SO0KFabJqr3%2FsnqoxFMn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6b696517dec20eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/editor/ 21 KB
4 KB 46ms
42ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/css/dist/editor/style.min.css?ver=1638303595

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ab039ddf421b282235661a8567992ee23ce45239fdf4047e27ba58fb397767

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:55 GMT
server: cloudflare
etag: W/"61a6876b-533d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWNeCFtMe%2BC3PPfvWUfIvGOs7ZUENTtdyblxI9L%2BSlW1sCGBi2Ti7wS8JXnndxDL1qpl9J816potajZm8W%2Fb7TWYJzhibSicuG4gyM1cvLqwUAitKSBA43jcIAfabqI65FMPGnDA1yaa2RfvgghFgIXTBpb8YyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec30eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blocks.style.build.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gutentor/dist/ 263 KB
26 KB 49ms
46ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gutentor/dist/blocks.style.build.css?ver=1638303595

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47caa37c71fe025e8ed27e72583582bb442489673c79d32708f4a894cde2a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=270074
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:55 GMT
server: cloudflare
etag: W/"61a6876b-41efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjKv9s2Hnd%2BfK3RLJArupXlJHiNpM%2Begu8siWgC2O%2F9IpEP8bVhpxJG%2FzWZ%2Bz028nC0bCgsXdu%2FPFm61hZjC2fOopTlWMa4qwXgMGyl9LpmQa87l3QbxGelKfrawRC8PKSKtpuk2vWgY07IOZaA8Z9ECEfasbpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec40eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gdpr-main.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 73 KB
8 KB 46ms
43ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=1638303594

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5d1dd49a274ac499e8e5c70b11900182bac269fa13aec275734202c78c529e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=74859
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:54 GMT
server: cloudflare
etag: W/"61a6876a-1246b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL8FnYBhi6uyfciGNX5yUr6101UHO41NFYV%2BykX8s2aKK19XYdNe2pb6u%2FGC2Ns9yUoNi1YA%2FS9RbOhuw2iO5wbonNsoKPdubRfz2mtFdzM26fGJojkgaitUR8BZHKdLbJ2x3ETWjVfWVQxv0IV08pCYH%2FmwZn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec50eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 td_legacy_main.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 125 KB
20 KB 42ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=1638303596

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dfb035a70d758a792b7a71ed0bd67c5017c9ad3c67e6d81e6599357443e7aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=128919
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:56 GMT
server: cloudflare
etag: W/"61a6876c-1f797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3B9hOKTs55qN0e0VUmh5Mt7hUGU%2BnLV3tfbMmbk8iek6MxLz%2FX%2FnosfKvhdirRo%2Fm8AjrEbBtTwwSjWyKUHIryzdsxDWhgZdIzXWu76wokFsXSFHiddU5WTKrv%2BBzhPf5dQQulJn1LoOlkss5HjHD01O8LXl0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec60eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 td_standard_pack_main.css
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 514 KB
49 KB 51ms
49ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=1638303596

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac11b0ca41478aa5a57581122353560e05fbf2cd31845fb666cca22a3445957

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=528073
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:56 GMT
server: cloudflare
etag: W/"61a6876c-80ec9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4wTQaFp0Zyec%2FCon%2Bavc45UyWJdApfq6sWUpktp68gM%2B%2Fw5TpfNe2Qz%2F%2FlOKLZwzaI7E4Kb7rQxhxD%2B4NqCvJxHSbDXH%2FfJfrT8%2BOyG9RFdrjTs3CnnychEK06Dtpt9MdW2kHbxKEQbG%2B0JuzkJowtQ2SFdOF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec80eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jetpack.css
www.diarioceleste.com.br/wp-content/cache/min/1/p/jetpack/10.3/css/ 85 KB
17 KB 50ms
48ms Stylesheet
text/css 2606:4700:3031::ac43:b242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/p/jetpack/10.3/css/jetpack.css?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e31e059e5e3b16b713bba0f1a6d3bcefe9492c5c9de3a1c92d62f99e1320125

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
cf-polished: origSize=87350
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-15536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Izi7s4KpPluND9pscRurhofrAJjU6Y7dODra%2BfxuDnYdeuu%2FrIprV%2Bq26MW6K1GrESqk8cJiO8ICJog6pEdoTRJnBa6Sc98w9AOaGEhs5EqYBu4tQFdiFAExlkrli%2BSE%2FTdDXckZPwsuM4F4tXeJFb40hejEd6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696517dec90eb3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 diarioceleste.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/js/ 52 KB
14 KB 17ms
16ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631b18072a9a88ab189253b9e92d2cafcb280b64c598ba00f9fdb0cd5a16baff

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-d13d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi2au%2F0pp%2BdD8cqM%2BZbGOPKoWCVpJj0QBLvkHZwC%2FSeoc9BAdY0tofrY8nDJkYU609tdTBz91Bom%2BerE4fI7v3mkUbk8JdXCmKeckivnp1g5gvaZSJG5hlUBhxIjVTcNBWxt6Ee6WTNFEUcXnbqfS0XDx3F%2FCt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965183edfd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 87 KB
30 KB 23ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 01 Dec 2022 03:58:03 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/ 11 KB
5 KB 15ms
14ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d898df46fe53442b66d134fff1b4ce024bfb780646cf25ea50aebffcb87ae61

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-2bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCAX6a6RrwkMf7QUpfz2YzP4KlyGOPKuGIaMdd5XJYv1GEmmxGKUzM0Yg3Dds%2F3opwaIXBThV7mFflVp7IMNuH42Hv24oqybArCeSLJ0qtijsdRECJqFUnLF93rPmv2fwBehy0sS1zghije2arUH9xBQeFGWnoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185eedd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress-facebook-sdk.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/ 357 B
898 B 19ms
18ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/sportspress-facebook-sdk.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8f4c4111f0c82c400913852ba5e8c7ad55d987f2dabf356f4dc407b245da88

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtdNK7%2Fc%2BFQNYEV7umUfQ7tZgUIM1QOFsG5L9hAAXJVOz%2BJ9AS51vsDIVt59prMArMkUJEVESBzodU7hJNdFy4V2fKDHW%2Bq7ak3ga%2B3%2B8nWNhbvbNpkp1yFAGZrzMz7K1FURCVIs%2FWIlfu8PNYCmwMS9qZo9fdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b6965185eeed711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.bracket.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/ 24 KB
8 KB 18ms
16ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/jquery.bracket.min.js?ver=0.11.0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8c1d6e272519fc3c3c51af5fbfbe125dc26bc413cb7840b5a8a9dfa3107caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6784451
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 14:29:23 GMT
server: cloudflare
etag: W/"60424043-60bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzPiuCb3Hd62Avznod5HaR4GRQbUHaX7hOeLtmyqsbE3mBlFALsTb0o6ABdAmvaIQMTfwjEFUzz2uCXCAy6KpLfLc9mLW%2FFkIXQ2bQGh14uLfptntn%2B%2FoGoHDBytKvwVgzIZSWEJe1pK1sXY8Fch8PC5jIVaYOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185ef0d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sweetalert.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 40 KB
13 KB 22ms
20ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/sweetalert.min.js?ver=1.0.0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2234623
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 11 Jun 2021 14:57:31 GMT
server: cloudflare
etag: W/"60c379db-9f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN%2BVMCl%2FkivEbFXUAIBIgsxOuLTNiCmKYDu3fvlCG6n4kuqhuEVDglliunHYMKLmhYf1h3bBV5GC%2BAyNfOrExbf%2FqroqSQKSWXxkrPibl5Y3yU76NPZv3vUch4vhpRYKIXmBxz3fC%2BpHPLlLijZ29MWLcwyX9gA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185ef1d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 featherlight.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 11 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/featherlight.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ecb2ec826c1bdac97d97a7dd5ff405d0a4e4c0ee282c1fe6f724bda851c6d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
cf-polished: origSize=11223
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-2bd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibtZpC0TNQjxJBDRstvUGb5045Q6ygtFcLtihrYWqjVJBizo9MoSSnC%2B0SSiObTFxeV48GjlMPwM1h4FHWdAAyEJMm%2Fc%2BrwECzCoQyK1sAgcdwkcIQaDgK%2FWhgO7XFOu97fKFwflJFQj%2Fd3ShV1ngSndnHFwcPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185ef4d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 survey.common.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 2 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.common.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bf41500c04a458823d97b45a4597b9efab2899aac92f3e0a5998ded272baba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-9cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLOEexFzEwNvXSqZjq1PUA5XO9Ys%2BOqlH0e0KE%2ByO9q8LQK0t4a8zC9deXpc%2ByLWmjve6DiaQH14wMjW0pxGW4JkpQWyuQDs47qJb4iWUw2Shgf3sWGTZ0AB9PiXL5gFloR8Usp%2BbriJ9QbUp3y2rSQ1J2FytHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185ef9d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 survey.main.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 3 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.main.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abba549d9e97c6e5cd45d6578a22666708d593ef3b19f593a8ec3fd001b75526

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-d32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtOs1%2Ffcgm9sOfoovgYcSKpPzjCyDXrqN5Mc8YM6fcILI9aFK7drAkhLrY4RYP%2BRcGFae1Nx4vCVdMa2sy30eTQNZNjOsMS96I2mchoTBvkqjFMrgKn68SPbyhopTosyd7NjULyPV%2Byizh0mz4UfHSFNoeJpcP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965185efbd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d570305eb702ae3327e9014156cb7c72483d8cf3c0b60f665c6d47fcda42f452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 newspaper.woff
www.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/ 24 KB
25 KB 19ms
17ms Font
font/woff 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1638303594

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1638303594
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19159510
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24864
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Mar 2021 14:21:58 GMT
server: cloudflare
etag: "60648586-6120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8D9Y4aZYa2ieMuuUunbHC4fA8qS%2ByUsrnnY3SuxND5PBDaacyUzdwqTTNXblnWD%2Fa%2B6GJjzdsWhfPuOJhUjfHEz6ZXMAAaDXXeQDqUeYZhwK3v76FaDbbAqoQ958%2FF9xvtYZbeZOFEJxtYTWXRHldhG%2BGshxAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b6965187f11d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7COpen%20Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 396361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 17ms
13ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 397095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 554504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 e9f38ccc1ba8329bfa989c468a75a6b0.js Show response
scripts.cleverwebserver.com/ 130 KB
52 KB 223ms
195ms Script
application/javascript 2606:4700:10::ac43:2825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/e9f38ccc1ba8329bfa989c468a75a6b0.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5baf9e71880979fc2a85745026f18dab9568972ec64b1423e5509da41879d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 02:44:06 GMT
server: cloudflare
x-amz-request-id: 9S7W9XAXGTF6KQHM
etag: W/"b29e08289a8b1d3399e308ba278a923f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1DFoECKpxUDKAQj.LsaPolmp4hKp5DFv
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6b6965190c6d2bc2-FRA
x-amz-id-2: V9guvUnvk3muL+sGCQ2o0shHx12nLgm8U91T9j8fY9FBv7WVLtoi7opJ9aN2Ww3jnV41XLts6Mw=

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 50163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 14:02:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a308fef9f6a770396440ba49e21d8fc8b2c263f770f44c83eb35da1545e0756f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v10/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:37:53 GMT
x-content-type-options: nosniff
age: 397210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:37:53 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6739b1a10b796fb80cd15a852343fb3e0c3082f8f510dc5e2a76fabb1034922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
www.diarioceleste.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXHK2qwk%2FDX5V9FTIa8IU795k6DWL2vhuUloMjvQYW7qo27WBa1lGqdqPHsxuEES578UAeL13CV%2FQrnLS0w8Tmm2pRNHJHwppCnDuKC9NRGcIMX35NHusd%2BD4Sg3eoWpite7WRsB6iXCaOGzZb2f8VnZ2CP5IH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b6965198facd711-FRA
vary: Accept-Encoding
expires: Fri, 03 Dec 2021 03:58:03 GMT

GET
H3 200 OneSignalSDK.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/sdks/ 9 KB
3 KB 20ms
20ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa485819b12385defd0fb44fa1b8d1ba7420e058e0efdb598eca1ed26591458

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-2388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn1sST9nvUmGbu83Fz7VGbkL3NSuI4QMBW6vztZ5HycZUa3O6hyZxj3bpFMQDbSWGuEhTOvh30ZZFetxl5PVeSLYfLGPffm4qgbMF38IPh%2BvXxN8H%2BdPSrG%2F%2FRiv87MLtF%2BjZ24k2kafw%2FuiEb7mCg0FMr2wXSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198faed711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 regenerator-runtime.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/dist/vendor/ 6 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-1906"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXCnh9yJYQboNdnlO%2BqsoTWhyvjOWebgqslet5eWAEcfqTX9RQphbAdkha7a8O3UNt48RclQclzNZ9pCwMJ4dSjuf9UHzuOjk%2B5mRXlA6pw95s3qAMTSp%2BAGON6r530zLZHjbiKk0gHGnmDxnqGyhwTipJQYztY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fafd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-polyfill.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/dist/vendor/ 16 KB
7 KB 17ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad47eaa223ed133c81c6f6491ba1758418c5cb03e451fc124e2fa4f6446a683c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26333
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-3fc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPZdwjPDP7K9P5yXUHFvb%2FhnAdjfm8BniASuhmPIjo%2BKXTZ6%2BmEPiNWVM0cjy65UsNzYk%2FJhO0RHWoB3pUI8Y95l7YukEMODA2hZnHon3%2F%2B%2BYCgHXQiacVlNm1CpgZcU6%2B1HEWZCpGix3EMSVUEQfxmSFHR4d%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb1d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 18ms
16ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/index.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8aefda80abcbcaff8a28a6b72a91690217da80038f6f6e0de8410de61898c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-2e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5K6yITWGU6oAZrCNL8dsw4LbGFuDoHBvxt6GiZWA9SYAODu3p03o2XOBhOg4vIYvd8Z4P9F3zhyiJtUHREbmDTsmT3bqxyKM8CZz1AzZWxV3dSuk7%2BRgrrbG7ofPgeQTffY3dixa1%2FiQA7pFFjjPHVjsbDWXwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb3d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.dataTables.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/ 79 KB
28 KB 21ms
18ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/jquery.dataTables.min.js?ver=1.10.4

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3e9d5a0e959973519a493eafd7d257e56633333b25688ccc4c7c071cea858d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6784451
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 14:36:41 GMT
server: cloudflare
etag: W/"604241f9-13bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jgf8AgGgq27UfV2axTk9sb9LPoO45pFzy8oQq4I6bl0ChFall9Y99kiV4EVA%2FEtX4q3fmgG%2Fmax1Mz8uepJ2JnVJIEKQAswlUbZueL%2FIuLcYnEaN%2BfGoePJkIAOIYNEShs4Le%2BvoRC2m4RXfhQbG5YKR%2FFcatCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb4d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/ 3 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/sportspress.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e36f22fa12049247ba1b17ad5b1573fb1b031ffb7ee78b0e62a8a95462ef80

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
cf-polished: origSize=2916
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfTl3kDyOPf9ywZG8sq%2B%2FJ46qhrp%2FPdQKNA7oQ1nvJ0OJWKiLvSvDpTltLIr%2BZCq05iUfHP6SEv17zk7pDMRa%2Bo%2BCSiLzZsIUP604eFbObtZNETUZCJTaZq5wGjOl4I9cPSaR5PIX0w83kzxm9UuxScaibh%2B2Ug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb5d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.waypoints.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/ 9 KB
3 KB 22ms
19ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/jquery.waypoints.min.js?ver=4.0.0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6784451
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 14:29:04 GMT
server: cloudflare
etag: W/"60424030-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iCDTeyzqFBoq2Jk%2Fu03XIap%2Fnb9ph8mwV5PM2QQaLZHFEN860l1oyrPDHi4YC0pq10oV4LA5omAxdAIhwDtncJ7ok9um7iFWyiNBI6dRF%2Fnb3iBozXBbBhSjVynKemTkM6MbonJJB3PEWnzksXl4WsUxjzzV68%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb6d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress-match-stats.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/ 221 B
816 B 18ms
15ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/sportspress-match-stats.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200aa794f5419498ebd3f0fc5ec6156c6ac91840309e9f56f72a8a18d7f37926

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgdtZaGzuMkQ54b%2BVG%2FyciKfdITWtwaP1Eufkrcz1ol6%2BaS%2Ffz6%2FpfzKfeckVLZ5jjh%2B81BOMo188hla8vyrpTSAuOE3%2Bu9b17gKNf17CvkuDJwRjpNktC5AWqzyjm7oiVHhfoPAcwMr1TTgIRgXvRpLuQtyxHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b6965198fb8d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress-scoreboard.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/js/ 2 KB
1 KB 19ms
16ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/js/sportspress-scoreboard.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d64310cb2c94b174385c7c059739131f57da72a5066090a9486f8153e5d01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxVg34duac%2F6maevjA%2Fd8HILhUbsdDpGEZgaBKbS8SN4NeGJToTKmqg0%2BRLF4kxZV%2B8%2F9EQOPPwSHuzMAXzrBumbon9UaDewAXl%2B8FLzYDuShQAOML8pkbcdVxxIoteh%2B3f79rcqBgOinDS4xx2OyyOQP%2BSr600%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fb9d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress-sponsors.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/js/ 642 B
927 B 22ms
20ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/js/sportspress-sponsors.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b87a260f6b9c823149e0ec7b44440d5c096ca057b16fc949a1894402873d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYSqQs5pPLQPrKyYwz5dTqeVFDu84iwlc06aBOGaquNb0nJ6okHYlOuA%2BhGsXZZlVI5uKZg3wMAioqIeuWMqWW%2FRSBMyed0wPzNIKBMOzFgyLikIdtvbbM2Qb1QmEHs6bwFixGD2ZpI9zk7kD8%2Fi4%2F%2FDs53aGp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fbad711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sportspress-tournaments.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/ 323 B
834 B 23ms
20ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/sportspress-tournaments.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74149f4a87707f05e08fb7795ae70d562a96ef884223db9e613b4299e7708a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-143"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMYQzTVPibHNNSyAF83iZv0LgpWmjU95ealVLOHT1aUsapt8NWm5Ix4icbZTMnaFwQUL7PypNcVpKqj9L42sjeRBlxKWoF4tCkaF6s12p5pRMBU0m2RuxfLLAsFy%2B9BAhe3I%2B%2B3sxqTxnfjxiQLmfC8fIDglEcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6b6965198fbbd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 underscore.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/ 19 KB
8 KB 23ms
20ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/underscore.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f860ef3888357ea9158a8737de73be6d18b0cb2ab45e29966079e0b2e0213a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-4a83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfbDn4WRYVXMeo%2FeDfE6XudiOv4gOIa9RpQCWI91PAvWZrw%2F0A2k0t1gJuy4iBkxFww%2FVYFU%2B1TPkL%2BJWSTCWSgq4pyz6QtpB0B1U8ZqzJol4QRpGrIHA9OBp602ctF2wTiQA45q%2FDxAdKO4Im81LKo08zqg7h0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fbcd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js_posts_autoload.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 21ms
18ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=2713a088559ff26084e8003394764364

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2234623
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 15 Oct 2021 12:33:47 GMT
server: cloudflare
etag: W/"6169752b-14a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev5I89MKzlHTXDcKgHDSaotbwKkwQGOvNeiT%2BZ6Sl5Ts4xbNuXsQAnNs1zqA%2FbHfMwQSKkRmUGDhqqB9PxA2n2EJLdgM6IQ28o4cuOhzWzKgEY%2ByAqis06Iq73XIo0ikEfsQufv%2FbKby%2BZJl%2BOaoxHIw2%2B7lU0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fbdd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagdiv_theme.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 258 KB
60 KB 29ms
26ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.3.2

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399477
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 14 Nov 2021 22:39:21 GMT
server: cloudflare
etag: W/"61919019-40698"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdtaIDJgdvHnwM43SDv3QoZg70BfDhHmZXy8pDg6l5gAeqBMTlzBQaNq1L%2BU25Imx3nSOF4of9uK8tQJezF5gEH6KiYvKWrUtQ1nQ7dK1EAB1pqi0LrDidprwuPrsAs%2Fq1jFip6Ebeirr%2FvrsW1avMhkHZEjelo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fbfd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 comment-reply.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/ 3 KB
2 KB 23ms
21ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/comment-reply.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3522ab9a4e387ddbe563ef28fa8dc5d75948133b72cf4ab37db53a26c17a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-ba7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp3o3cWBUFxTbVG2ZGtNR8RtsoNZEhTwCSpWYlP4unphs7%2FlZDc1Dk5QTw1hJZ2CJMIRzMdZ6crX52Ug5%2BwAH8RwvOymHMSf18ya4GCo2wYWoNvme%2Fx5gIQaWWg27XBd3kJN4nBjPRai%2Fi%2FcksrPSKafW%2FEN0XM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc0d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/ui/ 20 KB
8 KB 23ms
21ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/ui/core.min.js?ver=1638303597

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e69a3f584cf3dbebd5223463e3100b650513c101a5cf6a34d073916bb1c2d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:57 GMT
server: cloudflare
etag: W/"61a6876d-5132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch%2BJI%2FmFhHdL2ScvTv44bQulfvndwtFaQMJo7yNmGAW4jWqpLOlK88sEVvRbyxmmST6pbiddhRM9l79tvQUR6Ge6P2kE5lfnzOLRmbyluN69yuN042%2BRka1%2Fttnk6Imk92o%2BWl4GstV8AxIDTrARZtDOEAWXFVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc1d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 datepicker.min.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/ui/ 35 KB
12 KB 24ms
22ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/c/5.8.2/wp-includes/js/jquery/ui/datepicker.min.js?ver=1638303598

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9139b98991a1871ca6d61175d9c477c925c41ea827afb4d3af1200ebfa847ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:58 GMT
server: cloudflare
etag: W/"61a6876e-8d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WLkoHxYFMbdZoGoq3dQkcg1NPCCrfFm1v2ibaMINEKY5pzAFdFMGham4gGcOoSj8QrWfrsPMDlzv69k02L%2BUpmf%2Fcx5buAAhGiIgrfQJmDcTEnl1EN%2FCkdYxL8q3tsAd9DCxz7LSMd6aATtrtT5FVvrClTdf2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc2d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gutentor.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/gutentor/assets/js/ 22 KB
6 KB 26ms
24ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/gutentor/assets/js/gutentor.min.js?ver=3.1.6

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51d3132f201642d716200003782812ced682ed49bd7923be002063ee11a16e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1942941
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Nov 2021 16:06:05 GMT
server: cloudflare
etag: W/"61894aed-57d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0x0scdVu3oE0%2BS5HpjZ%2FU9LLOuOi%2FXLfs1TKhUmZFUERBLDdc1e4IbREQ94Rngy0CkHI0Q921GWSGdvF8ZtdVMdX463gGQum7RwUzjbQWBZr8gHjPLeEvV9pKauuxme9I2FUIOJpnXMqO7jpEHCm4gVwhYQlSfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc3d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 54 KB
14 KB 40ms
38ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=1638303598

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fc6553100e45782a335f5b45d0b3340e04f3ec233f5ec39606836ff09fbe873

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26332
x-cache: HIT from Backend
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 20:19:58 GMT
server: cloudflare
etag: W/"61a6876e-d9e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VplHHkLDFEnu3PciyZWH%2FZivKjCyGtfCc%2FqD7Jaw%2BHUUuzdqtCO%2FFmiAc31lys%2Bd0Y%2FN6RLIOostBGS8a5hl9ahh2%2BMjZQXKGRPeZpCIxhrE4LgXm%2FI6VlH847i7ibb4H7HNbNLmeCjO2Up1VQXCHnYcAfppSMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc4d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js_files_for_front.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 26ms
24ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=2713a088559ff26084e8003394764364

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4287671
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 12:41:05 GMT
server: cloudflare
etag: W/"61658261-92ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIaLW4idcuapIjMfCfGZMrrwG6o%2F%2FWABwC3aOI45H87QgF3ND7cfMCtfBfpOeiqQNvs5CF4MUbIp8oT5VeXLm6cIB4J5WeBDZf1J3NbyScPmjpL3Fh59Pxofz4y92gMV0JYtq9LTp9%2F0tmzDq93QzcDNsYd2yKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965198fc5d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202148.js Show response
stats.wp.com/ 9 KB
3 KB 28ms
5ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202148.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 21 Nov 2022 07:46:06 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c197a663ec13044324f94b3f125ec022a44d2f63bd65ac16df350918731e5dc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 elements.png
www.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 17ms
15ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=1638303596

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=1638303596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2784412
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 15 Oct 2021 12:34:01 GMT
server: cloudflare
etag: W/"61697539-1035"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEdxl0BCueOuGj4mJwsWZqurXdWrgGSgZbX2A6bZlJBS0xldCPkhT59GAX7mXY4%2BCGOXR9dRBFxlFVWOOLtcDgYDah%2Buq1IXVDx9F1V8J1s58kBdlg%2BgsHBymXsjgs9eKDROiY2Z%2BHJd0xf3oNWk8DLc3FW2vrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696519afd6d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazyload.min.js Show response
www.diarioceleste.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6826174
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 18:47:14 GMT
server: cloudflare
etag: W/"605b8932-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pmpRTD7yW2RNYt1wIyJFN3KSAFpPo2hYB86iFiTqG7Tvs910LzEDiOIOWKeZwb0p8TYVoXmuM5M5xLnF%2Bc1NG0WGYGFCYcQOju%2BOf5vdRuPYhIwdyg6McbOuD%2BiWz5VQ01ESo9O32NP1VYbsaMrHBs4mHjFieU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b696519eff2d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

404

footer_bg.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/01/
Redirect Chain

https://diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg

30 KB
30 KB

1568ms
1567ms

Image
text/html

2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H3
Server: 2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581d4972ff6f84fb25896c051f479350e69620421f0cf25a130b21f255f15bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
x-varnish: 8847560
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1arQcq0j7uRfeBiTsGm0vVtVGbjqbxRpLOWuvTvgZcHbN0Te%2FvpHk%2F3UivJUMyhLaoWrZ%2F9w6i%2F69q2Z1wTilGN5FabGQGh%2Bj4J9HRsvBfv7O16MoxcpZ6Durd69TAqw%2Frg6slINMfYa%2FL%2FUaNAUW47kOH9fxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0, max-age=3, must-revalidate
cf-ray: 6b696520cbead711-FRA
link: <https://www.diarioceleste.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Wed, 01 Dec 2021 03:58:04 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
x-varnish: 8438000
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMSgomOzcWwZv4lYcNHSVSxQkou3QfxGMBMrsO8VyOap4rCLXufaPavxH9Rn3Ky7Dhk8CtcuOq16zNp85j2MVRtgG%2FxjjNmA%2BE0ggUcEQ%2FvM3UBHc%2FomV1w3ol5tC68g2Q8qq5JQjfHASeVZL295qfA0wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
cache-control: no-cache, must-revalidate, max-age=0, max-age=3, must-revalidate
cf-ray: 6b69651aa865d711-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:58:32 GMT
x-content-type-options: nosniff
age: 554371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:58:32 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20736f297cc96191469ee02ba7d5fdd73881279cac19e8a8a25af4d54feb9047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 46ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1638303597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3564
etag: W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b69651b3bcd4db8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 04 Dec 2021 03:58:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 50ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

a089e15ed323f589e0d965e5a2655555bc1bc9e35ac28f66aba03687b9cd1618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1060 / 458 of 1000 / last-modified: 1638314106"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26848
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad8f45059e11d52f1802c1e01220448cb580d98acfa1ac2c5d94b2888a2d6a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.diarioceleste.com.br/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51297
x-xss-protection: 0
server: cafe
etag: 10206784699216513219
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 53ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-50

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dba732adf2e0f0c2c7083d8d04045d7791eaee151cad656b18605e67165bb559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36162
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H/1.1 200
OK diarioceleste_17740.js Show response
ads.vidoomy.com/ 5 KB
6 KB 333ms
117ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/diarioceleste_17740.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 6da3d61e77122f8cec6eb8b1f42b9d8736b1672f4eec2098a99a670f62a93e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5458

GET
H2 200 tag Show response
a.teads.tv/page/137323/ 741 B
662 B 85ms
41ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/137323/tag
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/js/diarioceleste.js?ver=1638303597
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81e7fc5e066da9722af5a7819784e8b30a7f665cd5673e7634381f3fd563ce44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 462
expires: Wed, 01 Dec 2021 04:58:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/sportspress-facebook-sdk.js?ver=1638303597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6635fb6229f1035bccbc6175921888e265d04ab64afb0c7f027732d1d185acf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Rb9aP5g4sJqe+bD0otNV4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 01 Dec 2021 04:03:04 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: BufK9sX0BF/aFEpwXKdpPA0CayKxXO88Xe/6DaQxUKJ7BV9YuAx+RMzVPqUbixLFF1L1HBCo7ZNxSI1UmvnvKA==
x-fb-trip-id: 686109401
x-fb-content-md5: 550059cf673ea9fab4dadbf5e32fe4db
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Dec 2021 03:58:04 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0e1d67b6a59b31703426beb9d9ed9db9"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 6ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=124605814&post=7083&tz=-3&srv=www.diarioceleste.com.br&host=www.diarioceleste.com.br&ref=&fcp=2242&rand=0.6650416665565455
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
v2-ui.cleverwebserver.com/ 144 B
209 B 131ms
121ms Script
application/javascript 2606:4700:10::ac43:2825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2-ui.cleverwebserver.com/
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e50592ce1fd0a38af8214f04030411a2b5059e5766ecd323c4b6a272c2a2790

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b69651b8e5d2bc2-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
H2 200 40530.php
sender.clevernt.com/transporter/ 43 B
354 B 144ms
54ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/40530.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly93d3cuZGlhcmlvY2VsZXN0ZS5jb20uYnIv&ruri=&r=498020827&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.097&cc=1&iv=-1
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
content-type: image/gif

GET
H3 200 logodiariocelesteazul.png
www.diarioceleste.com.br/wp-content/uploads/2021/01/ 26 KB
26 KB 16ms
16ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/01/logodiariocelesteazul.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35427bee7326b9125939440515fc52b3ec2228de0280561c62a1f3e1e29e93d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2921406
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 13:39:29 GMT
server: cloudflare
etag: W/"60423491-671c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jun9VK5OBH3X2odhOmUYYw7FTbJcCarp091LGYJl460mNPfOQMcXYB6IHggiTiYuhDmR%2BW8pV%2FCQOQLajMJhCZqbEFa0tzlYMlg0scCMDoxEfyB5EqRFqJcGsvBFbE7zJ%2Fat9iGPOFcqG5tpz5X5VnPzeWa1Ueo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba8fbd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 petros-e-maicon-696x392.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 48 KB
48 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/petros-e-maicon-696x392.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

facc68f18c4ea42bf22fa02c823a11f7e2aa2b084a51c877705854fd0acd6ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40679
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 16:29:09 GMT
server: cloudflare
etag: W/"61a65155-becf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOzcTSuvQcqSE1bzi1Ua77KNHCL7ketpIm7N4juWbS4dKrAhxwa%2BP99K3FV8dTPncJULvpqLkHTppmQeaP9k7KtJKtaH4LJyCIeZcp1MU70Sos%2F00Np0Odt0AuCnFw%2FGJdJY41Fd%2BhEGLg7bp0atwGCTXO%2FzOIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba8fed711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 keke-485x360.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 28 KB
29 KB 568ms
567ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/keke-485x360.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e1efddd1a67b2b304c78ae1f25705c0b4510f26b269b51265cd0119d6bafc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 19:52:01 GMT
server: cloudflare
etag: W/"61a680e1-6faf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etdUqeKo6AhIFeqgf5TeK9AVRQ1qmZWqitnJpUhYS%2BznXSHA1hIpl44le5FF8q2jn6yRRAoTbFmyfqubyqzAlf5EUqB11B3oad4mdnieThyLulhvoExD0R1HGJYAC0fOXmXcas1BL0iiTaE%2BJhQdChlzTntZYt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba8ffd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 paulo-castro-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 12 KB
12 KB 453ms
452ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/paulo-castro-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016b73ae1e1f2b62155e05413c8954a8970cdbd9fe9892c9408dbf4836902526

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 19:43:22 GMT
server: cloudflare
etag: W/"61a67eda-2f5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tcxk2xmW9LzQZbsNwN8DlQp%2BALI8GOD3yj%2FJgJLvkn5S2NtS1Li2PRMe%2BDjmddQGr3sL7RdifxROhqZw2vJWLaO7v4j3gzkwSYBMsmnttCgq%2FEVhP%2B%2BPkr8E22vWMMlYb4ysfEGwfX9R6C5NXG8SS4Ja0VtNXjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba900d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 maicon-2-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 8 KB
9 KB 462ms
462ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/maicon-2-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c921d8452252fe95fa53bc8105491ff3443afe78ad997bd45fd76934d53031f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 18:14:26 GMT
server: cloudflare
etag: W/"61a66a02-20a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtRD%2Ft8scu45wPRQ9s%2BstBvYuBSU22YK0b6drdZyDx14D3EPP%2Fr9eHKxY%2FGtHukdkA62irp04m3vQAzpRN0R0OWRmG5S0%2B%2B%2BSKl9KZnpNlFRSQEGJ2jRv3wazK9PEtuLLLKbqKJFZ2SXyXgsN8ss6PFQWS4uXZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba901d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rafael-sobis-6-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 3 KB
4 KB 452ms
452ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/rafael-sobis-6-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56785c4eeac1a3442a6a4b4843e41de5735fcf716ab98b2ee9781ef7d8e8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 17:23:41 GMT
server: cloudflare
etag: W/"61a65e1d-dcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR8lE%2FCIGwMzRc7YXmLiRzHmfoIY6hbCa6Aw12SkioRo2Hkijzqid8kswX%2F6MtEY446QhsgGgypyGbfKMXte0Ka0sO9X4cHChbYlPVT8V62EdzoVEv980OaO9ukJ%2FIskKeZn%2BFXWubaYcEX21SMeIoXiBTzE0sM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba902d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 alex-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 13 KB
13 KB 459ms
458ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/alex-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b1ab05895807cd29fa182b40bb22f0a2c9c4f3c6dd70bb4ac688b208a888b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 15:38:32 GMT
server: cloudflare
etag: W/"61a64578-3288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9QbZ0QyxjeNT1ZTGRoYpYTN0TW4%2B8JIulXd9N%2FzdbXNsMHu8vLhfFRN%2Fyw41LMnI9k%2Bk11PuiZby6S5CnNU6nA570FiKVrsGq1Tx30lbpGuINa3JzML4eiQ9KFo8mhAlZi6nchuB15nrh0gA66qzOjFWP5HHjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba904d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cruzeiro-106x128.png
www.diarioceleste.com.br/wp-content/uploads/2020/01/ 16 KB
17 KB 20ms
19ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2020/01/cruzeiro-106x128.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d124c0d47f3dad95f0fcbf08e0faab2a1d5fe796b459c438661a53b879e1ed1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1302225
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 12:47:16 GMT
server: cloudflare
etag: W/"60422854-414f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3vlyQP6ja5LKCI9%2BgmKOzaCKkgWLplxHzjcvga0IUsiXnx73yYrtlO05hvvPAURbfDoPJUQPwJt5U5meIe7XXEauHQsU5%2BOqHbAYHXKVWJP8bR39Uwq6YLCI8a3%2Bf56J%2B9q4QyuM34W%2FZX7opOscK0mMIYSVHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba905d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 URT-150x150.png
www.diarioceleste.com.br/wp-content/uploads/2020/01/ 18 KB
19 KB 14ms
13ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2020/01/URT-150x150.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd128bb1bb09334b954f40d3932d4617931b7685b7eccb14ca69bbf24bf9aef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101289
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 12:48:42 GMT
server: cloudflare
etag: W/"604228aa-478b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b1I8d4P7ATv808ZUUyv0i7udQs5CkrSgHNPnIWekdNgSdVzmA7dAD30d5HsKZ9Bsdxwb4c5fWXwXpot87RWKugweS%2BOQmAAOOEiC9UKxERe9wqrsYtSoqfKXhJWZMOtL38OAO6y69KxDzTzkjhUg7PIPpot7aw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba907d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 airton-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 7 KB
7 KB 460ms
460ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/airton-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55aa726d03d3715f90422eeaf2a2d11f1f7b867e5267c7a03da500fb7df8654

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 14:44:56 GMT
server: cloudflare
etag: W/"61a4e768-1b66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW93h3Rz6YSTfNJjVFguq2IrHmSO4TEziMAByi0WfYNA5LszJr74j86UsJHS4wdEsJn0%2FxpnUDFPdAUOuGy4zPXfU1jIK4fXxm%2Fnvva6Pkvplw7eCqdh%2FuT3JcqOhqpch2yzmiWBONeOEgiv9TEzJ9xiwQ7lc%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba908d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 joseph-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 5 KB
6 KB 463ms
462ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/joseph-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69a06b0f12875d8ca79224ccc8eb4d80f69f554781624eccf5c399d161f18e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 12:48:50 GMT
server: cloudflare
etag: W/"61a61db2-14fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APNNoYJ2oY4b8FLGYXrN40IkCwuvw%2BJ9Rfg7mNQWx53btR6FmMyQipIBMucyP0z4p%2B12CqwfG%2BHZDKv12M%2FhP%2F8pJjLLRj1eT2H%2FHHoArQpYKLAC71D3PupluJoXxGyYOVAs9h1KBYwsLrDBEcx8s2i5TTjjveE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba909d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 toca-i-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 9 KB
10 KB 463ms
462ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/toca-i-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fe193209e48c2cb066dbc29c4a0a2067ce13bef1c56f3fd6cfc479903ca6e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 14:03:58 GMT
server: cloudflare
etag: W/"61a4ddce-24ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8peY%2FluPNWfrPiBKyHDSlXv3kt6kNbb3eQuKwkjNSLDjJGIknGk6DumwsyyiLAedOVOmvHmruOGi6WMWnZIErouKtoHNEOZLSyxAJyfBL92PppnhafxKaodTDPP9shrpUIgLyEy4y3GotqChBXPPqyAm8bvPt9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba90bd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rafael-santos-218x150.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/11/ 6 KB
7 KB 461ms
460ms Image
image/jpeg 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/11/rafael-santos-218x150.jpg

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03baf49179807d112055d1bda028293477083048cfc35f1b87c9e7098e9e5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 12:15:22 GMT
server: cloudflare
etag: W/"61a615da-1942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMXLjJza4I3RxW525BwconUu4%2FD%2FtMXDvxclv9QG30PC9DV%2BJ6C1qS0OBbhK01jLgZ3iOCBcWQy0muPdaZ%2B91juA57A1qFOeI17e69uBl1CFNT5r1nZQ1m6c%2Flq8t9VEbKWy4GrXkOnZ89QUHZcmZNZAWDxXhLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba90dd711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 am%C3%A9rica-150x150.png
www.diarioceleste.com.br/wp-content/uploads/2020/01/ 11 KB
12 KB 467ms
466ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2020/01/am%C3%A9rica-150x150.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b684aef220bd97e4fbb9c80de3ae948607cc969ec7840be0d32a1f0c7b331e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 12:46:50 GMT
server: cloudflare
etag: W/"6042283a-2cc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43w203w1xmD26QKNmg0qNInTeB7oi86O7Q9nDM1d7FNViCquy6A6ISJ0FMTadhQp6440qmGFOXJ%2Bl0Qfza2%2Bj%2FKYtd90I23L7n4NY3jRl35GquEuW6w2tKqWuqJJwgG3p078DhTgXoBhVUNe09MD8w%2BjbrxwckQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b69651ba90ed711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/9132bbfc-3443-457a-b085-6da345d24c2a/ 5 KB
2 KB 313ms
304ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/9132bbfc-3443-457a-b085-6da345d24c2a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f838c60f411473a2a3b122a65cf586f34af556a943e8e1d4cf9daf2ce91abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0c292f61-f985-4ba6-a70a-5a6fb64c44f0
x-runtime: 0.030612
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"78f838c60f411473a2a3b122a65cf586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6b69651bdc8c4db8-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 01 Dec 2021 04:58:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ab785f29cd434ab4b471522a43244cee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b65e2f19a61ad94f357c5f7e28ade339976bdff01c3408242d7edbe741c8eba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.diarioceleste.com.br/
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: P9H4yXWITGNVD8mKjbQo9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Dec 2022 02:23:02 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82871
x-fb-rlafr: 0
x-fb-debug: yS9R76cDDryd/QtK3MxcZ5MlucnUz2yX0xtO7qQKP+Zh25ofdGWfzLiQPvdVgq8NCJQMQrbTu8F3r4Wu0a4a+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 803568ae751db66ef2b34edd8682f5d6
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Dec 2021 03:58:04 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c02e07d14d5ea15380454d4c92063371"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 31ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
121 B 29ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.diarioceleste.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

02dd6ae8af35d5ba1e75836ce6abc2b50ff6aa34b128c6be222aeb13ed1ef17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/ 272 KB
98 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.diarioceleste.com.br&bust=31063782

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4835b16c14de5cbba60f4b8401bcac4e282f26b20c0cfddff228fe6267e7ec67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100192
x-xss-protection: 0
server: cafe
etag: 14037149148670201488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 9501 11 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 09:43:00 GMT
expires: Tue, 14 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 65704
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 32ms
9ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/137323/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e297afc5cba2b67ad30ad316eb275e59408b57d3ed2250f2677dccce750af7b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: QEPN1S91WX2DNDR0
content-length: 134225
x-amz-id-2: ne1jAHlyfWwTk3uT6J3K8/SavAIVwOW2bshr+jAOT5oLzl0VgC4AvuMdUt+7Fmdo8DvjwKkIsYs=
last-modified: Thu, 18 Nov 2021 17:47:06 GMT
etag: "b983bc540e7d345b1ace518bd27be723"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: b
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 01 Dec 2021 04:28:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175164381-50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3417
date: Wed, 01 Dec 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 01 Dec 2021 05:01:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 29ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=229958377062169&ev=fb_page_view&dl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&rl=&if=false&ts=1638331084211&sw=1600&sh=1200&at=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.diarioceleste.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.diarioceleste.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1711542189&t=pageview&_s=1&dl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ul=en-us&de=UTF-8&dt=Cruzeiro%20-%20Di%C3%A1rio%20Celeste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=571522465&gjid=205530257&cid=767454497.1638331084&tid=UA-175164381-50&_gid=481305750.1638331084&_r=1&gtm=2ouba1&z=679594182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diarioceleste.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
445 B 16ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.diarioceleste.com.br&callback=_gfp_s_&client=ca-pub-5822243610880583

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.diarioceleste.com.br&bust=31063782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cc0ec9330497ea9d4fb21fec6777e04f772280940668db898aaacf92dd11beaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&tn=DIV&id=dm-stickyParent&cls=jba%20stickyJBA&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3BD 0
19 B 67ms
53ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1638303598&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638331084170&bpp=3&bdt=703&idt=127&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5203399669807&frm=20&pv=2&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063694%2C31063782%2C21065725%2C44748553&oid=2&pvsid=2978480186622626&pem=316&tmod=1479939750&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Dec 2021 03:58:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: private

GET
H2 200 track
t.teads.tv/ 23 B
113 B 72ms
42ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=4a2e5aea-7fe6-4f6a-9adf-d9bf7f37498e&pageId=137323&pid=150742&debug_metadata=rHBDQSUpV3&fv=917&ts=1638331084348&f=1&referer=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 66ms
37ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=4a2e5aea-7fe6-4f6a-9adf-d9bf7f37498e&pageId=137323&pid=150742&slot=corner&fv=917&ts=1638331084352&f=1&referer=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/137323/ 540 B
577 B 46ms
46ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/137323/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&page=%7B%22id%22%3A137323%2C%22placements%22%3A%5B%7B%22id%22%3A150742%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=4a2e5aea-7fe6-4f6a-9adf-d9bf7f37498e&formatVersion=917&env=js-web&netBw=10&ttfb=467
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f637127a4979438c722c039a8b3178eb8d59620fbc152c209b3ac3b497fcd60c

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.diarioceleste.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 364
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 274ms
274ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque5&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084363&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=4853&adks=2504780982&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1068x636&msz=1068x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1b09cc71e3e37c0e76d0a798105231991c1ce1a8fa1015b7eb0a9fd904fad0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8010
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F71B 6 KB
4 KB 51ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 908ms
908ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x250%7C300x300%7C320x100%7C320x50%7C336x280%7C300x100&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar3&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084370&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2039&adks=1384518571&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3219&msz=324x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5503e07f331c4088e46f04538d4e572602b4d3fb0253dc02ff06b6e4ce0b0804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 482ms
482ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque1&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084373&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=596&adys=109&adks=3206296387&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=747x16&msz=747x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4865f5d2fac4ab43fd6b3a5c191a0554db3fde6c01b28b3ec878a00b5f9d4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8822
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 675ms
675ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar2&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084375&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=589&adks=3288579592&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3219&msz=324x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

396218338cea69d1500be3f22f99ec0daf4c57d6325b77b5837b5092095aa6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8019
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 1105ms
1105ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque4&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084379&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=3816&adks=1819887794&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x3891&msz=696x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

77bad9f642945d2bc04c6254dadc3cbdd77eb697cec017f6c506adc43b97e4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9589
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 1347ms
1347ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque2&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084381&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=899&adks=2701482268&ucis=6&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x3891&msz=696x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

92e713f61f5f0a290d72ac700af3ce73c7baf8b9db8d40e82cfd9762a17b7937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 1815ms
1815ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C300x100&prev_scp=refresh%3Dtrue%26site%3Ddiarioceleste%26place%3Ddm-sticky&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084383&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3635015924&ucis=7&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6af244a45c6c4475b2530c021aa935a32b57eab6d12677d91c726cfed2be798c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 99 KB
33 KB 2059ms
2058ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar1&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084386&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=292&adks=3922882899&ucis=8&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3219&msz=324x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

497b184923b30f6b560e8b637aee6d385b9dd495b83138c282d7d820b8d376de

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIb1qvPawfQCFY2F_QcdoDYAGQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIb1qvPawfQCFY2F_QcdoDYAGQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33899
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 1545ms
1545ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2978480186622626&correlator=2675317235932730&output=ldjh&impl=fif&eid=21065725%2C44748553&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque3&cookie_enabled=1&bc=31&abxe=1&lmt=1638303598&dt=1638331084388&dlt=1638331083467&idt=782&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=1466&adks=311104772&ucis=9&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x3891&msz=696x0&ga_vid=767454497.1638331084&ga_sid=1638331084&ga_hid=1711542189&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

919fb6b0d17ea28df608fbdfd98aaff119b3d0ddeffa5093abb31a8379c487cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 48ms
47ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=150742&pageId=137323&auctid=4a2e5aea-7fe6-4f6a-9adf-d9bf7f37498e&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=M-tYrt0qw4QQjEAfaiv-LohQ&cts=1638331084380&cs=254418464766275372105&fv=917&ts=1638331084410&referer=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 8519 118 KB
35 KB 88ms
26ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds211.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 0412 118 KB
35 KB 99ms
44ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds211.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 64E4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
289 B

46ms
10ms

Document
image/gif

52.28.186.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.186.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-186-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Wed, 01 Dec 2021 03:58:04 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=853017851.0570108161865406.64570095
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=853017851.0570108161865406.64570095
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_0e1dcee8-6724-41fd-a444-34fd5f4a1d82&bsw_param=020d0411-e776-4501-826e-0048af0a4f8b&expires=10
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=020d0411-e776-4501-826e-0048af0a4f8b

43 B
319 B

9ms
9ms

Image
image/gif

52.28.186.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=020d0411-e776-4501-826e-0048af0a4f8b
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Server: 52.28.186.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-186-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=020d0411-e776-4501-826e-0048af0a4f8b
Date: Wed, 01 Dec 2021 03:58:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ve
stg.vidoomy.com/api/rtbserver/ 9 B
90 B 44ms
8ms Image
application/json 75.2.29.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=GB&category=&crid=17740&deal=&domain=vidoomy.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.29.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-length: 9
vary: Origin
content-type: application/json

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
601 B 105ms
15ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1638331084002067-597
Expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 27ms
16ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3594
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b69651dea495c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 04 Dec 2021 03:58:04 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/9132bbfc-3443-457a-b085-6da345d24c2a/ 184 B
615 B 300ms
291ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/9132bbfc-3443-457a-b085-6da345d24c2a/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe3f21c5c0bfc97a38add5d7a15f79ea0f79e5f56da46d2080990813d0cdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8c30704a-84bf-48aa-a3f9-4117d8ca7186
x-runtime: 0.010021
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7fe3f21c5c0bfc97a38add5d7a15f79e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6b69651e2fc14ea3-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame EDE8 5 KB
2 KB 26ms
26ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds223.ml1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 8519 2 KB
2 KB 297ms
90ms XHR
application/xml 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=21513150&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 91b95c3523c4d392bb3dcaa5456f637ed209e3e01b3b880a94b583cd6b6a89c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1366

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9A83 5 KB
2 KB 25ms
25ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds223.ml1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 0412 180 B
360 B 283ms
93ms XHR
application/xml 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149536&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=53171260&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 cs
cs.lkqd.net/ Frame EDE8 43 B
308 B 287ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame EDE8 43 B
309 B 286ms
89ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame EDE8 43 B
308 B 292ms
95ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame EDE8 43 B
308 B 292ms
95ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame EDE8
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

43 B
308 B

221ms
92ms

Image
image/gif

146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
pragma: no-cache
date: Wed, 01 Dec 2021 03:58:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 cs
cs.lkqd.net/ Frame 9A83 43 B
308 B 280ms
93ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A83 43 B
308 B 279ms
92ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A83 43 B
308 B 279ms
92ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A83 43 B
308 B 277ms
91ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9A83
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8950286189169049107

43 B
308 B

221ms
91ms

Image
image/gif

146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8950286189169049107
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8950286189169049107
pragma: no-cache
date: Wed, 01 Dec 2021 03:58:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C41D 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 42AC 624 B
300 B 20ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNVszGf5xNQGWUYtIWsP8J4dMqxUBCjKVnUT5pMZUthDfPx1Qn5b-BZgyJgUqwqPRS3Aw9Shi8VoSLd2zLP6qL9lpRk4FtWRSMGL8qqg5GKeVnjLrFKSGSCWvfLdq7VAl9apLwhCOaTYr2-TAt85X5K99oYWWQHnOObhkTM6MBwZ8oPswBc

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:04 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C41D 78 KB
31 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB0ce64c5_T4UkAncZL8e8nU5XbQG9i2JaGOb1vQ34AqwXrlTvLPo-2vt6xQ6WOdf4FOMJUknxSWkBscXSsTeRtd7zGPsoKj1zVy0CEFHz3cB-qINRBUdsdjnb6UL-eay8F2Et6yq3stDF_Jt-T_0FkLRJqg&dbm_d=AKAmf-BYnTLwqsQtiYHbwxTNDWxd6HSlPXVSaeCaniHXDFg-bBBvKf4jbxIOu2fzVr_scmzYDTQZJ5DIG-e8cOHSU5Oq9N4BySbCLD2IDUaA2V511np7bkhHwLn5hV-R5sp8DGNEGe3i8no6eLQ2e7CJockjYxS5emHRCJozoKlTyjZO1yK1UgA163ZFYQ8g3jxQSV7Nl5IBXMJ1YhRA55am7IMBgcUTRvvsp6dp8vDS0JulEZXj5xz_-fQUcQ6oXSygRZhEiIvW2qQRcQkoljLzFTiwBmDkEvAZ__CJIhfcf5y2b65seb3A6qVqSqixxyNi3ecC9jLkUza-y0ItPYXy9Mg7SLYyBqn7UuBw8kAX3yVUGFTXWYKmUvmqYeZT3agsOtjfmt2RMGOtDltxFezhMPIb2Xx9S4BT4B-YmdGcAex68NDmgh0-1C39IIeqWbNh3BKHrcvcvJZ5RodT53Ag16_Sqs6k2ltqRVLYmUDfI6DwCvq7DwhUE5BmAUKDyodPZlP156qNDGfpdj4u8ql2ia5tAo0uoN9hA9Kkl7QZwCPSpM9asj3hSsTbU1vs3D83QqPoN6laKO103H3rhpbYqA8FjzhtuMMJdKEMkkWOHnWgGmh7XiHalPP0w6fQMVQc7XlMtOAdmYVG-G226qfSWXIKWSI-NVNOwaWLWjwimu3yLBNylyNpELYAmCQnHAhy1EhL0yffdd87pOp_q5veQG-JntKrELVsAdf8bqvk-WjyCwhwj-wJt3XvzBQKo1lkuC7pR8v3E7iCmzT98OyUsDJ0d6VUrVWtDd2dSkoF4cVBESip527ynNbbvrF1qpKnvlAhF7dNVGXafFJeUEsNBBaxtJb-HIuGowoNQxaHt1-hkasTuSjbEWJ6J3S0nqnGMy9HxExMjioOtuhDU2ORs79taiTczfiY-PAqCOAOARqvGv4P7Hbwg8HRrrg7OWHy9kEn55V0OVtZslG2SW9ZWe8EqlkK3H9PRQL1HnHCN4w0zfYf4yY3QMeO8UUfoacN6q0GmysOoe0bD6IqBPXYmVotZHcUs-viCD72woXgcOmpMPWBvXtbkXaA8w6YiLvXW1Df1Iey5MICf80lh7Mm0rqHolSHvpRpcrSAqwVjHXt7i_2tgSJeTgv7rakK9ciGHi_xMolp574s1t1LUoyj8BB6_3B-za2V_Lokyma_I89jFSu5oaum5Wbs_rsMrKaxYLo8cDPLBfN6NQ6YUlaJbspgGXs2050GKFhwXMZB2yRp-9NXMO3UxYr2-At5qA6cQ2aiHHNHS2B1IUxDCZqohgLUk1vn3MjyvskK0bjiStZl6_hH_JeGalDq-Lv3zuZ43LoOyQY8cMRfIaS7bxA4Kqhix1LU_tYogT7vPxka02V-NEAB8pZ1lPYBxHsGPAFBhigKTeJz0W_UWWY46F1zYXfqIk97EbanduomsJu9YiXfHAyxHv0xqzBHml7O7KnmuT3ivqH7FkUpZ3RPvKrRz7xsG2rs5DlwR-2vC7yG11c8kacAG_uATpwIflSOQoYFHtkatBF7QQ7-6_-yk8Yg2mRp-Sp64p6J2jMEyRKm0MGJnzCQD2zA3T3WxDhRDCk99UM5OpQMsH45d2w4omH7x9IlL9brrBDlO7E6AKueXQUvk9Il8Jy3Ua1EtS5LtXbc1E3ptdoRgYY4LOmimEgrOcO_fZHJtGfVlq1yh5qbp_5_0qHtvzPDoMNjhJdH_7XXOhPXQoAfuXtShurnmQ9IOAVZyH8l4qeaikdgab7l4iEuGVTPQAw-BpEe-GPD-beDXQQCA4AWgjM_PD3vkFAH0T8n6rWNGkM3Q9xaKh_I8LHKJI__q9GT7v7dKzJEPGi3l4RhsI9NiRFFl_pgdqh8HBgHBF4LGfFqGv62y1BWXqKjK0Yg48FYo2JCKaBLRUQA1cG8bsJk6lFCIdi7bZj_pscTRfsWBoDLRRGQZCHeZ4nOIzAQDqpPUbxtuF_g_x31OYUGCpbLMZENNkipoenVauTYbU6sMT4TnIINEGRGXoCm8C1KDCmIizRN8xPpIy5uOQjOjYGIVZWBIgBPl2GRRQPAMfYRPNJSRkpZ15tDGrVtg3eV9zSyuazepdgTpoRr0yOrZ4QbYqnyqJ_WSYR74hToCVK8eGP9cezT-02eOKmpT861wWbqOPAIjRkUj9INNDz2MgvaS05Bk5v1E3wH3zJb375ooKd9C_1Ejk6wwtIKhEWXkQWZCg45IIe5aU1cNxu5dXkC-nto3ymETWdFVfWxsh3Ql-20OsCa1CJcM_MBqFK6wgkEG1TlYccfR3ebct9CkyYLiQcVxSgbtzjNIB36UlVa-83BPrX5sthwtrgZdpTgUWss2X-PbVqcqs1RD8RFQtZ2ERdvCylSCgueo-0mYsFlEUOuzfd4qyFN4M59Wxi9iTXGuKMFyTQTT7zf0V9-MwcIZC_XSORxrWOHHeA-WJ0FDXFv5hIVFcU5SMTAm2BLH3MKs26Ly5fTbJ1MKg32oHRUPgjFLXb79ZQkP33mjZH6GnTUV_oJ_hw18wDHlF8QGBRh2tGsBXi6hmkqSs9KeolAqfBdg48c_tfW8P3GaW5l7yNb-lRWrWVQ7CSNnvg1t7djz1gX1Mecl0bPIa_nWQiC5R0O3J5p25kSvF9ZaurI-i9tVygkTIxwPbioE50VQbS8ZYAwjPcMf4LNUd0SSkMlDBPk801aJNvIuSQUfLZzjiaTnh26APvtfTTpc2tmuey3JkVrD4SpFMLKGrtk3hrHR1jFdj_TwOaZBlvvK8zU_yvvHrUoXJVHdriwixrFOrmHSpud8UmATe18Vjkdgxz0O3tnCjVeqywJz_kBwz7jVOOUKSpVXV68SAthffKjz7ndBqOGYExl5FIo_H_sf4vOpz1ugAdoYIPlT-W0QV_b5s6hmQ4w_pf573j_KSuWpgBxhhIDlvmvkiCtr_pE4aP8rqfp3CbrkBFnKXpyrEKUMQl6llCSWNCAA0LoIA-FMmsFA19bRakDO3dY5FYuOFy8zNQYWo_otwbG-rn6rgtf_Fw1AQ6CHe2bCY-PSwITNsDdxfRcrsV5T_KeDGJEqCS9K8DVKwY-W_gaq9GNsMqadIQI2vtqr2h5VBf9EP9VIa3kux67sg0m2WZVd3uE9k2O2bD2NR6XKej_EKH8YUTkdD01lMz7a_gCzgQ8izfiIOYpM4ZSG_ppAbQuoVNl3RfoEtsv-v4y9haMeefRTB_RZRZtmaGLOxRi-Y6Uq6G_TLdevCLHxY6wq5C0Dp02Ivk9b_PU6yKiqWo_PuLeH7GYvQ&cid=CAASFeRoXM2jwdkuPGEy2zvUiYj4_XHKNQ&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9654573587a0c1e922d798fe0975a11f783d182412025e87dd06b1914c870b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31791
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C41D 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_absjJMa9RYpKya-l1O5DTKQ_YNcnMk3P1zvyHQgDFRaluy27enyJAK35UJsDvH0Ij45ED6qxCDg5L2RW_-RbsF3xLxajJTrxFe9VuY_nK-EH_5M

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C41D 2 KB
1 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C41D 119 KB
37 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C41D 15 KB
7 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C41D 0
0 42ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTgZNj3l8gH6VYJh4YLTUb-_acQPCAQN1T3guPVZlcKSzfdG8CEC-gp9E-v-ctxKERtOGTWFo8xR7f_saXGzicFwI86Q
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 42AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1

43 B
1014 B

14ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNVszGf5xNQGWUYtIWsP8J4dMqxUBCjKVnUT5pMZUthDfPx1Qn5b-BZgyJgUqwqPRS3Aw9Shi8VoSLd2zLP6qL9lpRk4FtWRSMGL8qqg5GKeVnjLrFKSGSCWvfLdq7VAl9apLwhCOaTYr2-TAt85X5K99oYWWQHnOObhkTM6MBwZ8oPswBc
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:04 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 42AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNVszGf5xNQGWUYtIWsP8J4dMqxUBCjKVnUT5pMZUthDfPx1Qn5b-BZgyJgUqwqPRS3Aw9Shi8VoSLd2zLP6qL9lpRk4FtWRSMGL8qqg5GKeVnjLrFKSGSCWvfLdq7VAl9apLwhCOaTYr2-TAt85X5K99oYWWQHnOObhkTM6MBwZ8oPswBc
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:04 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpSGKypOLidbdYsjP2DAUM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 42AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8Ab61cjGNlZBQ-wvqswCs&google_cver=1

43 B
1004 B

22ms
12ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEP8Ab61cjGNlZBQ-wvqswCs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNVszGf5xNQGWUYtIWsP8J4dMqxUBCjKVnUT5pMZUthDfPx1Qn5b-BZgyJgUqwqPRS3Aw9Shi8VoSLd2zLP6qL9lpRk4FtWRSMGL8qqg5GKeVnjLrFKSGSCWvfLdq7VAl9apLwhCOaTYr2-TAt85X5K99oYWWQHnOObhkTM6MBwZ8oPswBc

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: af06fda0-db85-4f70-b157-601fa7a92c2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEP8Ab61cjGNlZBQ-wvqswCs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42AC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

170 B
188 B

22ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:04 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: badfbc0f-3c89-47b3-b626-beff2c75f819
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C41D 169 KB
59 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:54:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame C41D 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB0ce64c5_T4UkAncZL8e8nU5XbQG9i2JaGOb1vQ34AqwXrlTvLPo-2vt6xQ6WOdf4FOMJUknxSWkBscXSsTeRtd7zGPsoKj1zVy0CEFHz3cB-qINRBUdsdjnb6UL-eay8F2Et6yq3stDF_Jt-T_0FkLRJqg&dbm_d=AKAmf-BYnTLwqsQtiYHbwxTNDWxd6HSlPXVSaeCaniHXDFg-bBBvKf4jbxIOu2fzVr_scmzYDTQZJ5DIG-e8cOHSU5Oq9N4BySbCLD2IDUaA2V511np7bkhHwLn5hV-R5sp8DGNEGe3i8no6eLQ2e7CJockjYxS5emHRCJozoKlTyjZO1yK1UgA163ZFYQ8g3jxQSV7Nl5IBXMJ1YhRA55am7IMBgcUTRvvsp6dp8vDS0JulEZXj5xz_-fQUcQ6oXSygRZhEiIvW2qQRcQkoljLzFTiwBmDkEvAZ__CJIhfcf5y2b65seb3A6qVqSqixxyNi3ecC9jLkUza-y0ItPYXy9Mg7SLYyBqn7UuBw8kAX3yVUGFTXWYKmUvmqYeZT3agsOtjfmt2RMGOtDltxFezhMPIb2Xx9S4BT4B-YmdGcAex68NDmgh0-1C39IIeqWbNh3BKHrcvcvJZ5RodT53Ag16_Sqs6k2ltqRVLYmUDfI6DwCvq7DwhUE5BmAUKDyodPZlP156qNDGfpdj4u8ql2ia5tAo0uoN9hA9Kkl7QZwCPSpM9asj3hSsTbU1vs3D83QqPoN6laKO103H3rhpbYqA8FjzhtuMMJdKEMkkWOHnWgGmh7XiHalPP0w6fQMVQc7XlMtOAdmYVG-G226qfSWXIKWSI-NVNOwaWLWjwimu3yLBNylyNpELYAmCQnHAhy1EhL0yffdd87pOp_q5veQG-JntKrELVsAdf8bqvk-WjyCwhwj-wJt3XvzBQKo1lkuC7pR8v3E7iCmzT98OyUsDJ0d6VUrVWtDd2dSkoF4cVBESip527ynNbbvrF1qpKnvlAhF7dNVGXafFJeUEsNBBaxtJb-HIuGowoNQxaHt1-hkasTuSjbEWJ6J3S0nqnGMy9HxExMjioOtuhDU2ORs79taiTczfiY-PAqCOAOARqvGv4P7Hbwg8HRrrg7OWHy9kEn55V0OVtZslG2SW9ZWe8EqlkK3H9PRQL1HnHCN4w0zfYf4yY3QMeO8UUfoacN6q0GmysOoe0bD6IqBPXYmVotZHcUs-viCD72woXgcOmpMPWBvXtbkXaA8w6YiLvXW1Df1Iey5MICf80lh7Mm0rqHolSHvpRpcrSAqwVjHXt7i_2tgSJeTgv7rakK9ciGHi_xMolp574s1t1LUoyj8BB6_3B-za2V_Lokyma_I89jFSu5oaum5Wbs_rsMrKaxYLo8cDPLBfN6NQ6YUlaJbspgGXs2050GKFhwXMZB2yRp-9NXMO3UxYr2-At5qA6cQ2aiHHNHS2B1IUxDCZqohgLUk1vn3MjyvskK0bjiStZl6_hH_JeGalDq-Lv3zuZ43LoOyQY8cMRfIaS7bxA4Kqhix1LU_tYogT7vPxka02V-NEAB8pZ1lPYBxHsGPAFBhigKTeJz0W_UWWY46F1zYXfqIk97EbanduomsJu9YiXfHAyxHv0xqzBHml7O7KnmuT3ivqH7FkUpZ3RPvKrRz7xsG2rs5DlwR-2vC7yG11c8kacAG_uATpwIflSOQoYFHtkatBF7QQ7-6_-yk8Yg2mRp-Sp64p6J2jMEyRKm0MGJnzCQD2zA3T3WxDhRDCk99UM5OpQMsH45d2w4omH7x9IlL9brrBDlO7E6AKueXQUvk9Il8Jy3Ua1EtS5LtXbc1E3ptdoRgYY4LOmimEgrOcO_fZHJtGfVlq1yh5qbp_5_0qHtvzPDoMNjhJdH_7XXOhPXQoAfuXtShurnmQ9IOAVZyH8l4qeaikdgab7l4iEuGVTPQAw-BpEe-GPD-beDXQQCA4AWgjM_PD3vkFAH0T8n6rWNGkM3Q9xaKh_I8LHKJI__q9GT7v7dKzJEPGi3l4RhsI9NiRFFl_pgdqh8HBgHBF4LGfFqGv62y1BWXqKjK0Yg48FYo2JCKaBLRUQA1cG8bsJk6lFCIdi7bZj_pscTRfsWBoDLRRGQZCHeZ4nOIzAQDqpPUbxtuF_g_x31OYUGCpbLMZENNkipoenVauTYbU6sMT4TnIINEGRGXoCm8C1KDCmIizRN8xPpIy5uOQjOjYGIVZWBIgBPl2GRRQPAMfYRPNJSRkpZ15tDGrVtg3eV9zSyuazepdgTpoRr0yOrZ4QbYqnyqJ_WSYR74hToCVK8eGP9cezT-02eOKmpT861wWbqOPAIjRkUj9INNDz2MgvaS05Bk5v1E3wH3zJb375ooKd9C_1Ejk6wwtIKhEWXkQWZCg45IIe5aU1cNxu5dXkC-nto3ymETWdFVfWxsh3Ql-20OsCa1CJcM_MBqFK6wgkEG1TlYccfR3ebct9CkyYLiQcVxSgbtzjNIB36UlVa-83BPrX5sthwtrgZdpTgUWss2X-PbVqcqs1RD8RFQtZ2ERdvCylSCgueo-0mYsFlEUOuzfd4qyFN4M59Wxi9iTXGuKMFyTQTT7zf0V9-MwcIZC_XSORxrWOHHeA-WJ0FDXFv5hIVFcU5SMTAm2BLH3MKs26Ly5fTbJ1MKg32oHRUPgjFLXb79ZQkP33mjZH6GnTUV_oJ_hw18wDHlF8QGBRh2tGsBXi6hmkqSs9KeolAqfBdg48c_tfW8P3GaW5l7yNb-lRWrWVQ7CSNnvg1t7djz1gX1Mecl0bPIa_nWQiC5R0O3J5p25kSvF9ZaurI-i9tVygkTIxwPbioE50VQbS8ZYAwjPcMf4LNUd0SSkMlDBPk801aJNvIuSQUfLZzjiaTnh26APvtfTTpc2tmuey3JkVrD4SpFMLKGrtk3hrHR1jFdj_TwOaZBlvvK8zU_yvvHrUoXJVHdriwixrFOrmHSpud8UmATe18Vjkdgxz0O3tnCjVeqywJz_kBwz7jVOOUKSpVXV68SAthffKjz7ndBqOGYExl5FIo_H_sf4vOpz1ugAdoYIPlT-W0QV_b5s6hmQ4w_pf573j_KSuWpgBxhhIDlvmvkiCtr_pE4aP8rqfp3CbrkBFnKXpyrEKUMQl6llCSWNCAA0LoIA-FMmsFA19bRakDO3dY5FYuOFy8zNQYWo_otwbG-rn6rgtf_Fw1AQ6CHe2bCY-PSwITNsDdxfRcrsV5T_KeDGJEqCS9K8DVKwY-W_gaq9GNsMqadIQI2vtqr2h5VBf9EP9VIa3kux67sg0m2WZVd3uE9k2O2bD2NR6XKej_EKH8YUTkdD01lMz7a_gCzgQ8izfiIOYpM4ZSG_ppAbQuoVNl3RfoEtsv-v4y9haMeefRTB_RZRZtmaGLOxRi-Y6Uq6G_TLdevCLHxY6wq5C0Dp02Ivk9b_PU6yKiqWo_PuLeH7GYvQ&cid=CAASFeRoXM2jwdkuPGEy2zvUiYj4_XHKNQ&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame C41D 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H2 200 d60a04a5-fa7f-4f24-98b7-c761d160a431
img.onesignal.com/permanent/ 30 KB
30 KB 404ms
394ms Image
image/png 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/d60a04a5-fa7f-4f24-98b7-c761d160a431
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600cf8cd4ec43c200646898230f3bffef1fa0a72d178144aee1e3cdf8279aca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: RCT47PDVCJT7JMCN
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30513
x-amz-id-2: E4PCF917ON1WCrjcx6VlkxB3qmZuAgXWUv38HuSmDWpg5Jp6II4reVg49NhHj1W+7FcoyX+4sTc=
last-modified: Thu, 21 Oct 2021 16:16:38 GMT
server: cloudflare
etag: "ce40ddf53875d52a4b616a156dd08752"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6b69652018484db8-FRA
expires: Sat, 01 Jan 2022 03:58:05 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C41D 41 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
DATA 200
OK truncated
/ Frame C41D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07e8ba4c4488d1971d8f620076c5879fbdd41716173ba0261857c65609f12b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 289ms
92ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame B6BE 0
170 B 299ms
98ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 460F 230 KB
61 KB 26ms
25ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

POST t
t.lkqd.net/ Frame AC86 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 282ms
93ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4BE7 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/3502748549995560960/ Frame 5A33 47 KB
11 KB 30ms
15ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9436a862c370b6f85a3d716eabb2f3dd4d5b146d107ee68c7dc20ac10d8898b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 11 Jun 2021 18:35:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C41D 0
571 B 89ms
53ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxCTh12ie_o--MES8QP5rGb-eRtZDOXF-ATE1EhDMw6pRp5Q232w-Ls-uI9xryVWVJgrq0tLHITAYId_PrfSg9Xtpallnr5WMvl6ZPsNsTwF1srzLlB6cQRxV04DTA7z7kAekwR3miUf_qzJxHg251QJy2Yqeh5vj4qP8xx2adMB582heCY7pCtASi5qu1NCSFknH6jtXAP4218f0VMDUEJVVBWRouCQxhC0Xr8DhOwZX2GxaZq_sGPe6Sy2kR92rsQ0M2Ff60mO2_W9LmNyVDMfkhXBY2IHEC6LkMseokzz73feR6dN5_BACMT9UKhvPYzqAl4mttnfuDBgdNPjiAPox3QXML3dXNW6ow0gShEwSu3ulN-wHPSjpp_0FOMqi7wgaJgDys54kWvj1d3YtlfD70arpSVi6b1cFbxkftO4_ZFVcadT0KZJnmzF52PlGwciGa_DDW6GTJY8rOdccCkL1eLBkMTsPWwzDqedPDIdU9i1T8EEnORoxQ5i-ylGvFT4U1-_e0UrFg32tQstduj8yAzglyTv15k6R3rgD18YApWgXJ0-TmP1nqxcKAISHo9AdvDwnA-VGmAwnrI5SOrtUlrXt0dCVA7iPyYCwqrRaiU5yRO_KZYfUtlRvlsLo13qm_JosULfUF-DwGMI0rBZjuaw2SwMJoy-En8_cNqVTVpbcJYGH3Bcs1eN0K74Jo5Rtp61Y-F5CsyV1OrMUHsht480-dGFiGeIzHx9_bRY5Oi-ZpwpbKXRTqbwK64YxJTOPmnpGNuU4SxKvg857dSkDaYHD_rkAB8Zy7T0r1FoPtuf6FIMqsdw12Ks-HdnGoFdUTjfItMkhPaalMBlYiLBKbL29amjWypUDr89y_6y28c4fjfdhnSMD7rqvyTrYnMwqHFSmPKCVwDKtqTd_-kKv0CN6IfKC9FqXDCrdyrY_x6ih6HdyFWvX_kMeOgDzAvMJpiyKGODBKRSqLHibeGjyf9sBu-DHxgWh3CiSaooiaFeZphY61x8y1E7gIlJBqbFszSq6NmexAopxB6CkE0u9bT-W6lyB1iwyAXQ21-YrYpDZAJx4LahghJXzyKRPRzFLe38_XOyezN0ailOjRT3Ku150jT0oBaqiMv5xreNGVqqKfnQawyJkiUcIVv-EP-eZSuxfgM2cwuFp62wb9Hx8e-SPNIwbn7sLKftEHRoqAzTrwpqHrkoo0p5lToDPCuCrBTGd7QK9tX-cSP9y-&sai=AMfl-YROfzUTZBx9raOvYB6xPOGBIWCyaelgFclGKI4nZySW97_Ai1OITYeb2v_qmV4Zg-_hB81MVdQWK0lSXxH4iCCXocrXBbGaGv0sbsQGli_dZLyVnZAWeetO2zxwxJr8Yo3d-RcOROfRHwS9TqejM-Vxt4hv3cziVJRnONU&sig=Cg0ArKJSzDHmRrVAA3RjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&cbvp=1&cstd=97&cisv=r20211111.40578&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Dec 2021 03:58:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25F6 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 497B 5 KB
2 KB 26ms
26ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1638331084.cds034.ml1.hn,1638331084.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 460F 120 KB
7 KB 612ms
612ms XHR
application/json 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=21513150&m=&rtv=1&thost=www.diarioceleste.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e1ffd55178ab76019f38d1c279ec19a522cda0ba463474b5d99925f25e715c42

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6839

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 293ms
95ms Preflight 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=21513150&m=&rtv=1&thost=www.diarioceleste.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:05 GMT
content-length: 0
access-control-allow-origin: https://www.diarioceleste.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 5A33 110 KB
38 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 13:18:01 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5A33 60 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2367 624 B
299 B 20ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWIwkobvpJSw63lC0oSGxmjHfKZSobqxFNDfYB-OQicyudD8rS9VSSfRknW-3CInUPxDXML1uRuqHRLpfVcrKp8J0t6bIHB6Qj_8LXRBd_hzrtIov9Nn7-bGDBA7Nb4ZTCIwBVHvHESMBBG1TeYHv47VHD3IVCrfhlym3UwB2OBBDz2DnY

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:04 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:04 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25F6 25 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AokJyhTCvtuKyaTgqI-oqCPJ8YmCXaZtB7g5_5q-0wo8SVnE7fyo8cFJVp_ASzl4WUJ_hEnC_6dbe-9hLRQFbrggWVDlNed9x4i_lCILwU7O967j0J6imCOPJowr2BkRwwzoRLYBFp1u1OVApoEK8oau834A&cry=1&dbm_d=AKAmf-BeAggLVpr3mO31w8xj25bHd99bBCw5YjhyG1vgDTnhWVKgteUu6tptLQ2R62ELhufEK_4JNaduQXF6RBWZF6MP0iWYS__Egz5-7ZP2bOftUTOz_eUJ_xpTZS9PIe2kPgsMOOkhU0M4w7ran6BOelchMi_xj9XBg4K5jg14uiNERRKG33yTHpauWgjK_7ojIGdyhkBSCWwlrOzncj1m8cpQJlIAlkp7m2y9dFafsCEGr4tRWdsH5oBM8wUVczL-VNblT17I5S5jrjAOFeXB0WTCJsyQswf4uWp0bxPBvi220xrP936_ia3u5ZoprWlS3V0-ES4Ep0P2CT7xxcJ5nyXoyUrPDxooIuFJE71DpzLcdjRTfVonj7N_TFn5Ny_gI9wvgaaLqn0rKozyxe0ZZue4yPWGD3YFPBeQDcc14V6uW9VCcKrnduBVMk8nNYoc3LJQs5W9FMnZkR5vmcZ-ZMFNscKHspYJMBIkUt9EqO4l2IURmdAV8N0PYS-4dVxfpFnMWFOqk2h7egN1cCqILzmKf0-f4O3SXcO02npIB-Z7e3OZg1boFyRIUEXVkukHubrFQFqRmlb2th_8B7tZUYp-JHRDw_YEhBLl_UAAGDCWN6lD0HMlnLB4ubw6K1KhJzjyF4Sqm0U91vJ3cwbFzm-D6qUzA7nBSYC1u254K4inxJYCdMdZGfi8i-3Q2egbUozdG6vjV5xjVkHaQ6lTnCy32vTWhGbJnjxpaQdSEr50oIeGBUmETHvVVYnfw8dkrNrSUOZq-EtcKGvho83rJG5gdSI3Rv-0PXE0UUXX4nccKRQtWuV68I5NWcLokFTLQAEMEzSLifeJDh1nyXj0eRz1v1zZAeqRDbQHDAC0G7v8T8Xt0gEDpvScg2lbGYCJk421-Xhu7lTzQUQoa5jYLo03vBVz_9Go4JwTRGik_oRSAOTOqOXF37WaZkXM01h2fjBpCHMS6uFpgy3xHCPAt7ocp0TdVLQON4PcmIWbqNd70vZZYVZgWJJW_Kwu3Ql8HJ6HX87FnOfUIp4qSmZqqW8hsdDg7Mx0UhPkyFJ7einqN15YjsbqV0vrOIf5VKgSuA65buZrz9laJc6HSUgevgYfVM2m_VOgES3I5DXomCfxVNCn1464QOJF9PXmDWA2kxSzyhnnH2sJ9aj8jXg0_HaT-Afk4CWopscqmouCeHnWKdck6_IdOiJcGRTBiIQqBTdklmZAFFXpZD73ar244OL6RTVL3l9lW8Mmm4KuFhM7fqAiB31YS8XeucfhXiVeiQmqsZludNATsJA9BlNfl-ae9-n0OyarrZiK8E0MV2vnoJD7eFGnfFsrHoXUTNQu66_oJiRt6Sp8RrJf4Xy2fJmc3RcEP76L7A6pbVU1F6eC9_ZerpkW2-s8iuh68DSBgId-RLQrpBsKpQJvDxjeLg5QjlGHwSJtGHU7Y5IfZ-e3Wolxnf8AjZ22ZLWxZ8W3k5g_aRMmo5MA_vK3RksNSRtUHNPmegSdE-NAw7e9r80DiUIRMDDqY_adI_FiDZhX_x47f2oO9bqLB2L64qNjzGA2sYTxKs-6XmxXKfn1sYMaMFOGvLUxNgTGHPVlwXZAzQRBRRk-tk-x-smSNgiUrntkXTRU7MHRsWHQZvDFjczZiPdNjq_YFoALxE6YJCDeNC-CvF4XQKUmbIDp4jUmv5CXoeEw4MZL9LJxIJxFwoFu2ObwpuO9OAGp4lkT-Y522Pw9B_LSHK--jWs4oZo3V2_qQqykWKMRKxswRUjEdPer0yAevraAX1Lm6dqELnjQjOTtsH2wVksqcCPR3C67D-zVMXy56T4PjXidQNKGZrTty-DF_5Ilfb6zX5UZjbaRRl6aNByrI33D6Sc3XSI9RG8efgZ8yxHyN_WuMwhVsxjCMx4XM2VjFSuz7TNRkGKaP0zh_nRDlLXMuimfvz9PpTdLIo8U4-qHzH9tJwtdx5oA656EewxrDBviMC1DWdeScZN50wwOKz2_02eL303qpSLuyG6v3si51U78WZ4nIsqLHOpFbfCpOXTp-Ag1qge_Gh8uoCVoA38EflmT7gLK8UCS8k2MZrVVVxgfvNiyyl9yHs_235k-hRDce9MlKyf9byeJgLaKwDEmhQMyc2f9TABWwLosiDnegocNKyYowDnGdT1if0gfYsTfHu812jUVhmDcMQri_EfAjq4KU47dSE7NlDxL_NY5YkMvYgI4M03JUaY30rcmsK5-346KPR3UF6aF0RBrP6etF8DAVom4eBhSSitTq7hy-9QEjCSAsOAKFRkh3rLQeoeMwrJCytRdJiLDK92ZlDvjJjKnuIaA2M_CxttY55TBB6rdW8PtSYC4w-G9L3m0lOyE1Y7xdGd16Z2hyWySpXz5RZV3tQdSgAc52WkGGHms_NN4PtIW-ObgTMClw7G4Uz4eHSa1stJM88zflE5IO_fK1ayCQAfK4RPZGy4Dq5d88ElVW172KVSOAAgpYUARv5m2lMjMlB0_lI4g6DGUvG90AGp4QF6mm06gLStrRCetPII5XBqwwda-1HDTMcb-YgCiyIgH6uupvjwCCaUYJQ2q-Ej_zkcBUU-9FjN4LXJ-IQtSq9qcxvAHZAooLGcKk3o_upRsma2J53damoR13qJPJKDGWX1w8T7CI1iu2FozbCF6Kbu7_4Pfy_NGqWdep8xUyGSd_bmEyV3nCCoXjCvFpgoA4lyEVkVDvoMHnEvxpoFvan9C7XKDBsa_BQvvCsdSXs2P8GOObRti5D7HWNxD4wdnyJUC5H-AB0BzZwOsqwumjio2EPWghzxg_Jtm3nE0a-26p23Mkxo2Z5PRqesAFvsrHkX0tIPJHN_S4GsAp3sCcywywTkROAUoUQPPvRRJWJe6tw_BKiv26HoBubi15PycMDULs_lNayo6Sjzu1H1ZDv36Q2jkBczA0u3a0sHAr5UejCBk7MlqycLyy2XchmYs-aM-mnnNhyDRO7-6qjNambBKC8kaX747fYJw-ft_Vi4yCC6aLP7-gi3BMbHTUAufGBUwrArVPLI_ngaCPYryEHMI8LTVwWdTI1ylmsXkI_eJ223dmfuHrITY-z4E4LIXHGMBfHKDu93qmR5qs1ErfgZlYJ1n-0XLX3FK0NE-v1Fj-_3apbxOBg3dztHa-LyPKQll_Q_R-UH38bPFhEcz62mMXppuwr9nnNIulTZPE3v6F1bIcmPKy1DfQ-xfsydjLZzuWOtVsjO0fw4SCkRZtVRDCkgMDcpb1vJHqioq26ZG2-KX6ZZZUmDT&cid=CAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86239f99362497f20c1eb9694a7b26a34f5e6c31d1b6acda0bc565ceeb8a69b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14836
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25F6 42 B
63 B 41ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYNNbdcLbr_FTT25miKKinWFrfFl0FHWEIefJE69ii3CCouDy6bVw9sB73DFtd1OPLfUdLPD3s0s3Tvwzj-VxaS3LPTrsCMFImAYd8TIVz1Pg4qRs

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 25F6 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25F6 119 KB
36 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 25F6 15 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25F6 0
0 31ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYlo_5H_Nb4pQKXeirEWCv-gXz9an9SiIR6J0TdYgrBNFo_SUD-kl6dVmtTTVzZbV9o8eP0dcmorci6uRg6JlUW7qHmA
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BE7 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C41D 0
23 B 59ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxCTh12ie_o--MES8QP5rGb-eRtZDOXF-ATE1EhDMw6pRp5Q232w-Ls-uI9xryVWVJgrq0tLHITAYId_PrfSg9Xtpallnr5WMvl6ZPsNsTwF1srzLlB6cQRxV04DTA7z7kAekwR3miUf_qzJxHg251QJy2Yqeh5vj4qP8xx2adMB582heCY7pCtASi5qu1NCSFknH6jtXAP4218f0VMDUEJVVBWRouCQxhC0Xr8DhOwZX2GxaZq_sGPe6Sy2kR92rsQ0M2Ff60mO2_W9LmNyVDMfkhXBY2IHEC6LkMseokzz73feR6dN5_BACMT9UKhvPYzqAl4mttnfuDBgdNPjiAPox3QXML3dXNW6ow0gShEwSu3ulN-wHPSjpp_0FOMqi7wgaJgDys54kWvj1d3YtlfD70arpSVi6b1cFbxkftO4_ZFVcadT0KZJnmzF52PlGwciGa_DDW6GTJY8rOdccCkL1eLBkMTsPWwzDqedPDIdU9i1T8EEnORoxQ5i-ylGvFT4U1-_e0UrFg32tQstduj8yAzglyTv15k6R3rgD18YApWgXJ0-TmP1nqxcKAISHo9AdvDwnA-VGmAwnrI5SOrtUlrXt0dCVA7iPyYCwqrRaiU5yRO_KZYfUtlRvlsLo13qm_JosULfUF-DwGMI0rBZjuaw2SwMJoy-En8_cNqVTVpbcJYGH3Bcs1eN0K74Jo5Rtp61Y-F5CsyV1OrMUHsht480-dGFiGeIzHx9_bRY5Oi-ZpwpbKXRTqbwK64YxJTOPmnpGNuU4SxKvg857dSkDaYHD_rkAB8Zy7T0r1FoPtuf6FIMqsdw12Ks-HdnGoFdUTjfItMkhPaalMBlYiLBKbL29amjWypUDr89y_6y28c4fjfdhnSMD7rqvyTrYnMwqHFSmPKCVwDKtqTd_-kKv0CN6IfKC9FqXDCrdyrY_x6ih6HdyFWvX_kMeOgDzAvMJpiyKGODBKRSqLHibeGjyf9sBu-DHxgWh3CiSaooiaFeZphY61x8y1E7gIlJBqbFszSq6NmexAopxB6CkE0u9bT-W6lyB1iwyAXQ21-YrYpDZAJx4LahghJXzyKRPRzFLe38_XOyezN0ailOjRT3Ku150jT0oBaqiMv5xreNGVqqKfnQawyJkiUcIVv-EP-eZSuxfgM2cwuFp62wb9Hx8e-SPNIwbn7sLKftEHRoqAzTrwpqHrkoo0p5lToDPCuCrBTGd7QK9tX-cSP9y-&sai=AMfl-YROfzUTZBx9raOvYB6xPOGBIWCyaelgFclGKI4nZySW97_Ai1OITYeb2v_qmV4Zg-_hB81MVdQWK0lSXxH4iCCXocrXBbGaGv0sbsQGli_dZLyVnZAWeetO2zxwxJr8Yo3d-RcOROfRHwS9TqejM-Vxt4hv3cziVJRnONU&sig=Cg0ArKJSzDHmRrVAA3RjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&vt=11&dtpt=114&dett=3&cstd=97&cisv=r20211111.40578&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2367
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWIwkobvpJSw63lC0oSGxmjHfKZSobqxFNDfYB-OQicyudD8rS9VSSfRknW-3CInUPxDXML1uRuqHRLpfVcrKp8J0t6bIHB6Qj_8LXRBd_hzrtIov9Nn7-bGDBA7Nb4ZTCIwBVHvHESMBBG1TeYHv47VHD3IVCrfhlym3UwB2OBBDz2DnY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2367
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWIwkobvpJSw63lC0oSGxmjHfKZSobqxFNDfYB-OQicyudD8rS9VSSfRknW-3CInUPxDXML1uRuqHRLpfVcrKp8J0t6bIHB6Qj_8LXRBd_hzrtIov9Nn7-bGDBA7Nb4ZTCIwBVHvHESMBBG1TeYHv47VHD3IVCrfhlym3UwB2OBBDz2DnY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqL5Xx5uAnTxIoEAJ-47OI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2367
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBz79vzyUpfcUuYsB72AV9I&google_cver=1

43 B
1004 B

13ms
13ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBz79vzyUpfcUuYsB72AV9I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWIwkobvpJSw63lC0oSGxmjHfKZSobqxFNDfYB-OQicyudD8rS9VSSfRknW-3CInUPxDXML1uRuqHRLpfVcrKp8J0t6bIHB6Qj_8LXRBd_hzrtIov9Nn7-bGDBA7Nb4ZTCIwBVHvHESMBBG1TeYHv47VHD3IVCrfhlym3UwB2OBBDz2DnY

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b3bdf625-4529-4036-88be-6313a3f611d5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBz79vzyUpfcUuYsB72AV9I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2367
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95bad28b-8b23-4796-b9aa-0d97e47108d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 25F6 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AokJyhTCvtuKyaTgqI-oqCPJ8YmCXaZtB7g5_5q-0wo8SVnE7fyo8cFJVp_ASzl4WUJ_hEnC_6dbe-9hLRQFbrggWVDlNed9x4i_lCILwU7O967j0J6imCOPJowr2BkRwwzoRLYBFp1u1OVApoEK8oau834A&cry=1&dbm_d=AKAmf-BeAggLVpr3mO31w8xj25bHd99bBCw5YjhyG1vgDTnhWVKgteUu6tptLQ2R62ELhufEK_4JNaduQXF6RBWZF6MP0iWYS__Egz5-7ZP2bOftUTOz_eUJ_xpTZS9PIe2kPgsMOOkhU0M4w7ran6BOelchMi_xj9XBg4K5jg14uiNERRKG33yTHpauWgjK_7ojIGdyhkBSCWwlrOzncj1m8cpQJlIAlkp7m2y9dFafsCEGr4tRWdsH5oBM8wUVczL-VNblT17I5S5jrjAOFeXB0WTCJsyQswf4uWp0bxPBvi220xrP936_ia3u5ZoprWlS3V0-ES4Ep0P2CT7xxcJ5nyXoyUrPDxooIuFJE71DpzLcdjRTfVonj7N_TFn5Ny_gI9wvgaaLqn0rKozyxe0ZZue4yPWGD3YFPBeQDcc14V6uW9VCcKrnduBVMk8nNYoc3LJQs5W9FMnZkR5vmcZ-ZMFNscKHspYJMBIkUt9EqO4l2IURmdAV8N0PYS-4dVxfpFnMWFOqk2h7egN1cCqILzmKf0-f4O3SXcO02npIB-Z7e3OZg1boFyRIUEXVkukHubrFQFqRmlb2th_8B7tZUYp-JHRDw_YEhBLl_UAAGDCWN6lD0HMlnLB4ubw6K1KhJzjyF4Sqm0U91vJ3cwbFzm-D6qUzA7nBSYC1u254K4inxJYCdMdZGfi8i-3Q2egbUozdG6vjV5xjVkHaQ6lTnCy32vTWhGbJnjxpaQdSEr50oIeGBUmETHvVVYnfw8dkrNrSUOZq-EtcKGvho83rJG5gdSI3Rv-0PXE0UUXX4nccKRQtWuV68I5NWcLokFTLQAEMEzSLifeJDh1nyXj0eRz1v1zZAeqRDbQHDAC0G7v8T8Xt0gEDpvScg2lbGYCJk421-Xhu7lTzQUQoa5jYLo03vBVz_9Go4JwTRGik_oRSAOTOqOXF37WaZkXM01h2fjBpCHMS6uFpgy3xHCPAt7ocp0TdVLQON4PcmIWbqNd70vZZYVZgWJJW_Kwu3Ql8HJ6HX87FnOfUIp4qSmZqqW8hsdDg7Mx0UhPkyFJ7einqN15YjsbqV0vrOIf5VKgSuA65buZrz9laJc6HSUgevgYfVM2m_VOgES3I5DXomCfxVNCn1464QOJF9PXmDWA2kxSzyhnnH2sJ9aj8jXg0_HaT-Afk4CWopscqmouCeHnWKdck6_IdOiJcGRTBiIQqBTdklmZAFFXpZD73ar244OL6RTVL3l9lW8Mmm4KuFhM7fqAiB31YS8XeucfhXiVeiQmqsZludNATsJA9BlNfl-ae9-n0OyarrZiK8E0MV2vnoJD7eFGnfFsrHoXUTNQu66_oJiRt6Sp8RrJf4Xy2fJmc3RcEP76L7A6pbVU1F6eC9_ZerpkW2-s8iuh68DSBgId-RLQrpBsKpQJvDxjeLg5QjlGHwSJtGHU7Y5IfZ-e3Wolxnf8AjZ22ZLWxZ8W3k5g_aRMmo5MA_vK3RksNSRtUHNPmegSdE-NAw7e9r80DiUIRMDDqY_adI_FiDZhX_x47f2oO9bqLB2L64qNjzGA2sYTxKs-6XmxXKfn1sYMaMFOGvLUxNgTGHPVlwXZAzQRBRRk-tk-x-smSNgiUrntkXTRU7MHRsWHQZvDFjczZiPdNjq_YFoALxE6YJCDeNC-CvF4XQKUmbIDp4jUmv5CXoeEw4MZL9LJxIJxFwoFu2ObwpuO9OAGp4lkT-Y522Pw9B_LSHK--jWs4oZo3V2_qQqykWKMRKxswRUjEdPer0yAevraAX1Lm6dqELnjQjOTtsH2wVksqcCPR3C67D-zVMXy56T4PjXidQNKGZrTty-DF_5Ilfb6zX5UZjbaRRl6aNByrI33D6Sc3XSI9RG8efgZ8yxHyN_WuMwhVsxjCMx4XM2VjFSuz7TNRkGKaP0zh_nRDlLXMuimfvz9PpTdLIo8U4-qHzH9tJwtdx5oA656EewxrDBviMC1DWdeScZN50wwOKz2_02eL303qpSLuyG6v3si51U78WZ4nIsqLHOpFbfCpOXTp-Ag1qge_Gh8uoCVoA38EflmT7gLK8UCS8k2MZrVVVxgfvNiyyl9yHs_235k-hRDce9MlKyf9byeJgLaKwDEmhQMyc2f9TABWwLosiDnegocNKyYowDnGdT1if0gfYsTfHu812jUVhmDcMQri_EfAjq4KU47dSE7NlDxL_NY5YkMvYgI4M03JUaY30rcmsK5-346KPR3UF6aF0RBrP6etF8DAVom4eBhSSitTq7hy-9QEjCSAsOAKFRkh3rLQeoeMwrJCytRdJiLDK92ZlDvjJjKnuIaA2M_CxttY55TBB6rdW8PtSYC4w-G9L3m0lOyE1Y7xdGd16Z2hyWySpXz5RZV3tQdSgAc52WkGGHms_NN4PtIW-ObgTMClw7G4Uz4eHSa1stJM88zflE5IO_fK1ayCQAfK4RPZGy4Dq5d88ElVW172KVSOAAgpYUARv5m2lMjMlB0_lI4g6DGUvG90AGp4QF6mm06gLStrRCetPII5XBqwwda-1HDTMcb-YgCiyIgH6uupvjwCCaUYJQ2q-Ej_zkcBUU-9FjN4LXJ-IQtSq9qcxvAHZAooLGcKk3o_upRsma2J53damoR13qJPJKDGWX1w8T7CI1iu2FozbCF6Kbu7_4Pfy_NGqWdep8xUyGSd_bmEyV3nCCoXjCvFpgoA4lyEVkVDvoMHnEvxpoFvan9C7XKDBsa_BQvvCsdSXs2P8GOObRti5D7HWNxD4wdnyJUC5H-AB0BzZwOsqwumjio2EPWghzxg_Jtm3nE0a-26p23Mkxo2Z5PRqesAFvsrHkX0tIPJHN_S4GsAp3sCcywywTkROAUoUQPPvRRJWJe6tw_BKiv26HoBubi15PycMDULs_lNayo6Sjzu1H1ZDv36Q2jkBczA0u3a0sHAr5UejCBk7MlqycLyy2XchmYs-aM-mnnNhyDRO7-6qjNambBKC8kaX747fYJw-ft_Vi4yCC6aLP7-gi3BMbHTUAufGBUwrArVPLI_ngaCPYryEHMI8LTVwWdTI1ylmsXkI_eJ223dmfuHrITY-z4E4LIXHGMBfHKDu93qmR5qs1ErfgZlYJ1n-0XLX3FK0NE-v1Fj-_3apbxOBg3dztHa-LyPKQll_Q_R-UH38bPFhEcz62mMXppuwr9nnNIulTZPE3v6F1bIcmPKy1DfQ-xfsydjLZzuWOtVsjO0fw4SCkRZtVRDCkgMDcpb1vJHqioq26ZG2-KX6ZZZUmDT&cid=CAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25F6 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A33 7 KB
5 KB 33ms
18ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98b9746e8ffcccfb52c63d9cc4967fb78dd43b664cdafdf8ef395948d310e0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5206
x-xss-protection: 0

GET
H3 200 60005582_20210429075504704_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5A33 25 KB
25 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075504704_728x090_LOOK-01.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aab1878c7638611910cf289234895d55dae2d89977cc4ae0e5d96c5534f0fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:45:47 GMT
x-content-type-options: nosniff
age: 83538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25106
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:55:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 04:45:47 GMT

GET
H3 200 60005582_20210429075507695_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5A33 25 KB
25 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075507695_728x090_LOOK-02.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd4fbf8e342a1cdf1ecbbe9414c39b60fce43216e8e906c0722f59b6377e1276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3502748549995560960/728x090.html?e=69&leftOffset=0&topOffset=0&c=WUy7xhcDgN&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:24:15 GMT
x-content-type-options: nosniff
age: 48830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25204
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:55:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 14:24:15 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 5A33 43 B
609 B 33ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146032381_-0&ref=25667676_4307561_303197273_146032381_-0
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 497B 43 B
308 B 90ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 497B 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 497B 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 497B 43 B
308 B 91ms
91ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 497B
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
pragma: no-cache
date: Wed, 01 Dec 2021 03:58:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C182 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A33 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 25F6 11 KB
4 KB 47ms
12ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: afe2837be8a31112dcc7becad310d2be26afd712c1ac94a54cf2b97cfe1781a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3934
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 65FF 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3878 640 B
318 B 20ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:05 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C182 72 KB
30 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZ550vj1qYkOBi3oezEY5tHe9R1NdDsWNKGw5q74KLlGtZOLD5sB1jGmecM0x9eK_EDmD_c767441ySVhGKsMx39xs4-Zi-qcHgVCiR_rCR1CmOB9M0_oiqkJfnchVtll3KnqJCvSK3CRnS3IzTd5EA_naAQ&dbm_d=AKAmf-DHzFhqqgfie4yv0eyf2WK-dLD5zV2KuckeZuPGtuq8jYdLKNDBa1pZ42CerqAV3M7SXzBhuppeKCcKPwjI6fohckAMJc2QavkEwmlstBEfn19QJqiAWEcPVPtH3GabvrqC4L4ubyJgiBYLV4dy-yMEKC0hjSHJMrto_prXBkN8kBcXmI_G2WR9ThAsuTJdtwKmImu3a9zG4hOYe31PuuUO7m5zG6dgUQLDW_Y1nC4Jmy25mnvs3FEiCYmPZNHD6CtnNdISqyBxA2O17ic6Z3-hs0JFgCYbuG6NyK38mEAVAK9RUgada5Y7A2qvwQmf1r0DBobUVBOtxnqjcJQFuIs9bnOMdvU0zPHW_0hgZJ09OZUg5PD7a3HrAyU7HPylFNiTcKwYNhc-a_01mb7kBTeWIbVsZsJ-XiduHZhAe6TCxNGpdKhYBDh2FBXPnAX-CTFQHe61sVgUW9UNyLS91fgsqewhUS6Ei7Dv8ezDu4SiXaXsCgFf4iZ6_9Kj_r36FrJpamkKxsYN7ObRC6frCSm8q_t3QiVyQhXyRvTEIh8fBWAj07hihtIuRDfpKVyMmHkCX8ks8Dzm3HDVGMVtQPhb6EwoBjylg2moR5snI81XoYJkejFYXqMqxfQPIZUE1f2YbRXeQhs-U-5E3MyskHS2qDxPNbdxMbPcBeTgFpRR3wIyCokjA96khRSZbRpoVvGPCpXYVszP-xjAKmTtO0qg3qgdcYVZPIL9gZa3N5etV0Z-nai5nXBXBzkNf6i6io7Lv5dZh8jiatEgZVw_e5B2_eE7DGqIVKk95idZX55CrWF20Xf9QvUOhsa0AMekL4bdfc8Em-pV80o-ocmkuLdBlQ-PkPscqvy_g4MKxe4hZ26OW9QEbwJG8Er03K5pkL1ckqdcgLVy2JW0b0qxLN8G-5rOo1iXUjIQtFfghIStn9rWYYMiMn-o-r5GSe_OYdIJWxe4dbxfE_1WXVI9LCuu0_ZQs_lDmcz-sgMiBa0bc7elEH_jkh-10wnjLZjSyKZ9PoMAXoJpcJVwwN3I58W-7q9rOhKFWa2KvRpKjDG2UeWsOIFHhjWn-wWYA-UsXK1UM1E9AZFUQaeTY84PTGK4E8a5Yr8eCX_Qq7AWAuk2MSBXzhy4SH8Chz47kQQrB3vWN0NmtFK-0IGBuVT6wxMM6rP5Nd1nfP_TS8WjpghIA2oReIsuuNWDIqLD2RWjTq1FOt0cl5zE6ALo7ZHgLhbhe9J6ojj8vKyQcjq4do-7JOqlinsoAFWnAbFUl6AwCDsRu2cToulaT6slDn0rlIrcJu3EPAqCAkSVI3QWp6-rgoGQQqqF7kkzrynP2kZGJpA3pXHI5f7wfvo9opMmKQ1GQ7CY38WYFiIrg8fUtCAe_eqguQmiIgg81QQXlArUxTnm8OnJlQO4hQtHpAUwsy1tLesHzAp5s2-SFv2lAjhXHrlr71s4YWIdWBumHVT3IukkRiNCxShBRAfSAMms9-d3zEN-5c3X0rNWRijfcNlJXySQlLJAzeaWUAaCaSdlxQfv79F_uY5uAwjwAiOQkqLjEVP6JAD1drKE3V4X1pvW-h9XYJ-qntm9pxh5dibLqJAKwFnSAE-GmkGGYzFSmRYQLo29EQ3Ae7Dx3DqnfixBjfcR1aqvU2moHAXnEzUGecVFynQhpv77gqYapH4XX08M3Sb1Y3KAuJZPpzDXNu0qfm5BZGxyFGVN6TeYzX6j-dFsJhxyivtOO6KcSPR97sGh0zhHSHlbGm9NuwCjBvUhXGTT2urT7Y12SwpHJ3HgIc4E4QPaWT4A9T1SA2Xm5JlUQGdamGTz2OuzWfJNfD6XAfdt6Qo_bozInegWHiAns7uRoJ-LLaMbG0qxbMGcgdbTXoR-6Utb91-bWDywsZ7AAn5utJ8YgGo8spWcnQAx8OxsQ8JRMqT6Uopn09mrFGVtGXaD_piLWmg2x9LPewRzFDQSuKfft4AmxiL5r0MXPTb6HBGNVe5BBiXjzCimcoUhMNb7suAdhAnyn0tXdQEVKc3mbszOAlKTM0oZB6QC7g9NIhLtj3OL12aJ7icVpRjV9Pqgr0xQgW7j8e1sLNpq4QC16L1Pj2eaV5fs8306htqUD1fVjw0na4sArzZp_QzgHyIR8srouplAHCe4rqrxNftrPs7bfFVdazpRdoeqGCxzYhhhW9yYOyunb0otOf_KNQyg6YSnsSVRdx0IcatLYpmARL8zJKjX79P_0hf_4-5WGecGlrbLdoWhOwqT01vh5ZLGqfrwJ2zqpCNzN9ahSoDQNoMClN-nWtaCvRDn7zIYweBoC8SMueI0fpIer4fAk44yjDwjNksNZRFyYIyNe9_VnP1rBBtd31BSM6ppJT5y46PxkEdpks1ehLkyz-mjlhXaJ88Wl7OqD162MO5ipAngERyIrcOfcJgwBXouvHsAtsrlIShoT794H4A6qieS2ipQK4JkzkfjjKNQ4bLSGte-z4E2sfiBIcCEEaRInmESRnzgPNfHifPb3PuOrb6uP1bIyhbMRA5CYVjBSI_UqubRgko6pX9kuZJxgNhoPK-BB-yYC7pxEFo4bfs2QyTD-7yI3laDd_ICv5hyVDyVMIAm6FwtrasH6GpJgom2vEI4wAPuKfoxz7Zwv__emkZFU26AGavyM7qNRSm6Om2k2lhUbIM1HJcOU4Oskjz3X7jEkl4O4pTWvyOC92dwRqULYhjCKzFkQtYF3-zP7M0mgXBeoElLzbx_Zz5YUaF4Y-gIyGldc1k-NN_CRh5GWVd4o3uak3vilDJN1Xq6Fjsi34kZiMxf_Dgb6JFhdh5dGJF__s5vvarGzKMj86Mvm-0GO7emzh57djkOeIIvlbdBQwhFzn9fzPYyxhZNENl7dRLHV4JKprIKGEFdbK84wZdb6FVR6kBAVowJSUT-OAi0IiBQBXtHpEDXBJH3gf_pZDoAlYuwiF1x5FNimjyvdNh_k-fM-Z_gKuyUOVWi5-JymwJS3R7LrIcSShpEFS6AQlBAlq-7M6j7lzwbV8MDbHGRD19AxPDtMp05lqcHue0_Wjwn1P64xSrbU_FxL64yrIxk0imn0xo0StXfFq543H8jFagIK2KQpsyHUyrzXdQoHZ7oL9T7WIon4Hd4wsvacIQFTqDzha2jlWx2-BIeS607i-6dVdY3gS7KVxvfv8iXLago20s4eIaFcpo8WCQHuGSRma9sXwdhufTSsGGLBJJqbJ88bcnXeYBPCLA_mWuOlso6Jc4Vqn0bVCkssh76_FxAH7bwf2ZDXaTJvi7FaPtDdIJ6hmFeqpx1kX_KEmRprqLsilg&cid=CAASFeRovM51lLC90RE8MhszNvw02_dDKw&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da081aebcda8fe07044ee583eb254eebbb00016012a2c4697a103e2f327f2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C182 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJ9D0p5Yx3WNUysjM5TlJkaVVdwOv6TZYhFSOVKNjWpjKZzaudqE6_biqyKAJLgkgcWdcVR2pAj0qJ6tipF9aVFptM1iwmWiNX3U6_wTWh_tttNTI

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C182 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C182 119 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C182 15 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C182 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRw3ErS6k9bKw4sviU16niwAdDqnyiXK4tIYcG9WEpl5bp2FFIP6m33fAhHwrYm7pRkyDjRzZku1PQvXjHU7gOedXPH0A
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8273 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 191ms
98ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame 25F6
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

103ms
80ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.diarioceleste.com.br&random=6905245812440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3ca258226d6e22d7d4d719eb4d43a3d8452fe1353bef796649237a6d01154c62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 69954700014419400710612011795011
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 893
Expires: Wed, 01 Dec 2021 03:58:05 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.diarioceleste.com.br&random=6905245812440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 01 Dec 2021 03:58:05 +0100

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
92ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3878
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFGg5qre7Mv_xjbg_upPIcY&google_cver=1

43 B
114 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFGg5qre7Mv_xjbg_upPIcY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFGg5qre7Mv_xjbg_upPIcY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3878 43 B
306 B 40ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3878
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEB5A6t_BPPV-v8SC3jkeCYU&google_cver=1

23 B
172 B

32ms
31ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEB5A6t_BPPV-v8SC3jkeCYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Dec 2021 03:58:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEB5A6t_BPPV-v8SC3jkeCYU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3878 23 B
172 B 73ms
34ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQuKirARjXzKy6ATAB&v=APEucNXosymZ1pKvHOinjBckSR3n2k_8OIWalI9ZKCaySiTx7DX906655dfCcqxk8zYSGeicPeGX20LpuGhexwAQ9bRXBVM-H3yvyIyntfh51_jLsJ_7-ipZuUUjj2GW1dN8Dh2ZxM04vPreOsWmf-NdkkD_8sP2DGXj-t0pKXeJj7fPoBAKZzI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Dec 2021 03:58:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 65FF 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C182 106 KB
37 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:51:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame C182 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZ550vj1qYkOBi3oezEY5tHe9R1NdDsWNKGw5q74KLlGtZOLD5sB1jGmecM0x9eK_EDmD_c767441ySVhGKsMx39xs4-Zi-qcHgVCiR_rCR1CmOB9M0_oiqkJfnchVtll3KnqJCvSK3CRnS3IzTd5EA_naAQ&dbm_d=AKAmf-DHzFhqqgfie4yv0eyf2WK-dLD5zV2KuckeZuPGtuq8jYdLKNDBa1pZ42CerqAV3M7SXzBhuppeKCcKPwjI6fohckAMJc2QavkEwmlstBEfn19QJqiAWEcPVPtH3GabvrqC4L4ubyJgiBYLV4dy-yMEKC0hjSHJMrto_prXBkN8kBcXmI_G2WR9ThAsuTJdtwKmImu3a9zG4hOYe31PuuUO7m5zG6dgUQLDW_Y1nC4Jmy25mnvs3FEiCYmPZNHD6CtnNdISqyBxA2O17ic6Z3-hs0JFgCYbuG6NyK38mEAVAK9RUgada5Y7A2qvwQmf1r0DBobUVBOtxnqjcJQFuIs9bnOMdvU0zPHW_0hgZJ09OZUg5PD7a3HrAyU7HPylFNiTcKwYNhc-a_01mb7kBTeWIbVsZsJ-XiduHZhAe6TCxNGpdKhYBDh2FBXPnAX-CTFQHe61sVgUW9UNyLS91fgsqewhUS6Ei7Dv8ezDu4SiXaXsCgFf4iZ6_9Kj_r36FrJpamkKxsYN7ObRC6frCSm8q_t3QiVyQhXyRvTEIh8fBWAj07hihtIuRDfpKVyMmHkCX8ks8Dzm3HDVGMVtQPhb6EwoBjylg2moR5snI81XoYJkejFYXqMqxfQPIZUE1f2YbRXeQhs-U-5E3MyskHS2qDxPNbdxMbPcBeTgFpRR3wIyCokjA96khRSZbRpoVvGPCpXYVszP-xjAKmTtO0qg3qgdcYVZPIL9gZa3N5etV0Z-nai5nXBXBzkNf6i6io7Lv5dZh8jiatEgZVw_e5B2_eE7DGqIVKk95idZX55CrWF20Xf9QvUOhsa0AMekL4bdfc8Em-pV80o-ocmkuLdBlQ-PkPscqvy_g4MKxe4hZ26OW9QEbwJG8Er03K5pkL1ckqdcgLVy2JW0b0qxLN8G-5rOo1iXUjIQtFfghIStn9rWYYMiMn-o-r5GSe_OYdIJWxe4dbxfE_1WXVI9LCuu0_ZQs_lDmcz-sgMiBa0bc7elEH_jkh-10wnjLZjSyKZ9PoMAXoJpcJVwwN3I58W-7q9rOhKFWa2KvRpKjDG2UeWsOIFHhjWn-wWYA-UsXK1UM1E9AZFUQaeTY84PTGK4E8a5Yr8eCX_Qq7AWAuk2MSBXzhy4SH8Chz47kQQrB3vWN0NmtFK-0IGBuVT6wxMM6rP5Nd1nfP_TS8WjpghIA2oReIsuuNWDIqLD2RWjTq1FOt0cl5zE6ALo7ZHgLhbhe9J6ojj8vKyQcjq4do-7JOqlinsoAFWnAbFUl6AwCDsRu2cToulaT6slDn0rlIrcJu3EPAqCAkSVI3QWp6-rgoGQQqqF7kkzrynP2kZGJpA3pXHI5f7wfvo9opMmKQ1GQ7CY38WYFiIrg8fUtCAe_eqguQmiIgg81QQXlArUxTnm8OnJlQO4hQtHpAUwsy1tLesHzAp5s2-SFv2lAjhXHrlr71s4YWIdWBumHVT3IukkRiNCxShBRAfSAMms9-d3zEN-5c3X0rNWRijfcNlJXySQlLJAzeaWUAaCaSdlxQfv79F_uY5uAwjwAiOQkqLjEVP6JAD1drKE3V4X1pvW-h9XYJ-qntm9pxh5dibLqJAKwFnSAE-GmkGGYzFSmRYQLo29EQ3Ae7Dx3DqnfixBjfcR1aqvU2moHAXnEzUGecVFynQhpv77gqYapH4XX08M3Sb1Y3KAuJZPpzDXNu0qfm5BZGxyFGVN6TeYzX6j-dFsJhxyivtOO6KcSPR97sGh0zhHSHlbGm9NuwCjBvUhXGTT2urT7Y12SwpHJ3HgIc4E4QPaWT4A9T1SA2Xm5JlUQGdamGTz2OuzWfJNfD6XAfdt6Qo_bozInegWHiAns7uRoJ-LLaMbG0qxbMGcgdbTXoR-6Utb91-bWDywsZ7AAn5utJ8YgGo8spWcnQAx8OxsQ8JRMqT6Uopn09mrFGVtGXaD_piLWmg2x9LPewRzFDQSuKfft4AmxiL5r0MXPTb6HBGNVe5BBiXjzCimcoUhMNb7suAdhAnyn0tXdQEVKc3mbszOAlKTM0oZB6QC7g9NIhLtj3OL12aJ7icVpRjV9Pqgr0xQgW7j8e1sLNpq4QC16L1Pj2eaV5fs8306htqUD1fVjw0na4sArzZp_QzgHyIR8srouplAHCe4rqrxNftrPs7bfFVdazpRdoeqGCxzYhhhW9yYOyunb0otOf_KNQyg6YSnsSVRdx0IcatLYpmARL8zJKjX79P_0hf_4-5WGecGlrbLdoWhOwqT01vh5ZLGqfrwJ2zqpCNzN9ahSoDQNoMClN-nWtaCvRDn7zIYweBoC8SMueI0fpIer4fAk44yjDwjNksNZRFyYIyNe9_VnP1rBBtd31BSM6ppJT5y46PxkEdpks1ehLkyz-mjlhXaJ88Wl7OqD162MO5ipAngERyIrcOfcJgwBXouvHsAtsrlIShoT794H4A6qieS2ipQK4JkzkfjjKNQ4bLSGte-z4E2sfiBIcCEEaRInmESRnzgPNfHifPb3PuOrb6uP1bIyhbMRA5CYVjBSI_UqubRgko6pX9kuZJxgNhoPK-BB-yYC7pxEFo4bfs2QyTD-7yI3laDd_ICv5hyVDyVMIAm6FwtrasH6GpJgom2vEI4wAPuKfoxz7Zwv__emkZFU26AGavyM7qNRSm6Om2k2lhUbIM1HJcOU4Oskjz3X7jEkl4O4pTWvyOC92dwRqULYhjCKzFkQtYF3-zP7M0mgXBeoElLzbx_Zz5YUaF4Y-gIyGldc1k-NN_CRh5GWVd4o3uak3vilDJN1Xq6Fjsi34kZiMxf_Dgb6JFhdh5dGJF__s5vvarGzKMj86Mvm-0GO7emzh57djkOeIIvlbdBQwhFzn9fzPYyxhZNENl7dRLHV4JKprIKGEFdbK84wZdb6FVR6kBAVowJSUT-OAi0IiBQBXtHpEDXBJH3gf_pZDoAlYuwiF1x5FNimjyvdNh_k-fM-Z_gKuyUOVWi5-JymwJS3R7LrIcSShpEFS6AQlBAlq-7M6j7lzwbV8MDbHGRD19AxPDtMp05lqcHue0_Wjwn1P64xSrbU_FxL64yrIxk0imn0xo0StXfFq543H8jFagIK2KQpsyHUyrzXdQoHZ7oL9T7WIon4Hd4wsvacIQFTqDzha2jlWx2-BIeS607i-6dVdY3gS7KVxvfv8iXLago20s4eIaFcpo8WCQHuGSRma9sXwdhufTSsGGLBJJqbJ88bcnXeYBPCLA_mWuOlso6Jc4Vqn0bVCkssh76_FxAH7bwf2ZDXaTJvi7FaPtDdIJ6hmFeqpx1kX_KEmRprqLsilg&cid=CAASFeRovM51lLC90RE8MhszNvw02_dDKw&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame C182 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D1A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/ Frame 0C65 4 KB
1 KB 9ms
6ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0a278929dfeaded74d8079fb2040d71e3bffcc743d431165521f4725b4ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1469
date: Tue, 30 Nov 2021 23:01:27 GMT
expires: Wed, 01 Dec 2021 23:01:27 GMT
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 17798
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C182 0
24 B 51ms
50ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstN2e6hv2TNxAjCqiH4es1OvDwDbfqModsUdRnBDQqamAy9iYqF-8nfXzWJSOo7HxQirvi0M4FmStq2k69IXW7QSat_2OcJtIvCx1Sr4GLifgXZEg4mJY3c9Rnb1C4tR6vatdvnYsiz-rfHKEsdjEBV_pgNTCOXjR-TMubP5ihSplZp1k2UPNkXYnzMghiBtojQRv2h37Ji1pSYE21w6BcOuPK2tIgndvJ2bjCglmp2hM31SnzG96CK16T8Azs0s841_rAtNBGWpc176k6zCwmDJt6fI8xqMS65uRKfLe_QUi-euzt9zKIuQ4hTZSqhC_QBR7v5Z2CupwUTHH5VVWinQglUPetY2xQ7pgj2-c3yrEpr4dRn80R_2oUVPGpNSkDvC25Sgyx6gUekQowikRDd2O1h-8g05cbM8JTT3TaTeFiHczR8oV_7pqmcWBn3PzSNxQ0mj9b67UQFZBp-MZJ6UR5YLcvPBXFOWlSTUuOpN_xaIRumgfXPYq6PDYY17bPe8kBj_MgtQL_WJW2vu3feXfJA20S2Da_zUAksqau0Izfberru7Fwnn6MxHSPZ8BGCGrtc3ucnaulmTp5uCtgAK-iT0jRRYwGt-k1VCnttnGg2CZvHAYDF-XmawX5dIDDvaAvE1Bs-ZUNYQHC7qIa7zr-EgbRvgo9_xHuTnyiTfQhOlaV0fYLmk839PTNcDQBnNB7Yva9HY4awGB2dTvjh2bB5DKDFS5M5_0q-ANiQUjwPGrNLyZKiRaxx1TtsjqqTWXhyqUE36ZNzN8GkI5W7DOvdL6MyFnmfsPYBGrnTcu1jF6AHJYNYAHCeG4HpreYCDKpmSJ0iWEwVlPU7KtIHbMJcDFmBY3aWQaQKbmJtNdAnn_6VrG_G4btzvhnhMGxdVHBPh4S8kD0126jRQTibOQEY0TSgodQoqVmt-yUIyzpKH08nV_SEPehPHOA2KAt6cYJ0XK0cGjbQsMqpwrE1q5GsBEMy6KxTkLiC3TSWZ-KtpjPbQQ8xLfE75TbcE-Gl8LToGHjI8zE7FYFxB6k2y1UdOrF3LzzUbNE3HHwvlsVWNBJNPQ4baNsBcDgCXYh8ueqyIYJxeZv-d0rWN1-9zKTHKurRpq2V8PKRCvNHP0-1DFLXWOySXCV8_y3p9nbWI-b8whqaxaJfeT5IgctZxQEx6cVK3IFJXmsjgBhDtVFFtskBz0bJUb7zzdQeVUwGhrafDmV&sai=AMfl-YTqjlBO4phLowFQnPieF89N8SqLGw6tWPUOExPWX9vITuGe3dEoI6QkrWM91tUwZvN2ye6FPw9OlNH_HTPbNwj-qaYtnFLMFTfthS86YHqzdcv3rU79Q8rGKDxSZRlH_ORCIkj66Fn_q3x8aEblfVN_ZdRjf-NfeWrVdak&sig=Cg0ArKJSzH23tL4Xs4s6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=97&cisv=r20211111.31357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Dec 2021 03:58:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C182 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
DATA 200
OK truncated
/ Frame C182 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7026837a6c956af7fd629e927242c994f48d3211667802fb4b1d2694a19faa59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BE7 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcNHDzPKmYaWtLbvb7_UPycKu0AUAAAAAOAHgBAI&bg=!GxilGFzNAAZQLpa_UC47ACkAdvg8WmY2n0aHIN-ipeHerBJi4zVU1H4TuLIFGuDhnWtvoQgzJjiE4QIAAADcUgAAADdoAQeZAtwKNGFoD0wY5Vj7BS9aSn6eOQ974Z0XDe9zXOoMjSeXeuNi6lG-88v30erhfmZgKiLEAy0HxjtZfR8Mlhxo2E-f13hhNPkm_5AbUVw98UazPKOaPScPhirvrMhGNwJ4J8npgfW1NctZNQLtsVT3mgROPNlb2ut8SU0nO8Itb_FFtZYP01vkmk6_8EjD_4tMBUVyMx_Dqbr34TvqPVgFZmsxNghrZNrJasTd9cBDxJSTQPE73cxlxA-FmMmgpTfFOt3h0aT1jzx5ZX9tqmtdKl-EhQQE_T13XLRs3CbYHVHnunhzeYYQdCP1OgoyaSZSeFUKUyNw5pMhMr4DQoxZMjoKocKAhLElsfcW8wACQbkKcN2T8gnRKv26gbciOpzAbo_tSF0462yiUrERRqHj1xZ_1ROwlARL_oy2MzrpVDjyJu_CD7MCXy1_l7OmzVwMTyB_9yEiMV7MhAlcbK9LBYpqV76V6xGSEe5oM5qFBce1PDcj8oq-0BchchLTVJdeYBfs0gOwnoYrkL4411FYyPyH8aJAyfTCvqakG8p2YQNetWos3IEsJbPYBRKw7sNOW_rEgWDME0rGEB6GdjsE9BLqqZFm4UtbkrWgdOr_v2GPXBRpcATZQsho0ppkQEJocVrVj_Squ55RIImO5Sy3Ej3TRAHWUR7tlYGu9PcZ_nJltKhnkKyj11mZ08txQoYHQMIUdfEebprS9pTgevu-hEcvdw87lNDk_3gXS0HqGDNJ-ppnSRpgu32PgeqXk1qAn36D2YTnlGC_oHD1EgfFDdrvYrwi1iBf4adxLky2xwXEgbu40jN8pcmgqjYHKJjPGgg-hgWWDmOIUEN4LhJyHIXKq8aPYCH3OsRpN6ZBYvNsgggu3p4kLMxRwfvHliH0-D_sWWF80mr1w3dFLWeMlOu4Rs0j9Hpcq5jo9sToGo52w7KzPn7xfxHBCj8KjWyZlf6EPCnZn7fw8ilNmyY

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/styles/ Frame 0C65 2 KB
762 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ab036cf75194b898db37a4a267d4a03e85df402ee5a30ea59ec030f18a5d355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 736
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 23:01:27 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0C65 60 KB
24 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/scripts/ Frame 0C65 837 B
385 B 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2871c1b16a70375a71c00ca0cd044225535cf5d45d5550e28b2cd1c71ca44d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 23:01:27 GMT

GET
H3 200 img1.jpg
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/ Frame 0C65 14 KB
14 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/img1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2492d9b7fb2ce52546069a4e07e016f49c85689570fe41b3ecd2ea4c0f5c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:24:23 GMT
x-content-type-options: nosniff
age: 84822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 04:24:23 GMT

GET
H3 200 img2.jpg
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/ Frame 0C65 23 KB
23 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/img2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155f95be0b0f873f2ae665f6c24b3b3056a68fe740079ad358c33f740429bf5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:01:25 GMT
x-content-type-options: nosniff
age: 17800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23869
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 23:01:25 GMT

GET
H3 200 pandora.svg
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/ Frame 0C65 9 KB
3 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/images/pandora.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f923dd368c72055e674e4a8932e265ee51911ea42c51d885ca49aacc7e0dd016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2902
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 23:01:27 GMT

GET
H3

200

activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228 Show response
8019191.fls.doubleclick.net/ Frame 93B9
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228?

391 B
345 B

39ms
25ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228?

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

5a25dffef78e80498a09be54f9a1e116e3e437ff64fd3b9c05c0b43784bc52bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Dec 2021 03:58:05 GMT
expires: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Dec 2021 03:58:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame C6AC 4 KB
2 KB 39ms
14ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eeba154b58&subid=&uid=ea50f66e6461fe29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXc7KzPKmYc7cJrfD7_UP7L28qAG1zfmDV_zYuavlDPAuEAEg1s63TmCVgoCAtAfIAQmpAjqlmC0hBrM-qAMBqgSAAk_Q8IWtiEKL3MFLghXyVYuoZnzO7cunD9vbE-KYNkA4A_3D7hndFP4PH-l5PDR1lY7hJgVlrbOOF83qbpH6P8VATZI8VNxnKwXHqIUnVoJipCto-W7qFYU-5AqaWRz2zUd472YefD3o5s6KIEivva_e9ILOBDeR60S3UN4fCgHpd1AUfOdg0Uh98JH4novgX0gpHzf9ues-M7c71ro_40zd2dS9oAqSjJK5pQdbM5zPVGn6OV5fATY7APLyMcCLCnER05FTZrnbaQyWc5zAtmgWq6gieUFwrAISyt_oaXoloMWi6BAEMYPPBqI9fwQ3YmkEJ4k4mDcZQD0e39ugdXnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw%26sig%3DAOD64_0-J72DZ9_o0AirDlxEMMLgA7pzSQ%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-BCBpFJSvFbdPzGfVM8K1jDNOAVDrnc2gqHs4FTLz-RRiFn1KAxvvxrebe7E95LjZxsT9b-HnOqMk1biNWUdfXhMFu3IoAl2nViVMvg2YPTm1zHyopI1eSxOBBaREhXOSHp8UGfenS3lCrXEcFC3eShMkQCSw%26cry%3D1%26dbm_d%3DAKAmf-Arn91oSXxgjS3vD24CJ_3Hth1JGcja_mQ01wqFqOEBLXNhhfBfqgW9jjQRvX2RqfdOISmrdpmYAE02MmY5_4qPagpHvTnsUhR3CeIRDz1k6OY3boXK4wyV8Aseagt-ryikKMTeVdx5SD6o6ORM2zHx7P5XnwLkCAeg14qu0STs5LqnIHQyKd1iG6Jo8T8aE5uzwhdltAYMEhZB5BturwTw-4wk2_hq8yJ4G6zta9Yg_aiGG950dYNlrnE8N9v7OOHSzKTm_GuhQfnvw-lnc6pgs27lP1ahoVla5d4LabUkss0Do744EqPPiiT0G5ATR22BQj-azyXo5QtF5P11_yAXnD7WgpJdxLzEyG_kYikjIvHz54krKrmoIBacAXLXVCHw8uoewPINeXbuPbyYv3QpE3ckke0mbDErIJhr0H3_BvqLJJhgtX0xvjNJ7P1XmH9oiOwXoT6TpXAwTArtD_yF_J8s4w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.diarioceleste.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.diarioceleste.com.br&random=6905245812440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 556af9da72772cdfa260b1243e71d6dd38223a45ed142b76e359c9bc2207af35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 01 Dec 2021 03:58:05 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1524
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 25F6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce9c7987b4f388240ba2afbbc779eac838870389abd54507f8b4a0a8dd5719df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 88A1 499 B
336 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVSwOMJx3egsCpTWzj3Xawrn-9KwKp0HF84BRzLvbOcTT0XcrHkicoYThrzFfrC6yTfX605s5UdyTvDLsLe6EmUZd8Q6Q4DHLgkiTLQjVWhkW3ydyqj6Rqrn5InD745oDdws1CgAYeJSFzGhXAe1wNqXgxnKJmS68qtdJoCQSdodSuBK_o

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:05 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D1A 72 KB
30 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnNEkRaIEFxttK41d7ARlDpmAoPsIGt2rczEsvoYjELr3xC07N-54MfmP2Bgg_uNGPfegcVxqma9P9zHhAPQks9CpK5IpzQiTd5O9HUSNJMN_IaordCxJXJqpCm-Rz7AlH-9hHjwzwcWnGjc8FYR-HHJ4nFw&dbm_d=AKAmf-B17FFK0VYa8KUIN1i0w89YmdgEoY8jEyrOinQlkUsMVxZRrGxdTHoSrzcC9HIjoo5Koy-E9fJ1KhIHSsFxzvXY3b_6EpZpP6ahrzEM8Xq6JhqZVgzCxT1RW8Tg_sfq383REF_ZlWctMqewXzWGqfS7vsL1sUiu9OcUFSqelKwrPGdIxqtva8dF3okGmSt0P-3Mm2lnQOJkk2rruJlaecUTrAzb_TGngAYJCJ-sbo_2yb-UT6PKdpJk7X2OYglZayBkF8JYjfN2yD8Qy4rhO-yeFuu28JnUsAmn73dIWPurIIe7v5Y1i9n0mRE778nLCffY0m1L56480Dt33Sgf2yKQ8naLixQo0l59QXyPaUMWob5DN8L2cNcEJoeD6jSP3n00ZbXyjVZovfNUn8DLL2HUbC34UBrjgiu_Zwo5zBbnRMouWGgAFImlVoOtjdNScrb3EoY5c4jfVE4wbABS-MzrYfrGjZDzB4Tg4qd4XK3FBl66i3aqKK4Klz8Rvwy10zTmpRbDzpVd4ciBznI6XkoYD5LxdvL3zRLIbXIwlJjT0VW7deUKsVPXGMCu-9rGLZfwWcbEzTkpBN81ke5RNGOCJglLFqhqGDdZwjl7oD8u01XlNsJ0cGh8yPKNJyhshn9z-WRn300OaW_I6_mN5Xf4TdLDM6ID6Y7fg5aTfAdbz4jZRBCdxOMLh9-Ad6W4DS2Bc-krVWkeRZR_AF_xIzLyDXLlOopjUT9oMf9MWDy6iAZYgk4qciK6L9fNUHfpqMMGREyeHoVClwgKXuxJ6-108S5H2UXvSRQhsaJNs0l9UW8fWCPK83-nQ5ovbzb-OZtTmRfLgNQPMnolgzz05QuPlIjVCLnfwm5X13S1Qa7vX-HWoD6-AygVA4IICJTGr2bW1gj_AhjZRKVKnNr6rsu7v9ezIj301fNaARWnBEwjQcnTl3o1UILes_vwh7imnFVXO7AsLu7DaKYvZspl8gqeVoZsic6iU8ZJcLtXuzgsY4r9prSOxkq_0VjXuNSD6kbEkspU0-qb0awYipk5RLZWuoBhmCTwss1n-hdz3cUF9WT-j67n04Fj8Cho_TU4y747MiZsTU_Zkm1jZ86vOj8fe-1t3UM_JzT-033RPD5yp3kmk6z2ZQps0NKOUtQFYfiv9tJH1bTPxrOkCxsRlvo-Y90XehiOic94TVzjQBxL46WU9iSNx6AzKssPJH9PMYcY_A9IxRuBTNeDqz5KAw5ziwK1bymAOdF-kwUHXB69hn5soCosCg6qjkH5btUCZvPRtKbb0tT9vVuQ7QlkupuWph0P5nA8q1BpwYbZiKBC_8-GjI88g1Lm4s3Dy7Kl5oJR5-m2JyBiQ9Nm9kRRsn-6CPwmIlPzJv2AIOD9KBE7twV-6As66s97BvUKYKFY0_MFQ3pgKZKE4Ap42Fv1w07DgsmO1W_9uP-aIYy9sJfhWPMkcX4lPZ4_idoP7T8a4QfhmdbyllTENzMc3hSoA-5XeMr6yum0kkyQBw0yUJqHf5ZUz6yrCWCzXjUz9IYaSTGiRVuUCjndUvHufepyDOrxGeBOOLbX609R7xDkEGfEhNaX2R2DMX2KeRTvPoiW0l4gpTmbolpSdOxVcz97qpJa4WrTff7y48rSFfX72KqZrRnSO-TuBa80Fnt6pk8RY_lu_owPXSZMDGoahqE40bd87aUDcP0Hl0r2RajelbuSLTgZG4ajnlWaaTqHZgeHcGuIfsCr21C0ddv8FkhAr8E6dwiB3yBg_1JWjaOjq8FGZ19pwLYiRtx_kfmfoGdc9jquBZi3KEVN4-vRIVgOcoqFUK48ur1ddd3Q-DM1tp6P82fVPzBsGxMj72T1ULHO5A_kVGu60t_68E7W5SkY6-iyV0kWbFj82hAVIl3BjnA3XUyPW8TvDJLH9VwNOPfKlp2Z2GjG0QCPO-2Alh71_YPRjD01pXmZsciP1YNBp2eEd-bF8Fq5wuVzWowKCeMD9lOlcAIInXdD2AKP8o21xlUEg23YinywdpT_WGjgpzeowlT7RPlLQ751SugW68oZPzvD1TznsCuYcO-n_Y5F-oSGcy5x3-z6MYyiKzCDBKq8_6qqPHwIWRtyJa88u62O2O9CR0T4n3ktlS9VNQ6c_V4RIwhQ64oFC4OAD3LpFpgOorJz1SbVIT3SRDGcMylqT_7dLtfxP-X-9j3OsZFtdGtOKy5eUzewzTBDmbp8CNnVALPH76m48UF_ipmYGdBo9BkrBdxFcEPZHjQfKcGVpV0LzuUKkUpVv5waUUs_qYj_dRLmkZ7esVVpPitj_P0nHqpMapadVPw90VOalnYWJ-XLCJGFAu06Gm85U_CBrS-JZDnHckhjWcJM9ZynW_xvXuc5Eum6AAH7-PGfo5yJB4cuMDL7JN_qBDDFgfxtVUKBcIcObv2R4sfyWmxlgVSJ5QGvJ6CwVXGVE9ulqT6JqOM7feCIUtpfxY55SKlFZs8brpd-47XypEYNkQ4YlL2gGm_IqYeLTsGqjBmKx81DvoCD5SwwGi5k4Qop4wZD5NychbPgZ1dbjMTEOg1ahPr-q-rTkhvRIQOxDh_YSkCgwpS4XZguEGNlsOSgb2QH-nxWtrZJeHKOLtPLtTQ0TIjjwbV4it0reURIfFCzPnGcco5TL-OKGWrt8MN9_tEFGFg1KO2ymmqwriiZ9Mtky0f2HNrE0sOQCw0_Sp17LyEH2UM5YhFNTr8vpfQKtwBbmQ909ILY_PxvH6a564OFLPL0tNfsCKQVrNv6o6WZ0XOPr9W8DgwMBl8Eam6H8oKUd-V06g3OFehBnOsjZqkc_vwH3egdVwI9LGKkmYFU_x118W2hWAqY7rthw7p-Ol_HItoGqSBTbPbtID1ouN13kt8lgbFW24zM9nikWzCb0Q5ReLXPzjP4K3Yw0R7cPg5xD41zc4SyoLHKUpuONC6aIuc0ROcSCWznUqgsKRt2TRgEtPQtPQHf-WcqcTyq7xK6XjL_3z7sK2oQlOPZEPq1MiLknH2eautv0jX9INbSR1H8wmuRQqTMGBPl_TbJ69VNNQhdW189jbXy7S8BpNfeiRLh80OuomRLuz-qnWIQ3JBviWXjaOIhfDxMMvcZTvByk9KmT9toHvAtkooDbVxWeROzEAcA09jC3R07O8oCZx3gsPdgafDUBpj9OSG4NF3fR1mEKXPgK7FYHPY8QKcbCQ7PCMfLMFvkBkgIMuI47w7D53dV8TESYAVlKVzYBJ3djsm9Cks2v5-pmmnShAOdGX5UUuQuw97Y&cid=CAASFeRo7Bk-C-LiuKSthJWksR9EKaFJhA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c2224a56ccfd59020e130240719ce53d0512acfdad13b6cd8b7d319c5b7af31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D1A 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8qvuR3G63ZkasnFu4F1yF86AL-q9HV-JezjIfaDlw7dXCyeNSS8TXkGSYUTR51-7_f3uNI0xqmITGYpP2tnc027pNZdCOmiwLjZEB9KVdDs4Faow

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D1A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D1A 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D1A 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B43 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 PanTextTT-Bold.woff
s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/fonts/ Frame 0C65 66 KB
66 KB 9ms
8ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/fonts/PanTextTT-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd864a431fb1bc016f717b4fc74b9dfdb4d8dca2d10bca7a97e03cab38ff3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/5739429/1636390026743/Pandora_Prospecting_Giftsets_Family_Star_G_DE_300x250/styles/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:01:25 GMT
x-content-type-options: nosniff
age: 17800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67108
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:47:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 23:01:25 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 88A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1&__user_check__=1&sync_id=e3505c66-525a-11ec-b051-1e5bf6c20506

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1&__user_check__=1&sync_id=e3505c66-525a-11ec-b051-1e5bf6c20506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVSwOMJx3egsCpTWzj3Xawrn-9KwKp0HF84BRzLvbOcTT0XcrHkicoYThrzFfrC6yTfX605s5UdyTvDLsLe6EmUZd8Q6Q4DHLgkiTLQjVWhkW3ydyqj6Rqrn5InD745oDdws1CgAYeJSFzGhXAe1wNqXgxnKJmS68qtdJoCQSdodSuBK_o
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESENfRM2G1Y-nvgX1_Mn0UHLw&google_cver=1&__user_check__=1&sync_id=e3505c66-525a-11ec-b051-1e5bf6c20506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 68
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88A1
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTM0ZDMzYjItNTI1YS0xMWVjLTgwOTktMTdjYTg5MzAwMzA2

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTM0ZDMzYjItNTI1YS0xMWVjLTgwOTktMTdjYTg5MzAwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVSwOMJx3egsCpTWzj3Xawrn-9KwKp0HF84BRzLvbOcTT0XcrHkicoYThrzFfrC6yTfX605s5UdyTvDLsLe6EmUZd8Q6Q4DHLgkiTLQjVWhkW3ydyqj6Rqrn5InD745oDdws1CgAYeJSFzGhXAe1wNqXgxnKJmS68qtdJoCQSdodSuBK_o

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTM0ZDMzYjItNTI1YS0xMWVjLTgwOTktMTdjYTg5MzAwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 88A1 0
444 B 30ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame C6AC 44 KB
44 KB 104ms
31ms Image
image/jpeg 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C182 0
23 B 43ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstN2e6hv2TNxAjCqiH4es1OvDwDbfqModsUdRnBDQqamAy9iYqF-8nfXzWJSOo7HxQirvi0M4FmStq2k69IXW7QSat_2OcJtIvCx1Sr4GLifgXZEg4mJY3c9Rnb1C4tR6vatdvnYsiz-rfHKEsdjEBV_pgNTCOXjR-TMubP5ihSplZp1k2UPNkXYnzMghiBtojQRv2h37Ji1pSYE21w6BcOuPK2tIgndvJ2bjCglmp2hM31SnzG96CK16T8Azs0s841_rAtNBGWpc176k6zCwmDJt6fI8xqMS65uRKfLe_QUi-euzt9zKIuQ4hTZSqhC_QBR7v5Z2CupwUTHH5VVWinQglUPetY2xQ7pgj2-c3yrEpr4dRn80R_2oUVPGpNSkDvC25Sgyx6gUekQowikRDd2O1h-8g05cbM8JTT3TaTeFiHczR8oV_7pqmcWBn3PzSNxQ0mj9b67UQFZBp-MZJ6UR5YLcvPBXFOWlSTUuOpN_xaIRumgfXPYq6PDYY17bPe8kBj_MgtQL_WJW2vu3feXfJA20S2Da_zUAksqau0Izfberru7Fwnn6MxHSPZ8BGCGrtc3ucnaulmTp5uCtgAK-iT0jRRYwGt-k1VCnttnGg2CZvHAYDF-XmawX5dIDDvaAvE1Bs-ZUNYQHC7qIa7zr-EgbRvgo9_xHuTnyiTfQhOlaV0fYLmk839PTNcDQBnNB7Yva9HY4awGB2dTvjh2bB5DKDFS5M5_0q-ANiQUjwPGrNLyZKiRaxx1TtsjqqTWXhyqUE36ZNzN8GkI5W7DOvdL6MyFnmfsPYBGrnTcu1jF6AHJYNYAHCeG4HpreYCDKpmSJ0iWEwVlPU7KtIHbMJcDFmBY3aWQaQKbmJtNdAnn_6VrG_G4btzvhnhMGxdVHBPh4S8kD0126jRQTibOQEY0TSgodQoqVmt-yUIyzpKH08nV_SEPehPHOA2KAt6cYJ0XK0cGjbQsMqpwrE1q5GsBEMy6KxTkLiC3TSWZ-KtpjPbQQ8xLfE75TbcE-Gl8LToGHjI8zE7FYFxB6k2y1UdOrF3LzzUbNE3HHwvlsVWNBJNPQ4baNsBcDgCXYh8ueqyIYJxeZv-d0rWN1-9zKTHKurRpq2V8PKRCvNHP0-1DFLXWOySXCV8_y3p9nbWI-b8whqaxaJfeT5IgctZxQEx6cVK3IFJXmsjgBhDtVFFtskBz0bJUb7zzdQeVUwGhrafDmV&sai=AMfl-YTqjlBO4phLowFQnPieF89N8SqLGw6tWPUOExPWX9vITuGe3dEoI6QkrWM91tUwZvN2ye6FPw9OlNH_HTPbNwj-qaYtnFLMFTfthS86YHqzdcv3rU79Q8rGKDxSZRlH_ORCIkj66Fn_q3x8aEblfVN_ZdRjf-NfeWrVdak&sig=Cg0ArKJSzH23tL4Xs4s6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=265&vt=11&dtpt=166&dett=3&cstd=97&cisv=r20211111.31357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0D1A 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:51:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 0D1A 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnNEkRaIEFxttK41d7ARlDpmAoPsIGt2rczEsvoYjELr3xC07N-54MfmP2Bgg_uNGPfegcVxqma9P9zHhAPQks9CpK5IpzQiTd5O9HUSNJMN_IaordCxJXJqpCm-Rz7AlH-9hHjwzwcWnGjc8FYR-HHJ4nFw&dbm_d=AKAmf-B17FFK0VYa8KUIN1i0w89YmdgEoY8jEyrOinQlkUsMVxZRrGxdTHoSrzcC9HIjoo5Koy-E9fJ1KhIHSsFxzvXY3b_6EpZpP6ahrzEM8Xq6JhqZVgzCxT1RW8Tg_sfq383REF_ZlWctMqewXzWGqfS7vsL1sUiu9OcUFSqelKwrPGdIxqtva8dF3okGmSt0P-3Mm2lnQOJkk2rruJlaecUTrAzb_TGngAYJCJ-sbo_2yb-UT6PKdpJk7X2OYglZayBkF8JYjfN2yD8Qy4rhO-yeFuu28JnUsAmn73dIWPurIIe7v5Y1i9n0mRE778nLCffY0m1L56480Dt33Sgf2yKQ8naLixQo0l59QXyPaUMWob5DN8L2cNcEJoeD6jSP3n00ZbXyjVZovfNUn8DLL2HUbC34UBrjgiu_Zwo5zBbnRMouWGgAFImlVoOtjdNScrb3EoY5c4jfVE4wbABS-MzrYfrGjZDzB4Tg4qd4XK3FBl66i3aqKK4Klz8Rvwy10zTmpRbDzpVd4ciBznI6XkoYD5LxdvL3zRLIbXIwlJjT0VW7deUKsVPXGMCu-9rGLZfwWcbEzTkpBN81ke5RNGOCJglLFqhqGDdZwjl7oD8u01XlNsJ0cGh8yPKNJyhshn9z-WRn300OaW_I6_mN5Xf4TdLDM6ID6Y7fg5aTfAdbz4jZRBCdxOMLh9-Ad6W4DS2Bc-krVWkeRZR_AF_xIzLyDXLlOopjUT9oMf9MWDy6iAZYgk4qciK6L9fNUHfpqMMGREyeHoVClwgKXuxJ6-108S5H2UXvSRQhsaJNs0l9UW8fWCPK83-nQ5ovbzb-OZtTmRfLgNQPMnolgzz05QuPlIjVCLnfwm5X13S1Qa7vX-HWoD6-AygVA4IICJTGr2bW1gj_AhjZRKVKnNr6rsu7v9ezIj301fNaARWnBEwjQcnTl3o1UILes_vwh7imnFVXO7AsLu7DaKYvZspl8gqeVoZsic6iU8ZJcLtXuzgsY4r9prSOxkq_0VjXuNSD6kbEkspU0-qb0awYipk5RLZWuoBhmCTwss1n-hdz3cUF9WT-j67n04Fj8Cho_TU4y747MiZsTU_Zkm1jZ86vOj8fe-1t3UM_JzT-033RPD5yp3kmk6z2ZQps0NKOUtQFYfiv9tJH1bTPxrOkCxsRlvo-Y90XehiOic94TVzjQBxL46WU9iSNx6AzKssPJH9PMYcY_A9IxRuBTNeDqz5KAw5ziwK1bymAOdF-kwUHXB69hn5soCosCg6qjkH5btUCZvPRtKbb0tT9vVuQ7QlkupuWph0P5nA8q1BpwYbZiKBC_8-GjI88g1Lm4s3Dy7Kl5oJR5-m2JyBiQ9Nm9kRRsn-6CPwmIlPzJv2AIOD9KBE7twV-6As66s97BvUKYKFY0_MFQ3pgKZKE4Ap42Fv1w07DgsmO1W_9uP-aIYy9sJfhWPMkcX4lPZ4_idoP7T8a4QfhmdbyllTENzMc3hSoA-5XeMr6yum0kkyQBw0yUJqHf5ZUz6yrCWCzXjUz9IYaSTGiRVuUCjndUvHufepyDOrxGeBOOLbX609R7xDkEGfEhNaX2R2DMX2KeRTvPoiW0l4gpTmbolpSdOxVcz97qpJa4WrTff7y48rSFfX72KqZrRnSO-TuBa80Fnt6pk8RY_lu_owPXSZMDGoahqE40bd87aUDcP0Hl0r2RajelbuSLTgZG4ajnlWaaTqHZgeHcGuIfsCr21C0ddv8FkhAr8E6dwiB3yBg_1JWjaOjq8FGZ19pwLYiRtx_kfmfoGdc9jquBZi3KEVN4-vRIVgOcoqFUK48ur1ddd3Q-DM1tp6P82fVPzBsGxMj72T1ULHO5A_kVGu60t_68E7W5SkY6-iyV0kWbFj82hAVIl3BjnA3XUyPW8TvDJLH9VwNOPfKlp2Z2GjG0QCPO-2Alh71_YPRjD01pXmZsciP1YNBp2eEd-bF8Fq5wuVzWowKCeMD9lOlcAIInXdD2AKP8o21xlUEg23YinywdpT_WGjgpzeowlT7RPlLQ751SugW68oZPzvD1TznsCuYcO-n_Y5F-oSGcy5x3-z6MYyiKzCDBKq8_6qqPHwIWRtyJa88u62O2O9CR0T4n3ktlS9VNQ6c_V4RIwhQ64oFC4OAD3LpFpgOorJz1SbVIT3SRDGcMylqT_7dLtfxP-X-9j3OsZFtdGtOKy5eUzewzTBDmbp8CNnVALPH76m48UF_ipmYGdBo9BkrBdxFcEPZHjQfKcGVpV0LzuUKkUpVv5waUUs_qYj_dRLmkZ7esVVpPitj_P0nHqpMapadVPw90VOalnYWJ-XLCJGFAu06Gm85U_CBrS-JZDnHckhjWcJM9ZynW_xvXuc5Eum6AAH7-PGfo5yJB4cuMDL7JN_qBDDFgfxtVUKBcIcObv2R4sfyWmxlgVSJ5QGvJ6CwVXGVE9ulqT6JqOM7feCIUtpfxY55SKlFZs8brpd-47XypEYNkQ4YlL2gGm_IqYeLTsGqjBmKx81DvoCD5SwwGi5k4Qop4wZD5NychbPgZ1dbjMTEOg1ahPr-q-rTkhvRIQOxDh_YSkCgwpS4XZguEGNlsOSgb2QH-nxWtrZJeHKOLtPLtTQ0TIjjwbV4it0reURIfFCzPnGcco5TL-OKGWrt8MN9_tEFGFg1KO2ymmqwriiZ9Mtky0f2HNrE0sOQCw0_Sp17LyEH2UM5YhFNTr8vpfQKtwBbmQ909ILY_PxvH6a564OFLPL0tNfsCKQVrNv6o6WZ0XOPr9W8DgwMBl8Eam6H8oKUd-V06g3OFehBnOsjZqkc_vwH3egdVwI9LGKkmYFU_x118W2hWAqY7rthw7p-Ol_HItoGqSBTbPbtID1ouN13kt8lgbFW24zM9nikWzCb0Q5ReLXPzjP4K3Yw0R7cPg5xD41zc4SyoLHKUpuONC6aIuc0ROcSCWznUqgsKRt2TRgEtPQtPQHf-WcqcTyq7xK6XjL_3z7sK2oQlOPZEPq1MiLknH2eautv0jX9INbSR1H8wmuRQqTMGBPl_TbJ69VNNQhdW189jbXy7S8BpNfeiRLh80OuomRLuz-qnWIQ3JBviWXjaOIhfDxMMvcZTvByk9KmT9toHvAtkooDbVxWeROzEAcA09jC3R07O8oCZx3gsPdgafDUBpj9OSG4NF3fR1mEKXPgK7FYHPY8QKcbCQ7PCMfLMFvkBkgIMuI47w7D53dV8TESYAVlKVzYBJ3djsm9Cks2v5-pmmnShAOdGX5UUuQuw97Y&cid=CAASFeRo7Bk-C-LiuKSthJWksR9EKaFJhA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0D1A 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame C6AC 0
150 B 40ms
17ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=69954700014419400710612011795011&a=d6e3987c&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C6AC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 923A 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228
adservice.google.com/ddm/fls/z/ Frame 93B9 42 B
63 B 58ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLO8_fLawfQCFS7UEQgdnNwEtw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=362892476733.6228?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B43 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10854603187357092472/ Frame E4E5 11 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3342
date: Thu, 25 Nov 2021 15:48:11 GMT
expires: Fri, 25 Nov 2022 15:48:11 GMT
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 475794
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D1A 0
24 B 67ms
66ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutjISvGjtot0J9z16ZVHKhdHyUD6IThCjPBmII8pQR2a493Ouu8fn4zqLkQuy2GMYVyRGPlmxUM-31GpzfLl5cG8aYlvdyOYCD8HwvMmenICnxS7AB6tI2-N0PWjEZ8f41hBqyVrH8OKlVooFm5k54Xjdf1zRb3eyBsLkWfFGJBFYaTZL-6LPng1lu5heeTO7D3aXJK9NqN8a9jszDLYzDjSGi7gJ9ODI6kbML7zvrcoHlP8mqu1aKD85fJP0rrtXQ31yaMCmCV3kkHrj-mOI-v5a5VAAauemNaylJgh6mK7AUcHRrqWBKuA0mNtG5ZpO_FGpF4TDmW0msnIiFeQAQFdhx9vNBx-SKXrszqLJQpguGMnrWelFGOIrxs5RBfycJf3tworL4ulh8kBANeVih-eDt3WDsrXks_JoB5-FOQwzVpWwqln3ffISz6ev_LFmrpvVbkCPlnW3pwfnsgQ-39na7XTtgBAShT3l3DdcqQ6fJ-7totfJ7LNPT4_VrHeQj7irXHEvSk3P4VKPaZmNUHTcz5ljycglsFXxDgzioVzck9uBS2F1qoxeHCQ4kzjt6PRdKEHaEwRBIeiZ4pnCDW-gQ9IKEBsLVfsvTQkUqY9Z4dvS0t7E7XyL--ksOS3pQOw97OAcPiUcyCTzteZe9p1lk2K1OlQDGDRRLlnRU-fLoDdTO1oNxAcyCd_E7tC7xSHycGpYKrWbh0giCAlaQzOd9-fEseLTEQ96RWMPbzTdmWfPzhHrvgCt8vKDk4GPGqhzR4t7PVIrO3Cpy25yY4R3C68DW-gxj3XfG2pOjPcguMXNCCNDdeRFy3fzLmPwwwNVoqAkgzl56Axkl7wGp5xGuWfw-XCCrGy0n9UtO10_sMfnEOpRqryhfMEz5lFG8koNdEFNscr--zLHCi2ctAj52oAu1f6DXm-LO8LNKbPbXHwJxUUybllJTRgniBlkqYXpdJUuLErpNlCkUfWY2gyTe7plyY4YAiC7ABQUfO1MVbHp6aUHj9TcO946jswOMgogsqJJqwhFMQaPDb-qFdP5xtfY57533YiDzcOeu9wf8SjkmdoUCAOxNaoBKeVx4yWxgK7fP7M2AqHrmZIX9-DGCFrs__ettbjEWtuoXf_aVrKM6FubPiQDdKVCiXrYnm6kqxhOuDwj3PiAg0QD59RZwoIadlqAZ_hVHaR_dfw&sai=AMfl-YTB3_TWKwBxy55jNEwewW1bda0l8VpqX7hIjobw_Vz9gFT1fN7K8IGBNvZRC-I9s-ohV39waE7VU0eO16ATA4U2Jflnllr81cbGXsl5--By0xHw6kLcnHYGRwAkqHEfQIDHH3Gc47L6oP_wntOUZSgb6qAjbVPRA4f-xnc&sig=Cg0ArKJSzNDjmEX7-ifYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=64&cisv=r20211111.38193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Dec 2021 03:58:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 923A 0
0 31ms
31ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CycRPzfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEhQJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5Qdp_leQAEyk3VAkmquEXU7swziExjrbRhzyaFNa-nkkC64b5vmjgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=wpdNjQ2Nsdg&uach_m=[UACH]&cid=CAQSPgCNIrLMRDrmXatr7idx6rBfYhPe6Lyjf2s-W_l97CxwRKDTmCEz3mrCMeWb8OoflJVf165sXZg7s-iiF7puGAE
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 923A 0
0 61ms
27ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UqD5EMg12AVanYNiAgIAAACyIzQhfQ48brmS844QzPKmYdfYuDnm01g4mIUoABI&wp=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 219828

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 21C8 71 KB
25 KB 96ms
35ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 8e484e106698e6582471fbbcf24086fc4ca1b8b9b8703fd112b952fb9c2c8ce5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

date: Wed, 01 Dec 2021 03:58:04 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LYWO8tx76_0n3y3I4zwsQ4Ak2Fa41ujeuC2TEUrfqEcWdx0gh1mKyzA9PUkAXCkhp9JEuVIKqqCfmFHtcCYyyY7Ystp_7hcDkYkrQKpMPPqkoEOFYGAN3MbDXX8OmS2Qea8jCwUshJT0q4NlbBBZqpucLpTscbXJZp-jdvoEl2IjgZRQ6INjkbYedNOiMuf7MH5tpyBCFn-tds72T0dxvZgoTYhbUCD94XFFkeuNwzicWaiwR7RtfL9knIfr818JCBePGw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 19624325
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 923A 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 923A 119 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 923A 15 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 923A 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcpEW9R5kvGp6xl33DSNeAMLrU9HzJKIAvjqkAKHkrxFncqNNcC1ech8l2kf4f5_RXV3iNf-_G_MNTfD3ueAoxc4HPNw
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 923A 22 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Nov 2022 07:41:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D1A 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
DATA 200
OK truncated
/ Frame 0D1A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd600249286710c8aecbbd2c35d1823f904e2ef632f9b6d9b075df7897a8a322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 65FF 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxTgTzPKmYcT7PJu0-gbTh6-YDQAAAAA4AeAEAg&bg=!bG-lbyvNAAZQLpa_UC47ACkAdvg8Wr1IlaSoDosKPUw4Fn6PxpntixuYSE7o0PsbPALrzwll6I5y0wIAAAD8UgAAABJoAQeZAsjGMi5hhLnziu0Rt0nggolyEWi1kVs4uDIxZSP0d2q393LN2GmDXJ5NwPhgqx6bdNZt9H6XTPAj3bP3sN2rqrF2Zo4Hsb7jjHhbq6yreOwYhxOBfin5tnzndjEiaB3RxlbOQx8TuuKPeNW8y-CAHvzHU2IH78-AK9LAdDXWixkjAnRMh3OX0m6s4AvxoKl-plq-mwJqpczInMgDrKMMRd_ZTAJlFgwQrNAnoVhDFEVePvg8ShO83j_t2msZ8HiljiM9jPJqOsoUoNMU1_0sP30f4MoVqmetrjZq-L-F-0BCrN73Qr_MCMqznT7N67suB5XlsT3rxF55rah559WDT4nFZPSdZp5KWlE8i4qIdBi07oT96zVsHr5MU3Hvn6XNgnRK4ijSa3lC3D50HG4KXolns99CZvg-ZM7RQBmQeDpJKaBE-AXyGpOtywlZJAjGxcHV1Oizr2JSF-WLP2wHnu7A2-nlLdWYVgqlGEE-UuyxOqy0RM-ARfrMc91tX4afAjYDuedypmYaf9asxgTIgAwVDTdEVuj28aUsnogE5KJoZvSHx8SBfXwWd018flHkJrq85TtNnCjs8VdKdtrH5o23Z5vvL8OyRbDx4yIaaJ6DZpJ8FRlr-yIcn3cefh9cj3AFwuC3JyNouoTRZiWzosIKF9zhEn0PPjeq1cB2Ukc3zv2l4VlSotzOgRc0If9JM23eX0zZKeQhPmnu4zLhmySiHRfHuycPmMX904uVomS2rzlaeJv66aUl3q0grNgpQq5-2P9xs9xfL0Y1kdr4QL4pV_lpnGwLMmXUvJL4UCXQl8QIrrB0m7la_5fE7pDCczmbqIgSwgokFVfkk8ovp3VkgzkDYo3yYFi7OzsOZzX6NSia1ew95IM2r46EwxVFzduKZUl4sCCiDZa-zE010RoXNu_zjAtCf3u9KUzRKJ_2_y2MpQVkc0VD

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 9 KB
9 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 11 KB
11 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11369
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 12 KB
12 KB 12ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12212
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 3 KB
3 KB 12ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3177
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 2 KB
2 KB 13ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 3 KB
3 KB 14ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 4 KB
4 KB 13ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 4 KB
4 KB 13ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 475794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:11 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E4E5 113 KB
38 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame E4E5 2 KB
1 KB 10ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 22:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 22:38:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AF6E 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 923A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ededfed626c94c1806869a1fb13df87954cb864b0e0044d8854290a61578287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 21C8 2 KB
1 KB 51ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 21C8 2 KB
1 KB 61ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 21C8 308 B
608 B 50ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 21C8 507 B
807 B 50ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 21C8 43 B
322 B 65ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=O9HtFHT9TgJIEzvct6J8sZFbdhWCOQ6BzQOhOiapkgc1qdi4H-8rlPgfYDrVvmACNXDDq_tm-7dMyLnw8UN-Y-mxxjLsHGcD5ZQXI70UJjxu-9DyJIJh6IPivjJQa5mEZLmbdJdcVcH0ZYeYhcJCUsMs2cy1B9RA0KSwwhOfsHB6fUinkWXqxkelpdYZuLl9a4B6OEJkBIrze4JtZIXCsH5cezmAgNsFCDc0ldOjOYz1u9Nf4xLnco96TFxp-nayBJcpHpxphyt40QAnlu5CYtVG7xsyUmgqxa5Af-2HLSWOTJSknAOoSMK2LZYMNymzH0I58aeoUSS2DC0B8rPP3eOIkbTeQSMurtp359gqDoHfolqZOYfiN9wLW7_cdxosbYqSn7q-VDzd0GxExH3bJp72026JsNnHw2Z_PVnIDBTlhVVviOuKbCumtOVK5x3MM46WUQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
server: Microsoft-IIS/10.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6144
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 80f10287bd43478caf0fdba8954af0fc_9b62e843b342215f0081e3e2202ea486.png
static.criteo.net/design/dt/2000/211115/ Frame 21C8 25 KB
25 KB 43ms
27ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/2000/211115/80f10287bd43478caf0fdba8954af0fc_9b62e843b342215f0081e3e2202ea486.png
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8fcf9ee582654b68a5a992a028794edf054f099e65fbd74ab4a09447354b8c40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Mon, 15 Nov 2021 11:15:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6192416b-64ae"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 25774
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 e758b09479804aef92d6cce14314451a_39f588feaad1eaa395f5822333023e1c.jpg
static.criteo.net/design/dt/2000/211115/ Frame 21C8 20 KB
21 KB 36ms
35ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/2000/211115/e758b09479804aef92d6cce14314451a_39f588feaad1eaa395f5822333023e1c.jpg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5478512dd2764169210c0adfe8a8ba218777ce2cb473b3499e96d931f20039d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Mon, 15 Nov 2021 11:15:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6192416b-51bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20923
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 zepto-studio-1.0.1.js Show response
static.criteo.net/zepto/ Frame 21C8 28 KB
11 KB 45ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/zepto/zepto-studio-1.0.1.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 08:32:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5d5d018f-6f5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D1A 0
23 B 45ms
45ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutjISvGjtot0J9z16ZVHKhdHyUD6IThCjPBmII8pQR2a493Ouu8fn4zqLkQuy2GMYVyRGPlmxUM-31GpzfLl5cG8aYlvdyOYCD8HwvMmenICnxS7AB6tI2-N0PWjEZ8f41hBqyVrH8OKlVooFm5k54Xjdf1zRb3eyBsLkWfFGJBFYaTZL-6LPng1lu5heeTO7D3aXJK9NqN8a9jszDLYzDjSGi7gJ9ODI6kbML7zvrcoHlP8mqu1aKD85fJP0rrtXQ31yaMCmCV3kkHrj-mOI-v5a5VAAauemNaylJgh6mK7AUcHRrqWBKuA0mNtG5ZpO_FGpF4TDmW0msnIiFeQAQFdhx9vNBx-SKXrszqLJQpguGMnrWelFGOIrxs5RBfycJf3tworL4ulh8kBANeVih-eDt3WDsrXks_JoB5-FOQwzVpWwqln3ffISz6ev_LFmrpvVbkCPlnW3pwfnsgQ-39na7XTtgBAShT3l3DdcqQ6fJ-7totfJ7LNPT4_VrHeQj7irXHEvSk3P4VKPaZmNUHTcz5ljycglsFXxDgzioVzck9uBS2F1qoxeHCQ4kzjt6PRdKEHaEwRBIeiZ4pnCDW-gQ9IKEBsLVfsvTQkUqY9Z4dvS0t7E7XyL--ksOS3pQOw97OAcPiUcyCTzteZe9p1lk2K1OlQDGDRRLlnRU-fLoDdTO1oNxAcyCd_E7tC7xSHycGpYKrWbh0giCAlaQzOd9-fEseLTEQ96RWMPbzTdmWfPzhHrvgCt8vKDk4GPGqhzR4t7PVIrO3Cpy25yY4R3C68DW-gxj3XfG2pOjPcguMXNCCNDdeRFy3fzLmPwwwNVoqAkgzl56Axkl7wGp5xGuWfw-XCCrGy0n9UtO10_sMfnEOpRqryhfMEz5lFG8koNdEFNscr--zLHCi2ctAj52oAu1f6DXm-LO8LNKbPbXHwJxUUybllJTRgniBlkqYXpdJUuLErpNlCkUfWY2gyTe7plyY4YAiC7ABQUfO1MVbHp6aUHj9TcO946jswOMgogsqJJqwhFMQaPDb-qFdP5xtfY57533YiDzcOeu9wf8SjkmdoUCAOxNaoBKeVx4yWxgK7fP7M2AqHrmZIX9-DGCFrs__ettbjEWtuoXf_aVrKM6FubPiQDdKVCiXrYnm6kqxhOuDwj3PiAg0QD59RZwoIadlqAZ_hVHaR_dfw&sai=AMfl-YTB3_TWKwBxy55jNEwewW1bda0l8VpqX7hIjobw_Vz9gFT1fN7K8IGBNvZRC-I9s-ohV39waE7VU0eO16ATA4U2Jflnllr81cbGXsl5--By0xHw6kLcnHYGRwAkqHEfQIDHH3Gc47L6oP_wntOUZSgb6qAjbVPRA4f-xnc&sig=Cg0ArKJSzNDjmEX7-ifYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=170&dett=3&cstd=64&cisv=r20211111.38193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 206 31b524164add424f8583fa2cd5ee2ec2_fa1a5c3af44845f1d04dd9fb76c195d0.mp4
static.criteo.net/design/dt/2000/211115/ Frame 21C8 360 KB
361 KB 28ms
28ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/2000/211115/31b524164add424f8583fa2cd5ee2ec2_fa1a5c3af44845f1d04dd9fb76c195d0.mp4?ibv=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: c2c3eab4546e9b089e07465361af34154e294296f1379ed47c34d8d6d5e5e7a0

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Mon, 15 Nov 2021 11:15:55 GMT
server: nginx
access-control-allow-origin: *
cross-origin-embedder-policy: require-corp
etag: "6192416b-5a043"
content-type: video/mp4
Content-Range: bytes 0-368706/368707
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 368707
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF43 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame AF6E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 21C8 0
99 B 52ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=LYWO8tx76_0n3y3I4zwsQ4Ak2Fa41ujeuC2TEUrfqEcWdx0gh1mKyzA9PUkAXCkhp9JEuVIKqqCfmFHtcCYyyY7Ystp_7hcDkYkrQKpMPPqkoEOFYGAN3MbDXX8OmS2Qea8jCwUshJT0q4NlbBBZqpucLpTscbXJZp-jdvoEl2IjgZRQ6INjkbYedNOiMuf7MH5tpyBCFn-tds72T0dxvZgoTYhbUCD94XFFkeuNwzicWaiwR7RtfL9knIfr818JCBePGw&sds=2&rev=79542&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 01 Dec 2021 03:58:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 21C8 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 21C8 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YabyzQAEJEUIu8W0AAjWixLZyAKL1uEoPi8iCw&u=%7CV2Uf%2BZQ8TgWjZvxlfxztb9ef41P968kJBDs4R69xZlA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHoJqKdXQ2AOgTxOpwrfsX_dNdArJPNbEg406rIB2CpXUVzBfAhEKX77FaLlSpu9TLdgi_50LZStoTYfDeezuSYdqp1s8NTEA9I5zZ3_ZUGrVgc1yTJVn3nVe0QCPHC7g25t3JZSsUvyC1lrmQLn4wn9vDmUysImJ24ruEnNz1HzUaP58Q2NnEpCik6gJRdyDznsj7abi980uaRxZps_kHYWimRgZBucKA_C_ZXB5A9UbzgK-Ui930a34RcOeYKlagf80RNzDTkKSgQINhSL2-WR8mEm2_uMo9fRsadgEdivY33Df4CrzZmf4gX0d-dAX_72u6yjnopGvVeWkCeWXzucZxEjr-IUEllcDu4MCkZjkxVX0GjB-BXmFZfgNi989Xk60fNOoQP8r-YbBfXM1QSeEpPK-gO_X_rbBM7Ve98NKY0gsEeqUT785BtG5OVyFWKDRLLBPEKUkOPdFL5QdZ8I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-sszfKmYcXIELSL7_UPi62jmAfJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAdW20uoDyAEJqQI6pZgtIQazPuACAKgDAaoEiAJP0PYQzhcpfH6d4XebhcqOazS1I9pHcCQxTev7EFS1z2WeUMvWskxELXlSBwS2mPmjCWftTsoZeHAwIm049WcZVUpWB3thteFBNZFIKxRL_pJWnXA5vec6BBk0h94HfhtshNgjgLkCHeOOynJAAdN308vnbl_OuCbSW_GhV84ntTEdqxKvTVvG9fcrQTOJcFa2raskOLSZfi9mikQlPyyKU5yLNI5o4ovEmf7LMZkdbA58VVt8339x9dsqaECAQ8ChacWmIxXrDVwmdYPN1nPDv4IHAs4HvVx8EdQOrqP5A9heB2OPjzqIyB2Fetyxq7IkxJc7oK5TM_SnsiQBgGUabix9rdf8GpngBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2w0NpdaaYxcdwOEX3l3prv3T0qyQ%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 14AD 363 B
229 B 19ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhjz56ymATAB&v=APEucNU-l1_ESXwrOjMD6dCzVAGNpFmu3DFTEneWTB6zX2QVYA0TnHM1SYuQvL4RXFQ7ZFb4aimhe54rE3xY2bh8yk6E-Qrjqe7LCigOpy4PbGsmuy5AXi_lLl4nFZuvgAXJxzkDQBAVhHV-T93YL4qtLVAf73ueURHInSBqKBsVbqzVk9eiiLw

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:05 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CF43 72 KB
30 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BioAQrE4nzv1CDjQaQpw5RAnu5lO5fDawlYPRZkE2Uybs4BwKrKC1lg-tjmwPLYYylXpRSIDNe7Efck5oEqFb3X-jmgA-AiE1OL_S-rkn26UcpfuWrrfjAb_pRGakd1U4ifeBQBw_vfA32wV5-R511i9pMOg&dbm_d=AKAmf-AgIfJ8a2HEzKBzRRo7wKEarEXaAmYcNeLnEZwFD02LPp7ofV0TvMudHb_rnJl1N_8NL3EkqoUDYyxTA1R9VmjTLZjz_F9mld-eIYJhYsTWwGN3ENaWjJYZNGs1aM_fuhMmn0Z8FGensfA4u3-JgL4vlZBFOuGi6QC8dy7ja97oR_hNjcMxla-VzNtScYWJs8tbUePXUwMpAE2mo3suiCW117qlj1hFp1bIVcSTxEYtSmEA8rFfe5xmRMz5cYmAaVx9YXIrXVUGz6HLvwr4OHdP9cNwtLO2FoKVLoiKkGFClXxBrfbbpzeeNtp1YbuSlZRweMNPnM-UIBHnU8FqiKPbXtcj5jh26tgWgU7nmjiWyvLI9a2nQyfxmsjsR57ZBU-zOFuuyzvEwoEr5egpSXBcKESyBuu_73AAEQM9N-BOb-jZ7F8Y2h9i9XWz6XunyUV6yS7nscfLC657LKVhTOZXWkv_tKzhlisOO1M_LlTPpF3K1Pi7Svxr97jLbfCAJW4yfT7S9pKV26_-LB_Q2ZDvJByBv9c1EyTJ73gtaopTThfW1IIgnQXJMiBiwVzcBaLBgKl3Sm15GCc1SL1_sevyD7oXen3ai48BsiyWdL99hevE90HG96w13rwwhl2g9nJ6QWWOWgEpR3ouQ54s3Xn1qRnCQ5gfvZ3TEaiBbkjnfsgEUOI4mq4Jwr8GfWRULaFpqK_X2ASxmYHZSdM1K7ePC8Oi0cJPzOhHHKfsM2pqOiBZrf4fBgOlQkoaAsIw3hQE1IIndDOpd1wjft39Ti9429QUUACht_XVBw0hjTnT1jHVTgsmnMCMSNgd97A4WY_lhsCeTiltqVavsTHpF5mXdHU0TBxGQT2lNVPOyAwQlo7bP9CHcEmfFgeLUSWup5sCxs4BnJz9gm-Eafrq1d5f3N5P58NegYscvf6DH87G3q10YJUYGrIyYy6K3k14MvlMrSsPpNDotl4DJzbMVA-Ha91HcqUn6lADkMVf8yKQzDFWrV5DNzQR-5bTFKv5VDBbppsXQg67NigrrCyjAE1k5BWAaGXLjStf3BQGEkbj7SuHtyI6BWTUXQHxpcB4xC5DFh5opPBL_QDzbZFPY8qmtP0F_O1xgrJ67z6eTJ7MWz6G96LP9q7axHNNOyvEbiS7R8efRMs6icrAYEw4h051OUYyG0DVinJij9fd4RcyA58CsY5FEiqnr1UIJUsab1LvbO7VjAJJJcHaNkdADugx6EOakj1BYC6M9v3fN9Yowb3RDPWxUHwhHZlVlEsiOF1lwR9-wtivRlJXdz64_aM7gTOpIqWxaGpgBkEBwNFDlHf1Jfbdq7FPXN8faQqZ3sqBBPGnfAuEcCYrAEw0AQMW0Re_L2BTtK6eFGJdtnhgGGofffcMhOrqGyK5pYij8KCP6nOAEzZSeBoN8lMVOpuTgWF-otmmuTp3C9MqGGhTfZx2IbmUAkVhloRMHz2yYdjN8hNKMTTWOGojtIiJeb0kYrvLQN5U8nfO0XuPSbl6R92vgvOXPo2drYJJyGnrFrBZxqJCJa-1W_q5oDz3tmdCA-uVSt_Nuzb1wsn_8F96l_Hw6TQ298laozerokZzrTly-lh0PmHjm3ASuzgunVHMi2xlSVpJZGVpsKNyy6BuxCZHqihV4SSGcCBV2miRtOMrgLQqubnCW_t3uArNp4ZqrrXyPRPbLrOtFNo2JyPxHsLJRHqckbon6lb1wV3IYWcNkEsoNnAFECTz8UvIedU1UAWH9MJLIhnyY5OMJfiCuRwcnrZkMb7AZcP2rD2YySh6z91go22WFqtEMPWUSDDwx4k6FF0rh12gLes3-DQRuWCqHdb00-sZnwEfS1Y9sKHoVnluyVkDvPWSx4YcbwzMXOgGlbb3gMW0kWitTOBIQgLqhegS3-ia41S187WVx3RHYccVINXrQm7VPxLHPjLzXjF2hxK0Z3Yg9hsqLhuCopsLlj59AykgLLhIPhEI9FN5ZuOsNO1OQ4-xU8hz8vj6r8p5KNlIDg8_KzcneWv9LZfT-y58C6ndK83XgJMc_gMFgpXp2xvDCEqV9ooPSU15NvAVreDmRSUv1sQXjaAXgMHqt3oZfFSSyuKGlLx51pFg1aiSPsUZbInUdZFLUdFh3pemBp-Cw8FQ4Hec4ZDIQBM2aNmr-mIiPnUzh34OhJvL60wQcg6zvxCSIuO1zm8qVZ2PaPCEn739BGlXrU_Io6FAG_nlHeOfv9quGeZ1--T8hwSdMb200YLVncv2QYYPGgp0MRF5qEnrbhOfMWL-ru67TIPR4-vSwZ0PC_wsrjsxjuoUENd8yW2y2JHBfmDp7kdRjGbn9hrZp1liLW1Go6htlUfoG1tShIvBjLRsfpo9DwPzIFjFzZQMBLKIVrzeq0QBJYaIyYct92VeQuFZ6Z7kticpOMFAyGAAgOwVr0yqGXmqeV5g4vmTOwAXzqSG5sMSifuUu-Sh4950vdgeXsCcdDZu4SL0SkGLbE5-4DJ2RwrXQ1uppbfmUURMBJ0O_wVTJ_eVi-2JWcRhhHQTUJ3SpZ44h3oQrNCWz5TDUi3-PaXVJ8fdot3qpAvCYe_6hr7sejp6yO2A5DkbC7Is_PPaC7722jB8HVs-qDmiOs4Ia2acv1pUGfotniC_MKUpwbsexUBtzlhBUaMO9PJA3bSNJr6qV-SUpXsZefbCeMtrsdi2TQObdzYdj71eKZMSfMCPK9LhKVus2p96vxu74gw4L-gOnXUdPHn0YtiVlHwoONy-6efkjdbdwugSLEqWIVHhngcUg-6otGfNL-wNrHZ-L5OfBia5eIeGgOw2VmLyv-O18zUiRhNzY7hnVGe3-5-YrIaGkGXfCn3-ZoRX_uVcOnJXY3A0imXkiDvwXjtY2FAUrF4y4ETqZ_gvlc7FNLlzQe4R8q1qGW8c_L5QdX1nk2xTBfed_DI-KAZMou3sjlanPyN9kRLgRpLvzXIXziJFsULl4kG8lQE_w_0Ek9IbdZtm_tB68kbRJebK6UJ0Hwh_kCicDq_JgSV-fmaivHaGzeP01FdUZ0oQCRh9_83E3Zyp9SS_MhX5gJP1Xc9VaVa_dCBsvXJbL9yeRoSZgf8HRS_h1UcdylinPPG8wQ5M05dTqk1TwMVkFxKSRe76FEYN0ui7IRC9m65JCb2Ql2ojE-l9MA40zIH99HlRzBrBm4n5rMpdApsFfdcZXIX_WsyHblDVl4LmnOjBn9eo5mi0VHJEOEIDERZgbckrVyp1lCRbH_q6Zj7-1Eh9Aa0vF7FW41F2REHZN_N8lk69hyBEmg&cid=CAASFeRounqvmQu3hCPOpBA0DQJV3F2mqQ&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af3cfba90aafbe5de6ae1f7321168f5f1d8f90d44c8e694a4561256d2fca5eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30945
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF43 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlYHbbpDuxsZjp7SeZzjYFEENTypekf0OjguzkV5WphEHZPr4y77wbZVjL6YHAwlixHgOgSvEwkSnfBhKjKQWyBi_LwGCzKi9_wMsTRlYyrsPgkV8

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame CF43 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF43 119 KB
36 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37131
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638290904732407"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame CF43 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 21C8 42 KB
43 KB 65ms
22ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F09fe2803-3d2b-49c9-87db-7c21375c0c52_d5347b4c-1125-45cf-885e-3ec5489d451e.jpg&v=3&w=800&s=nkWlg-wWC5VFb-I8rcVg7eHl
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 399315007643f3f04f2871640688247185f4a2c0e1140701c5620971c79412fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=96281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43286
expires: Thu, 02 Dec 2021 06:42:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 21C8 113 KB
113 KB 75ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F11902498-087a-415a-b545-ef8bedf80df7_fe8b236f-5d6d-49f3-9377-9458831f92f4.jpg&v=3&w=800&s=HqsFCBGbjrOQMXYHlU2Y8Aa7
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: f020eabc282a2620fd5d377557280dc56c2115321d85960d4582d46061d6d1be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141703
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 115622
expires: Tue, 14 Dec 2021 09:06:29 GMT

GET
H2 200 14199aa8ee6d444982429cecc8f53e23_d72d587af0bf9e34477be0089a1c876a.woff
static.criteo.net/design/dt/2000/211115/ Frame 21C8 119 KB
56 KB 46ms
15ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/2000/211115/14199aa8ee6d444982429cecc8f53e23_d72d587af0bf9e34477be0089a1c876a.woff
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13152042c082d4bc64251f28f7eb1cc3b7a296492bcd9e7505764befe8cf50c4

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:15:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6192416b-1dc78"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H2 200 38f46639ec1340a18897a22a8b29dd92_6b9746dd2c58a515b016ba3c909e01f6.woff
static.criteo.net/design/dt/2000/211115/ Frame 21C8 121 KB
58 KB 55ms
24ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/2000/211115/38f46639ec1340a18897a22a8b29dd92_6b9746dd2c58a515b016ba3c909e01f6.woff
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 641b419b9bc6758430c18af52a1d4af274a7f2122ea3853fd97953a413f32c0a

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:15:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6192416b-1e5ac"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 03:58:05 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame CF43 106 KB
37 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:51:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame CF43 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BioAQrE4nzv1CDjQaQpw5RAnu5lO5fDawlYPRZkE2Uybs4BwKrKC1lg-tjmwPLYYylXpRSIDNe7Efck5oEqFb3X-jmgA-AiE1OL_S-rkn26UcpfuWrrfjAb_pRGakd1U4ifeBQBw_vfA32wV5-R511i9pMOg&dbm_d=AKAmf-AgIfJ8a2HEzKBzRRo7wKEarEXaAmYcNeLnEZwFD02LPp7ofV0TvMudHb_rnJl1N_8NL3EkqoUDYyxTA1R9VmjTLZjz_F9mld-eIYJhYsTWwGN3ENaWjJYZNGs1aM_fuhMmn0Z8FGensfA4u3-JgL4vlZBFOuGi6QC8dy7ja97oR_hNjcMxla-VzNtScYWJs8tbUePXUwMpAE2mo3suiCW117qlj1hFp1bIVcSTxEYtSmEA8rFfe5xmRMz5cYmAaVx9YXIrXVUGz6HLvwr4OHdP9cNwtLO2FoKVLoiKkGFClXxBrfbbpzeeNtp1YbuSlZRweMNPnM-UIBHnU8FqiKPbXtcj5jh26tgWgU7nmjiWyvLI9a2nQyfxmsjsR57ZBU-zOFuuyzvEwoEr5egpSXBcKESyBuu_73AAEQM9N-BOb-jZ7F8Y2h9i9XWz6XunyUV6yS7nscfLC657LKVhTOZXWkv_tKzhlisOO1M_LlTPpF3K1Pi7Svxr97jLbfCAJW4yfT7S9pKV26_-LB_Q2ZDvJByBv9c1EyTJ73gtaopTThfW1IIgnQXJMiBiwVzcBaLBgKl3Sm15GCc1SL1_sevyD7oXen3ai48BsiyWdL99hevE90HG96w13rwwhl2g9nJ6QWWOWgEpR3ouQ54s3Xn1qRnCQ5gfvZ3TEaiBbkjnfsgEUOI4mq4Jwr8GfWRULaFpqK_X2ASxmYHZSdM1K7ePC8Oi0cJPzOhHHKfsM2pqOiBZrf4fBgOlQkoaAsIw3hQE1IIndDOpd1wjft39Ti9429QUUACht_XVBw0hjTnT1jHVTgsmnMCMSNgd97A4WY_lhsCeTiltqVavsTHpF5mXdHU0TBxGQT2lNVPOyAwQlo7bP9CHcEmfFgeLUSWup5sCxs4BnJz9gm-Eafrq1d5f3N5P58NegYscvf6DH87G3q10YJUYGrIyYy6K3k14MvlMrSsPpNDotl4DJzbMVA-Ha91HcqUn6lADkMVf8yKQzDFWrV5DNzQR-5bTFKv5VDBbppsXQg67NigrrCyjAE1k5BWAaGXLjStf3BQGEkbj7SuHtyI6BWTUXQHxpcB4xC5DFh5opPBL_QDzbZFPY8qmtP0F_O1xgrJ67z6eTJ7MWz6G96LP9q7axHNNOyvEbiS7R8efRMs6icrAYEw4h051OUYyG0DVinJij9fd4RcyA58CsY5FEiqnr1UIJUsab1LvbO7VjAJJJcHaNkdADugx6EOakj1BYC6M9v3fN9Yowb3RDPWxUHwhHZlVlEsiOF1lwR9-wtivRlJXdz64_aM7gTOpIqWxaGpgBkEBwNFDlHf1Jfbdq7FPXN8faQqZ3sqBBPGnfAuEcCYrAEw0AQMW0Re_L2BTtK6eFGJdtnhgGGofffcMhOrqGyK5pYij8KCP6nOAEzZSeBoN8lMVOpuTgWF-otmmuTp3C9MqGGhTfZx2IbmUAkVhloRMHz2yYdjN8hNKMTTWOGojtIiJeb0kYrvLQN5U8nfO0XuPSbl6R92vgvOXPo2drYJJyGnrFrBZxqJCJa-1W_q5oDz3tmdCA-uVSt_Nuzb1wsn_8F96l_Hw6TQ298laozerokZzrTly-lh0PmHjm3ASuzgunVHMi2xlSVpJZGVpsKNyy6BuxCZHqihV4SSGcCBV2miRtOMrgLQqubnCW_t3uArNp4ZqrrXyPRPbLrOtFNo2JyPxHsLJRHqckbon6lb1wV3IYWcNkEsoNnAFECTz8UvIedU1UAWH9MJLIhnyY5OMJfiCuRwcnrZkMb7AZcP2rD2YySh6z91go22WFqtEMPWUSDDwx4k6FF0rh12gLes3-DQRuWCqHdb00-sZnwEfS1Y9sKHoVnluyVkDvPWSx4YcbwzMXOgGlbb3gMW0kWitTOBIQgLqhegS3-ia41S187WVx3RHYccVINXrQm7VPxLHPjLzXjF2hxK0Z3Yg9hsqLhuCopsLlj59AykgLLhIPhEI9FN5ZuOsNO1OQ4-xU8hz8vj6r8p5KNlIDg8_KzcneWv9LZfT-y58C6ndK83XgJMc_gMFgpXp2xvDCEqV9ooPSU15NvAVreDmRSUv1sQXjaAXgMHqt3oZfFSSyuKGlLx51pFg1aiSPsUZbInUdZFLUdFh3pemBp-Cw8FQ4Hec4ZDIQBM2aNmr-mIiPnUzh34OhJvL60wQcg6zvxCSIuO1zm8qVZ2PaPCEn739BGlXrU_Io6FAG_nlHeOfv9quGeZ1--T8hwSdMb200YLVncv2QYYPGgp0MRF5qEnrbhOfMWL-ru67TIPR4-vSwZ0PC_wsrjsxjuoUENd8yW2y2JHBfmDp7kdRjGbn9hrZp1liLW1Go6htlUfoG1tShIvBjLRsfpo9DwPzIFjFzZQMBLKIVrzeq0QBJYaIyYct92VeQuFZ6Z7kticpOMFAyGAAgOwVr0yqGXmqeV5g4vmTOwAXzqSG5sMSifuUu-Sh4950vdgeXsCcdDZu4SL0SkGLbE5-4DJ2RwrXQ1uppbfmUURMBJ0O_wVTJ_eVi-2JWcRhhHQTUJ3SpZ44h3oQrNCWz5TDUi3-PaXVJ8fdot3qpAvCYe_6hr7sejp6yO2A5DkbC7Is_PPaC7722jB8HVs-qDmiOs4Ia2acv1pUGfotniC_MKUpwbsexUBtzlhBUaMO9PJA3bSNJr6qV-SUpXsZefbCeMtrsdi2TQObdzYdj71eKZMSfMCPK9LhKVus2p96vxu74gw4L-gOnXUdPHn0YtiVlHwoONy-6efkjdbdwugSLEqWIVHhngcUg-6otGfNL-wNrHZ-L5OfBia5eIeGgOw2VmLyv-O18zUiRhNzY7hnVGe3-5-YrIaGkGXfCn3-ZoRX_uVcOnJXY3A0imXkiDvwXjtY2FAUrF4y4ETqZ_gvlc7FNLlzQe4R8q1qGW8c_L5QdX1nk2xTBfed_DI-KAZMou3sjlanPyN9kRLgRpLvzXIXziJFsULl4kG8lQE_w_0Ek9IbdZtm_tB68kbRJebK6UJ0Hwh_kCicDq_JgSV-fmaivHaGzeP01FdUZ0oQCRh9_83E3Zyp9SS_MhX5gJP1Xc9VaVa_dCBsvXJbL9yeRoSZgf8HRS_h1UcdylinPPG8wQ5M05dTqk1TwMVkFxKSRe76FEYN0ui7IRC9m65JCb2Ql2ojE-l9MA40zIH99HlRzBrBm4n5rMpdApsFfdcZXIX_WsyHblDVl4LmnOjBn9eo5mi0VHJEOEIDERZgbckrVyp1lCRbH_q6Zj7-1Eh9Aa0vF7FW41F2REHZN_N8lk69hyBEmg&cid=CAASFeRounqvmQu3hCPOpBA0DQJV3F2mqQ&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame CF43 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame 14AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8

0
613 B

13ms
13ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhjz56ymATAB&v=APEucNU-l1_ESXwrOjMD6dCzVAGNpFmu3DFTEneWTB6zX2QVYA0TnHM1SYuQvL4RXFQ7ZFb4aimhe54rE3xY2bh8yk6E-Qrjqe7LCigOpy4PbGsmuy5AXi_lLl4nFZuvgAXJxzkDQBAVhHV-T93YL4qtLVAf73ueURHInSBqKBsVbqzVk9eiiLw

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEA2RNX4Q1DbeGk9BdCSJIY4&_origin=1&google_cver=1&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8
date: Wed, 01 Dec 2021 03:58:05 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14AD
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPe3882f7d-525a-11ec-8bab-06fe92171bd8
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlMzg4MmY3ZC01MjVhLTExZWMtOGJhYi0wNmZlOTIxNzFiZDg%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlMzg4MmY3ZC01MjVhLTExZWMtOGJhYi0wNmZlOTIxNzFiZDg%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBlMzg4MmY3ZC01MjVhLTExZWMtOGJhYi0wNmZlOTIxNzFiZDg%3D
date: Wed, 01 Dec 2021 03:58:06 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14AD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kMGwzbW1sRTJ1RXdBd2U1emhVVFM1b3pOS2VDLkZmaH5B

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kMGwzbW1sRTJ1RXdBd2U1emhVVFM1b3pOS2VDLkZmaH5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kMGwzbW1sRTJ1RXdBd2U1emhVVFM1b3pOS2VDLkZmaH5B
date: Wed, 01 Dec 2021 03:58:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 101ms
26ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=244322194&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911212089128825%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000234
X-SpotX-Timing-SpotMarket: 0.006192
X-SpotX-Timing-Page-Mux: 0.000252
X-SpotX-Timing-Page-Require: 0.000368
X-fe: 028
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 77
X-SpotX-Timing-Page: 0.010635
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000311
Last-Modified: Wed, 01 Dec 2021 03:58:06 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.006192
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003244
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 99ms
25ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=605739207&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20156610301279179917033591121%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000235
X-SpotX-Timing-SpotMarket: 0.005579
X-SpotX-Timing-Page-Mux: 0.000199
X-SpotX-Timing-Page-Require: 0.000315
X-fe: 136
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000021
Content-Length: 77
X-SpotX-Timing-Page: 0.009970
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000272
Last-Modified: Wed, 01 Dec 2021 03:58:06 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005579
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003340
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 103ms
30ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=163745749&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211566976198%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000312
X-SpotX-Timing-SpotMarket: 0.009324
X-SpotX-Timing-Page-Mux: 0.000204
X-SpotX-Timing-Page-Require: 0.000292
X-fe: 058
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.014087
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000261
Last-Modified: Wed, 01 Dec 2021 03:58:06 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009324
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003658
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
554 B 454ms
406ms XHR
text/xml 18.194.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=262060469&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.154.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-154-127.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
554 B 458ms
411ms XHR
text/xml 18.194.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=738368897&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.154.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-154-127.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 998 B
877 B 51ms
9ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 85321f61748bf075a29764c0ab70072d2f86f18636225e6909f252fb5b1e8fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 613
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 997 B
875 B 51ms
10ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: add66370d247957fa5d25381285685b12e998f05c5cfc32ac5377dcc08f663df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 612
expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 16ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1279179917033591121634953366%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 915d01c9b364a22bef6b472a639cd4613b6207f846a9570c5aaa71b8570a1e4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1638331085204083-516
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 27ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C14307433111279179917033591121,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 38bfabb47e430c0854077c9ddbf0d875785339b37d1b0c666383ef932ff46a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1638331086074000-512
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 28ms
14ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12327045911279179917033591121,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c844108b1cc91df3645ab0943f9d2a83714328931753786f2416ba3b84686085

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1638331085374057-602
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 37ms
24ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1279179917033591121499976313%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2c278dd7b444df867e6e53829d3b394380ecc5e555f8a292cecf111153c39e93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1638331085705028-501
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 27ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C15057349301279179917033591121,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5fa18eb01e1ff1a76a7b800524848871bc676549929d684e4881ac86c0767805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1638331085406065-520
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
554 B 452ms
408ms XHR
text/xml 18.194.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=702375467&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.154.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-154-127.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B43 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By69qzfKmYdvlCbvb7_UPycKu0AUAAAAAOAHgBAI&bg=!0dKl0pbNAAZQLpa_UC47ACkAdvg8WnRMiQJ8uPARXJZ0w667NBZjDfXSbdh_LEBQ2CcNi16FippwoQIAAADfUgAAADZoAQeZAsp9XXV2Dkulm_tZ9uoi0sjkMLOBbLvfJGmdDmm7IlAbbcpxv5seVx4271VPvWaVabh59AjW1zhUral1n4BRwKnBw-4O6XHxwktsUrBflOLxB-_ZSONoMf2ez4buTA2Jw8IM7nzXRJnaZQADBJOD9gZFPU7F-HQTJSfSVunMvRDGu3QeC5H5Q4d8U0Epx92bUat4yjdcyvL7p83YQ4DPX_u9dt3l84cWMuhgUh-2fDITBGVrq7_TnmHASDLhx9MX7HZpYAXVDITq1mCYlkbLTR1sCi-14aIUllEqF6_1H9-WI3nKvRIRNygNJZlkDIei1OhsBTq7kM78lRTP57wrwIHYP1P1dUz8xyuZ62Kz9AWCO2cjKk8T21iBs1jY4Ov9TZpqQvVDq_aSUm9o-82-2ZAPZz_Fhm2GFk-zu05zrtHAfu5QyOudbjWAL4mP0Gv2AlLsuzZc10As696SEtplRSM4Pb-fkoeHIrN7lw1-kpL7EF1m2shrWNO81MJj0O3gu3PpGcmS-Mmg7MyO7P_CZBGdLQoEaV_yKdX6MylvuvKUNmgz-5Gt7btfdH78dzaXFxUSz0WE38m6iAK2xnKo_2tT-bShbdQrzXYlnZR489WGZPXJdkmcNQgSC0q5r9SvV24WcCgVmwxA-vWWCvhp1bkTj87N4GoHi7GFdX4P4TXwxIFh7CiVnvG3ZnXRfQlVLPWm7-rqBnT1uM6g04hzUfWaRsKluWnnCE8qSpNhpc4rgVDsIe7Qkq0uCjtDJqM4i0TdO21l1L9XhGKPffySh7TTKrLyF-f3FhFSZX3CUkbwrlx0PytcljuRxMjb3xTPobkonzKyqU4DQrM5HkFbjpjYXp1R2PB-tTLtwP_5HMPog4imJ_hqpd2UaMFSGXSlhIAb9x_7Kw1jDYrr0eiz9HXpkiof3FWFSwOfdRZiXIy-bQoLVdMH6dtu6OY

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 125 KB
24 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10326444/1619528968743/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3755840c8f8ed7bd9349e14381e25df71e23415d4aabf8840c595e31e6170f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 24850
date: Tue, 30 Nov 2021 14:21:43 GMT
expires: Wed, 01 Dec 2021 14:21:43 GMT
last-modified: Tue, 27 Apr 2021 13:09:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 48982
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF43 0
24 B 52ms
52ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmPNS-zQch5d6kjObe7hVkQtPYg4-ClCm7vCF-9buxDXF5lfUY10OzNjU0hH7yjMjaC3F7Xkk3ioHdnVhxoNCQ4r-QWR-J7iXjsy80TaBFxURz1eS-LlMBV1OKWGp7ZmrG9Yg8NFvllsJ7sYeQRn8ia_kCR9eJMJHZYPyIcxjwOjb8VyA26Xrft5dCxK6WdWzVT62tlpSn7gHgSO6ot0OlkOYBqKA-Jgt35Q8Ta87ZEDraQ2TgHkNwezse3XfAjcPxsSvHnK2u8MjSbVK9bQ8fGWPC5huU30KVJx0fjb8JGf7FX5OvXAiSbL9sgxlwbgmiAqRdOnpmdP5v8WliLzQOU67Vq9W_F6DnCTfQ8fTLK45WgGd1PULlTv3J1w406hDsWfGAa1wTLgHLwIYBOPHySDYS1XutK5kRFS6NsVGp0EPfayQXFhA82Y39PaHQ6-ylDyGcK6oYQwBc422SE6dMqMqNRU2U1C9wqc0Ng7CvN9rULNjgXdaPv7g2XjGUiMYtEIptyBYUC4Wu2jVWAb46F8Yf6ZJKcrzTP_I205DufehidjwsCkByjIjcTSvjxgLpUT3xxEaVwG2kq-PD2nznnozEwunLIYFqH8jN4Ygbckqt_As4-IOrBvW7fQ-DVSRgekZ7O3Ax6ROfufQN7grW5qs8vNBAR497SwJDA_IiGaO-eyta87cciv8SAnCI28zuCRPPoA6gy3gbJjPZJ12sBvd-Xhhu6hr4i9zHdOHUuaFzNzLMsIafKCeT8ZtkMmz7OohyUS-Fa18vQ5jO3T6hwx6zutMjHog9nGN9uyORw7r9YHoLBJXz4Ut70qTpEl215iWBDowkDSAWcRVwanucgCnYgu-t4j7yB3CWrFXF8Mq2F0aoJ8OvqhLxrO_drnEuwzZzcYSofNRawYbHWzaJ2ACTPTrllwstE26r_45cIjzM1B0_9TPtTgIopJh7sK3r-CPHGK0GHBHx1o62u8t8vj52DVD9wJVuQiKkllNtWu8PY2r9ZZzMjwf46tICjV_oNZzqMJrsMLyth47fYPDpIcMNZIV9YrmQK8Nyte9_KGLeNOS-ySQ4G9fE2QQNecqeZ2LSAPZjxbCpwMdUyJFClBFbnk4uDbuyubnZuadzi-jn_Or-y80v13pmqiBMXGvydR4ud6-HfO2M_EUyRuPDSbwsMwWyfxrDwrrZ02f1WgrzR0JKdv7u5bJz6TvnQhzfyGQxwN05&sai=AMfl-YSMI03rFaWu-Lg-pDxvNumDtuPDP0YuTpk1RIg3RFlI2m6fQpkocyj7pSKcbvIYAcU2CeBVmyaxRcFOgohsOgUGnfTZDr8HcYnq8BdpipcbmxFPSDLZJrqapt0WkyzCP7fovhTUhJqZloG3u0Rua8rwgzytuuvPleb3zbw&sig=Cg0ArKJSzL7c4t-s6xq9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=44&cisv=r20211111.17422&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Dec 2021 03:58:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame CF43
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dcaid=0521-ms-jumpstart&atb_dpuid=adlicious
https://d.adtriba.com/px.gif

42 B
227 B

8ms
7ms

Image
image/gif

52.58.32.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.58.32.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-32-98.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 01 Dec 2021 03:58:05 GMT
Last-Modified: Wed, 01 Dec 2021 03:58:05 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EA1 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF43 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
DATA 200
OK truncated
/ Frame CF43 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01df389d0d31829ffbf55b7b9b261bea835cdddb4da2824137e05c2e5593228f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame C3A0 28 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10326444/1619528968743/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 12:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 12:23:01 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F4B 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4305 624 B
297 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhjtvYScATAB&v=APEucNWtTL_M0FAlmlCXsWyK3_zvfBPnDtK5xf7hpL2DEXpi7vjxCcHA6FEkbwuaniaYmnmj5FONZzrcdTZ2oSv66BD_dtzzws0oyb27kc2RPhjiOUmiSXsf4WyBLwt5LFRe1lwrYf0J83G9i9abDbeLnh4QALDlH3JVSiMezqQkhuLdOinHBpo

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:06 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9EA1 28 KB
16 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGxXCN31ZNq4Hfg4ORVe3IEDmEsoypxEwYRmf1ogp0nufo2XWgAVSzW1_EiEUCVPBu2P7hSKConqAbfP6fvrm4G_kUNEHi621_zZz7rosmm1sgtxksK8XvEOzkRnpsFFVSlMIWAzRPjbjLZNtQCiTi1IAH8Q&dbm_d=AKAmf-CZsrmiAKlYB1EzqsZbE0-cQX-ulgcCcdZPKm5FYLfLa1vWePdd_txnOMjKDlqPi8DCqWLCgvlgiVQ1KZ4XpRNZ8oY_sQyRzDr5NAw4YubIA-0A4yO9o0f2MdtPhOFWrrXnxqlPIBuE3ias8NSgEVhoa04cKh8tWpGpMKfv8avuwwraVoAMIyrdsCbRF9OuyrztiPO3lx5BGbbhuanMf2DDGiqSdRUrfKHLCFvVVFVpWoRqwwDiduajjHV6BJTXIP198Gy2zYsQUY73SXCnQxzfJ6c6BCagIYMoc04VLGuyKq3hJZBpNchRVZiRAuw4hdba_Vlqyv4dbc4qqiUfhN1tJVVkDck5JB8fdvaSFFPc3kuEEWEsnDWpPRqXWJm00fz-zBVQAkQVVAAZE_cIG7HKTndfIdOAqRA5FpiJUWdQzZAjqUWZA0mk9c_SDSFD6l_GFanRpF9KtBpk2jQz1I5oBHyb7qNM3iGmG1_-QotPSGgvkV_VBiozD7dWZDfbTWxA65b7AkUE6BgtB1AfIClVBa_HP8Wrc50iWo1H_7YqTJgTTP9pQFIeoI147D1ePgF0ZPRtE8131CoZ-tM6MuCk8nVmYabkX4GRv9-ur5Gmu34S5B25Ce0jTyNcVh2UCxQiMUXQYnPAhkatptmtLoDl60wSnFAfHInSuX58xeVg4abkDpjE3UoBqlhtzvMOB4ZjErfP7ouhK36JFTsCZllSqLJlhCSmjHnpLEXLEetXjYupZ3pqU4z_z1pLLmN1vr5wO2jrQefzifSB59RubOB-cNTJ6T7UNU8USrxKldvwP0t9iNLEZfNjzz2LGWIsWlvsUKJiWIvCtg3dVtI9CT2ESsBz2MIBADlRaKxAcnx8spSCQRgYCskmlCNR_Cwl0uqcsWcDH1ub8zFT1Phs1VVclypUG-vVyYbRQt-fMJTN1PtZOo0m4hOI1kqNabiFtfQoGMU8NnX4n7GYB1z2U3Dx1nBcnlQ00yY6caC2qWmgTE2q4DAw70Fr7Cc04oU7CsGmXTegJ3IbQmveJOQhXq78q24l4BkzmCZQ5EAjf1ZlDwYvzhYSefEjkNdwwbgvLiAKS3pWL6acc_AZmU2T-foNQHjEAGqmFgrZux7DbrDJuua6OPsTdehayVq1jcCeYopxNvWNlaV8RGijGEBhGogbWIaSg--N-n7pEMVMIKmCdzpRhOA-QvDMUEJZYsACThPn3y11EjWML1axYH3T8EFncwSI_LWLdKo25qWFltdx-DWuKV3BMtEyMEGQPBmsQN2FYVru5l7UFVz3APCv9EG_pVJqOpNZRV7L4rlfOqS-O8IuNCT86j3kr1I4gPxgZkiZ2kXF1puC_pjOodVMssicMP0vgnLMdhIFffj9q8SawT2_2LUFqdGodGDrQMZy_16F2iY8UWKFTOLg4w5orHEtVtg_wEZeZMtNz-BUZgyXmyCMYfLBHVWiv56-wRUXEfwYNkkfmA_eZUV-UwStc8YUPVBnGt7afcEJcQ1JmSCkPkgqQSojGfpd_Y_6xf7fBHj8CBQrEHDNRYSDIJNhKKBp2z6ILfjxrviKgEsGNVFC_VuvHD76gDwGL9MaicB0mTUcimqcQM-On4uLdDqeI3C6yGxRw4ya2HNlZlkTD665sNY1F1wjJKFs5QxV4WrlGI0GxrY69D8tDAEV4TbEGhvJYlsanVn8fpi8ngN9PvhAr31t8pb2jvs5MkqLunhRymW4mhQsDAKK1Zj9ZzoiF5ZWp0CX3YA4ktxaPae0rrELtWd-zsPBpEZq0BetjTV_tU1FVgWo1DdS2KmnF1qu7adhmxL_j94S1GEfOsccdYT-ELeqcR4MvYSyogOUbDBG8UiLuWLuPdmkIHBtFpkZX3uohZCUsxXrDDC9TZNNHxYjL7shKQx52SDbxuIE5S6qTcUgsyweqelHyTYOhH50fumR4yyeElp4mLtzWsLKO1m4v2LVtwiUJmqcHW43mpaaTztPjijvMPK0M0NOV5iAzA_SmbYcqO8W4CQt8a-iHWOzzDZvDRz3A_MPa_2eAKOOChUmSB6p2uOTbRvjTbgFEtHUguXQIy54zoD3AXNe_ubDgDKgOflhMsra3Vi-TpLSTaNnaDSaPPXjoIoxjl0WqxwvJtvR3oC--e3EPMdnvSY4VYRePkSiF0OTzHyH8M-BZE-GAJH5zV1KJPlyZ85SnzcceUAAYASmajv4WtHET69qFArJIUUKUdKiJjtdPQItZ3lIuj70ZsCXb6lmTsU2XDBTMoOsfLzx4TOj9AluIf6xDVnFMd149XeLC2P6MAw9jgvNsjq5rkTKICQSHckQzsMVK-RhjBKspf0n2Uu-g-oE-lgpueVTawzoDh22DBKoBVnYyKMI15ShlNxgAM2n8sLeOn5VJSPtRe1tHZJBKwnB-mb1sYr2mk7bC1ZC8_9DOxvq6C9AbB1iq_1vHMnfMOsyt9HH7egNWqL3FGKg44FIGotqJ42udxZfbjjToUDV7-PFGECiCBhrfknKpq35w2tnu7z58MVioni0HMP9JOXOG4TgQR0Z5JZR5x2EYdN82fg5lNc18mxlHAL52tslQvLapB8O_1K3T6SG4bBwWTT716TmZgGLv1nFb3Fen46jLZjBchqybFy8PnjBjdYHzNUHHNrIZcxqEA2JhVlO6FcbAjjsqgKPsTDxdUANJx8g7b2ddrrgmGDVssomXKEIhr7ImzioGJn_ZHezIGiyYjKDb41BsLw1NTpNUhcuO7H_MFMOwF5dDkb9wg_qdZjSZw9j7G3nMwb_G2KPVpSch6Re-qr4IJ26kPIrxst5G2kt5TeZ0Z_rkI2X9ONW9alwObmSw-WFRJ5V5bFcsv0GrKencpR_m86tX-4zWb-qnu-Y4tbc8xSXnlCUWSN11IfNUh5oGRHFOV9IIC7VbGSn9vwR7FdO1oyF8m7wfS4_eC_E4gDPIFWOXeIve8DtLySmp9nN1iBrvtAc7poBNwkk3Yqt7jyUvjExRcp29RZhoiB5iUrNw6G7wyNSyC61ZhgNWCkcfzSceq48sh5HUwtEQcwjDfotPGG4nLr_A628K-bdQylCRBdf5qr41zeMBRJbWDPjdOyhywo3IfY5p4jGUD19m1z8WCh3cIfjapGr7y3aqE_xzYcAV55_7sGeVCaSQRM6cnAEe0RNUmdhkqckOWST6p6eyd4&cid=CAASEuRoAFfpRtqfLD3P8Jlhj9wicA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68a06cc5579ffd368f1ca5f2a1d3091fd837444dd7b3178045b34b9548f4a346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EA1 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3R4KTHPqkH6hZOfJ5fmUYyDD6_q3JVz5cGIKYuII9BpjPJGcEY-i3OBvPPNRSdC5PwCAlys6PcnNIn45W18ugIkxhBAFFZEBVSpb0rk8w6pZfoco

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 9EA1 2 KB
1 KB 64ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iZuGyfwQSJ3A9whXNivynd&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42847368&DVP_DBM_4=327229165&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=850394821177&turl=https://www.diarioceleste.com.br/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:12 GMT
Server: Microsoft-IIS/10.0
ETag: "e066f48b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1168

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9EA1 8 KB
4 KB 64ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iZuGyfwQSJ3A9whXNivynd&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42847368&DVP_DBM_4=327229165&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=850394821177&turl=https://www.diarioceleste.com.br/&DVP_PP_BUNDLE_ID=
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0424488f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9EA1 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EA1 119 KB
36 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9EA1 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF43 0
23 B 44ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmPNS-zQch5d6kjObe7hVkQtPYg4-ClCm7vCF-9buxDXF5lfUY10OzNjU0hH7yjMjaC3F7Xkk3ioHdnVhxoNCQ4r-QWR-J7iXjsy80TaBFxURz1eS-LlMBV1OKWGp7ZmrG9Yg8NFvllsJ7sYeQRn8ia_kCR9eJMJHZYPyIcxjwOjb8VyA26Xrft5dCxK6WdWzVT62tlpSn7gHgSO6ot0OlkOYBqKA-Jgt35Q8Ta87ZEDraQ2TgHkNwezse3XfAjcPxsSvHnK2u8MjSbVK9bQ8fGWPC5huU30KVJx0fjb8JGf7FX5OvXAiSbL9sgxlwbgmiAqRdOnpmdP5v8WliLzQOU67Vq9W_F6DnCTfQ8fTLK45WgGd1PULlTv3J1w406hDsWfGAa1wTLgHLwIYBOPHySDYS1XutK5kRFS6NsVGp0EPfayQXFhA82Y39PaHQ6-ylDyGcK6oYQwBc422SE6dMqMqNRU2U1C9wqc0Ng7CvN9rULNjgXdaPv7g2XjGUiMYtEIptyBYUC4Wu2jVWAb46F8Yf6ZJKcrzTP_I205DufehidjwsCkByjIjcTSvjxgLpUT3xxEaVwG2kq-PD2nznnozEwunLIYFqH8jN4Ygbckqt_As4-IOrBvW7fQ-DVSRgekZ7O3Ax6ROfufQN7grW5qs8vNBAR497SwJDA_IiGaO-eyta87cciv8SAnCI28zuCRPPoA6gy3gbJjPZJ12sBvd-Xhhu6hr4i9zHdOHUuaFzNzLMsIafKCeT8ZtkMmz7OohyUS-Fa18vQ5jO3T6hwx6zutMjHog9nGN9uyORw7r9YHoLBJXz4Ut70qTpEl215iWBDowkDSAWcRVwanucgCnYgu-t4j7yB3CWrFXF8Mq2F0aoJ8OvqhLxrO_drnEuwzZzcYSofNRawYbHWzaJ2ACTPTrllwstE26r_45cIjzM1B0_9TPtTgIopJh7sK3r-CPHGK0GHBHx1o62u8t8vj52DVD9wJVuQiKkllNtWu8PY2r9ZZzMjwf46tICjV_oNZzqMJrsMLyth47fYPDpIcMNZIV9YrmQK8Nyte9_KGLeNOS-ySQ4G9fE2QQNecqeZ2LSAPZjxbCpwMdUyJFClBFbnk4uDbuyubnZuadzi-jn_Or-y80v13pmqiBMXGvydR4ud6-HfO2M_EUyRuPDSbwsMwWyfxrDwrrZ02f1WgrzR0JKdv7u5bJz6TvnQhzfyGQxwN05&sai=AMfl-YSMI03rFaWu-Lg-pDxvNumDtuPDP0YuTpk1RIg3RFlI2m6fQpkocyj7pSKcbvIYAcU2CeBVmyaxRcFOgohsOgUGnfTZDr8HcYnq8BdpipcbmxFPSDLZJrqapt0WkyzCP7fovhTUhJqZloG3u0Rua8rwgzytuuvPleb3zbw&sig=Cg0ArKJSzL7c4t-s6xq9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&vt=11&dtpt=173&dett=3&cstd=44&cisv=r20211111.17422&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 nunito-v8-latin-700.woff2
www.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 18 KB
19 KB 471ms
471ms Font
font/woff2 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=1638303594

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=1638303594
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
content-type: font/woff2
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18912
last-modified: Wed, 24 Nov 2021 12:09:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFchMm1fY6qKpOsfHooWcBIvTl7GnCRxASzceIiwcEBgPWfZsfB4a6L8tfB5s%2FxKK8itpYnnUwUz%2B9isVy0P6w2MioChTkVbhCQBWLHkhsquRbZkQgYQImEE9ucp3gX1mmc%2BOLfJFYT19m7JsWYt3RCwQimdieM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 2829378
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 6b6965289857d711-FRA

GET
H3 200 nunito-v8-latin-regular.woff2
www.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 18 KB
19 KB 465ms
465ms Font
font/woff2 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=1638303594

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diarioceleste.com.br/wp-content/cache/min/1/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=1638303594
Origin: https://www.diarioceleste.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
content-type: font/woff2
strict-transport-security: max-age=3153000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18796
last-modified: Wed, 24 Nov 2021 12:09:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWsKfnsMLBT1USWXjJ3KAXTY%2BfGM%2BXW3LjJQR3D0IJFBBQVzLECt7nG%2BKkUiYIMNcXl2iBdm26EY7aDWAArvvmPizWgpBHBPYed7J6mV7vM9QsGUXg6icUck1Id2%2Fsx%2F8o%2Flyl37ONY1cKle%2FWojqQ2kjcPAO48%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 5456440
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 6b6965289858d711-FRA

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 9EA1 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGxXCN31ZNq4Hfg4ORVe3IEDmEsoypxEwYRmf1ogp0nufo2XWgAVSzW1_EiEUCVPBu2P7hSKConqAbfP6fvrm4G_kUNEHi621_zZz7rosmm1sgtxksK8XvEOzkRnpsFFVSlMIWAzRPjbjLZNtQCiTi1IAH8Q&dbm_d=AKAmf-CZsrmiAKlYB1EzqsZbE0-cQX-ulgcCcdZPKm5FYLfLa1vWePdd_txnOMjKDlqPi8DCqWLCgvlgiVQ1KZ4XpRNZ8oY_sQyRzDr5NAw4YubIA-0A4yO9o0f2MdtPhOFWrrXnxqlPIBuE3ias8NSgEVhoa04cKh8tWpGpMKfv8avuwwraVoAMIyrdsCbRF9OuyrztiPO3lx5BGbbhuanMf2DDGiqSdRUrfKHLCFvVVFVpWoRqwwDiduajjHV6BJTXIP198Gy2zYsQUY73SXCnQxzfJ6c6BCagIYMoc04VLGuyKq3hJZBpNchRVZiRAuw4hdba_Vlqyv4dbc4qqiUfhN1tJVVkDck5JB8fdvaSFFPc3kuEEWEsnDWpPRqXWJm00fz-zBVQAkQVVAAZE_cIG7HKTndfIdOAqRA5FpiJUWdQzZAjqUWZA0mk9c_SDSFD6l_GFanRpF9KtBpk2jQz1I5oBHyb7qNM3iGmG1_-QotPSGgvkV_VBiozD7dWZDfbTWxA65b7AkUE6BgtB1AfIClVBa_HP8Wrc50iWo1H_7YqTJgTTP9pQFIeoI147D1ePgF0ZPRtE8131CoZ-tM6MuCk8nVmYabkX4GRv9-ur5Gmu34S5B25Ce0jTyNcVh2UCxQiMUXQYnPAhkatptmtLoDl60wSnFAfHInSuX58xeVg4abkDpjE3UoBqlhtzvMOB4ZjErfP7ouhK36JFTsCZllSqLJlhCSmjHnpLEXLEetXjYupZ3pqU4z_z1pLLmN1vr5wO2jrQefzifSB59RubOB-cNTJ6T7UNU8USrxKldvwP0t9iNLEZfNjzz2LGWIsWlvsUKJiWIvCtg3dVtI9CT2ESsBz2MIBADlRaKxAcnx8spSCQRgYCskmlCNR_Cwl0uqcsWcDH1ub8zFT1Phs1VVclypUG-vVyYbRQt-fMJTN1PtZOo0m4hOI1kqNabiFtfQoGMU8NnX4n7GYB1z2U3Dx1nBcnlQ00yY6caC2qWmgTE2q4DAw70Fr7Cc04oU7CsGmXTegJ3IbQmveJOQhXq78q24l4BkzmCZQ5EAjf1ZlDwYvzhYSefEjkNdwwbgvLiAKS3pWL6acc_AZmU2T-foNQHjEAGqmFgrZux7DbrDJuua6OPsTdehayVq1jcCeYopxNvWNlaV8RGijGEBhGogbWIaSg--N-n7pEMVMIKmCdzpRhOA-QvDMUEJZYsACThPn3y11EjWML1axYH3T8EFncwSI_LWLdKo25qWFltdx-DWuKV3BMtEyMEGQPBmsQN2FYVru5l7UFVz3APCv9EG_pVJqOpNZRV7L4rlfOqS-O8IuNCT86j3kr1I4gPxgZkiZ2kXF1puC_pjOodVMssicMP0vgnLMdhIFffj9q8SawT2_2LUFqdGodGDrQMZy_16F2iY8UWKFTOLg4w5orHEtVtg_wEZeZMtNz-BUZgyXmyCMYfLBHVWiv56-wRUXEfwYNkkfmA_eZUV-UwStc8YUPVBnGt7afcEJcQ1JmSCkPkgqQSojGfpd_Y_6xf7fBHj8CBQrEHDNRYSDIJNhKKBp2z6ILfjxrviKgEsGNVFC_VuvHD76gDwGL9MaicB0mTUcimqcQM-On4uLdDqeI3C6yGxRw4ya2HNlZlkTD665sNY1F1wjJKFs5QxV4WrlGI0GxrY69D8tDAEV4TbEGhvJYlsanVn8fpi8ngN9PvhAr31t8pb2jvs5MkqLunhRymW4mhQsDAKK1Zj9ZzoiF5ZWp0CX3YA4ktxaPae0rrELtWd-zsPBpEZq0BetjTV_tU1FVgWo1DdS2KmnF1qu7adhmxL_j94S1GEfOsccdYT-ELeqcR4MvYSyogOUbDBG8UiLuWLuPdmkIHBtFpkZX3uohZCUsxXrDDC9TZNNHxYjL7shKQx52SDbxuIE5S6qTcUgsyweqelHyTYOhH50fumR4yyeElp4mLtzWsLKO1m4v2LVtwiUJmqcHW43mpaaTztPjijvMPK0M0NOV5iAzA_SmbYcqO8W4CQt8a-iHWOzzDZvDRz3A_MPa_2eAKOOChUmSB6p2uOTbRvjTbgFEtHUguXQIy54zoD3AXNe_ubDgDKgOflhMsra3Vi-TpLSTaNnaDSaPPXjoIoxjl0WqxwvJtvR3oC--e3EPMdnvSY4VYRePkSiF0OTzHyH8M-BZE-GAJH5zV1KJPlyZ85SnzcceUAAYASmajv4WtHET69qFArJIUUKUdKiJjtdPQItZ3lIuj70ZsCXb6lmTsU2XDBTMoOsfLzx4TOj9AluIf6xDVnFMd149XeLC2P6MAw9jgvNsjq5rkTKICQSHckQzsMVK-RhjBKspf0n2Uu-g-oE-lgpueVTawzoDh22DBKoBVnYyKMI15ShlNxgAM2n8sLeOn5VJSPtRe1tHZJBKwnB-mb1sYr2mk7bC1ZC8_9DOxvq6C9AbB1iq_1vHMnfMOsyt9HH7egNWqL3FGKg44FIGotqJ42udxZfbjjToUDV7-PFGECiCBhrfknKpq35w2tnu7z58MVioni0HMP9JOXOG4TgQR0Z5JZR5x2EYdN82fg5lNc18mxlHAL52tslQvLapB8O_1K3T6SG4bBwWTT716TmZgGLv1nFb3Fen46jLZjBchqybFy8PnjBjdYHzNUHHNrIZcxqEA2JhVlO6FcbAjjsqgKPsTDxdUANJx8g7b2ddrrgmGDVssomXKEIhr7ImzioGJn_ZHezIGiyYjKDb41BsLw1NTpNUhcuO7H_MFMOwF5dDkb9wg_qdZjSZw9j7G3nMwb_G2KPVpSch6Re-qr4IJ26kPIrxst5G2kt5TeZ0Z_rkI2X9ONW9alwObmSw-WFRJ5V5bFcsv0GrKencpR_m86tX-4zWb-qnu-Y4tbc8xSXnlCUWSN11IfNUh5oGRHFOV9IIC7VbGSn9vwR7FdO1oyF8m7wfS4_eC_E4gDPIFWOXeIve8DtLySmp9nN1iBrvtAc7poBNwkk3Yqt7jyUvjExRcp29RZhoiB5iUrNw6G7wyNSyC61ZhgNWCkcfzSceq48sh5HUwtEQcwjDfotPGG4nLr_A628K-bdQylCRBdf5qr41zeMBRJbWDPjdOyhywo3IfY5p4jGUD19m1z8WCh3cIfjapGr7y3aqE_xzYcAV55_7sGeVCaSQRM6cnAEe0RNUmdhkqckOWST6p6eyd4&cid=CAASEuRoAFfpRtqfLD3P8Jlhj9wicA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250071;a.a=486510943;cache=1831671044;
ad.atdmt.com/i/ Frame 9EA1 0
0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9EA1 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/10690/ Frame 9EA1 43 B
650 B 86ms
8ms Image
image/gif 35.156.157.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=1831671044&cmid=24683151&sid=4128031&pid=293250071&cgid=486510943&cid=144537171&aid=9533159&gdpr=&gdpr_consent=
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.157.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4305
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDX4WDSYiKt_8bWwBwbcfvs&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDX4WDSYiKt_8bWwBwbcfvs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhjtvYScATAB&v=APEucNWtTL_M0FAlmlCXsWyK3_zvfBPnDtK5xf7hpL2DEXpi7vjxCcHA6FEkbwuaniaYmnmj5FONZzrcdTZ2oSv66BD_dtzzws0oyb27kc2RPhjiOUmiSXsf4WyBLwt5LFRe1lwrYf0J83G9i9abDbeLnh4QALDlH3JVSiMezqQkhuLdOinHBpo
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDX4WDSYiKt_8bWwBwbcfvs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4305
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhjtvYScATAB&v=APEucNWtTL_M0FAlmlCXsWyK3_zvfBPnDtK5xf7hpL2DEXpi7vjxCcHA6FEkbwuaniaYmnmj5FONZzrcdTZ2oSv66BD_dtzzws0oyb27kc2RPhjiOUmiSXsf4WyBLwt5LFRe1lwrYf0J83G9i9abDbeLnh4QALDlH3JVSiMezqQkhuLdOinHBpo
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4305
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

43 B
1004 B

13ms
13ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhjtvYScATAB&v=APEucNWtTL_M0FAlmlCXsWyK3_zvfBPnDtK5xf7hpL2DEXpi7vjxCcHA6FEkbwuaniaYmnmj5FONZzrcdTZ2oSv66BD_dtzzws0oyb27kc2RPhjiOUmiSXsf4WyBLwt5LFRe1lwrYf0J83G9i9abDbeLnh4QALDlH3JVSiMezqQkhuLdOinHBpo

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9910eca2-8b1c-438e-9103-a82d91ec0683
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4305
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 10a0a34e-175c-420d-80db-e110096a59e9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arrow-01.svg
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 9 KB
2 KB 9ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/arrow-01.svg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8cb0ab4f61e20ca834826afc15bb444e69f531ecb856726f9ad0c0cf7a04b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 00:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2271
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 00:01:23 GMT

GET
H3 200 Jetzt_entdecken_copy.svg
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 5 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/Jetzt_entdecken_copy.svg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e72af079533476d9df4b500773b365829426f61c161d89d14a69e834c15504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1724
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 14:17:29 GMT

GET
H3 200 Headline.svg
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/Headline.svg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c25b5f96862af83f5f15eedf7e69a0e736f5417ff3e692c3a4a12ecec175e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2014
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:55:08 GMT

GET
H3 200 Image-Produkt.png
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 6 KB
6 KB 10ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/Image-Produkt.png

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a831bd552658fce147a8f0702958c345e321220689a7a51463aeb7ac31188582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:04:47 GMT
x-content-type-options: nosniff
age: 71599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6344
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 08:04:47 GMT

GET
H3 200 Erazer_Medion_Logo.svg
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 3 KB
1 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/Erazer_Medion_Logo.svg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6487f4df928088ff6ddb502da4ea46cb0a2670d211d803f036308cfdc91c1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1139
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 13:16:24 GMT

GET
H3 200 Logo-Window10.svg
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/Logo-Window10.svg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d1d20b8fc9b02c2fb48a8823db3272b272666fb42eacaaa92d9565f7d762b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 04:44:04 GMT

GET
H3 200 BG.png
s0.2mdn.net/10326444/1619528968743/ Frame C3A0 22 KB
22 KB 11ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1619528968743/BG.png

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a865eed527a7865f0a0c0eb90e1cef10cdc127c926043011543cb36b13c680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10326444/1619528968743/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:14:06 GMT
x-content-type-options: nosniff
age: 49440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22256
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 14:14:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF6E 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmIVrzfKmYbyJG4CN9u8PrduvoAwAAAAAOAHgBAI&bg=!goGlgcXNAAZQLpa_UC47ACkAdvg8WnTCQXXhZWtaj27dnfeUOYvQBbQ8z-0px7E9Q3y8fvHlxWmJ0QIAAAD-UgAAABpoAQcKAJvcdoA6FGyyJxF-pFhmtdszh-SEMdmBjmrv3wcKFg12ZQDRJnw9r8Mgo1MaKlVLW4kxKZzhBi0mQMx-0wVogG3GDc7vTOjA911e4jSkSzuyTd5NHH6AQCPcS5tq3tLBOEaxBCvNaK_xvRvnJ6h-kMZmN6-20sjVKgj7HA9yRrSDqvzUKuTyN8-kuBq2lVxnSFJ6TSnPKF54uEpRgpkC1NtQYeLZzQtJ2Coqogu3Png7M5vHGMs1iXavIgyU3LYqoeKKRGoYNSsHFYRBQyR6idEOdUgbJs4KC10dpwU241GR64O6IQ4UAEcNfsYOs7qHH8JBqPrMAlWChZtIDm2FSkbt3Wxut0IFJAsqSOV3WHjTzPkL14Nmoo3HHXQX3OFKL77_h6qQl-6-2cTSaEdQe7EQOBpo-q1fk3jS7-3k45318YR9_9qhC_3jikcMvNrgZZ3bZ_EoQ_aE_tHcy003M5hMthWeqa6txuOQHlrjki2Ea0NKSh3x74VMK2C58MlU4gXsP9T23MymvbSnUH-nwJy0NrjlNd9hKQmTKNGML1DCkua_7YnVhCxSmfP9YQ3YVp9IRdW1BUBoGzxK35mNDntb94XG8ZqfujfSpn52DG5-S3-gPmp4iq4rfZAPaDxubJeJPh18weTFzoWvw1M04Ok5KbemwHIqbU9KoUdcPC00ELUYWuySckD1ya3Wgqp9mPCBcMiTqIg2vWeomSRZCD-5DIXpvOpvCeaRU_mxM7uD1siUSNtiRgtW32kdroQxAbYEDeavwfjsE-6fn2gWFte32MsXqCpUg5g0qfrQvnxQT2s4avP5qavFRmKfTH0-T6EGeXzsP7cmglctbjcGTnZjYc1UtMGk0WNF5fFhOBLVhTGAOFTkxF190auQ1Gmv3h4axFnyDYKFr80bjGCLLTd1N_Ux9C0zKNtCRf6WSxybVRylreJdqYdkdL4pQx-9wV2AK68yM5gR0Ikxt_ZnbwmtEoWksys76wy-1aV3U-oy348MBe_RJdAHFfryBKQvcW7nin180XdNz6RTxzWPmtETqgfeYch0NayyCY2OUzAI3fKdz2CTRQBgJD8gwK6zlKB6aj7n7hcbgywzrA5tQNuFz-I3bwkSYN9lWD-9MqkXfJBnTJV5ikppln_IwmJN-5KC_Yh12T2UrExB1ZU3L6iJhJ0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F4B 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H/1.1 200
OK dvbs_src_internal100.js Show response
cdn.doubleverify.com/ Frame 9EA1 56 KB
18 KB 12ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iZuGyfwQSJ3A9whXNivynd&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42847368&DVP_DBM_4=327229165&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=850394821177&turl=https://www.diarioceleste.com.br/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fb3411b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18242

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FBD3 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D24B 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 9EA1 2 KB
1 KB 73ms
12ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_991587097805&jsTagObjCallback=__tagObject_callback_991587097805&num=6&ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&advid=&adsrv=&unit=728x90&isdvvid=&uid=991587097805&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=96&bridua=3&dup=null&turl=https://www.diarioceleste.com.br/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iZuGyfwQSJ3A9whXNivynd&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42847368&DVP_DBM_4=327229165&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=850394821177&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=148&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTar9EEADTbpTauTauh4dea527h2ehe4hg25_d__%6076%60d3262f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.40&callbackName=__verify_callback_991587097805
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d8239c9bf74a7b5ef230041e68b9d9f165c096c4ae4e97f5955da5be17fa5fd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Wed, 01 Dec 2021 03:58:05 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/30/2021 3:58:06 AM

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F459 624 B
297 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYsO2pvAEwAQ&v=APEucNXULTYy9tV9VEcY4lVIpxcEDK8aklah64mRTfl9GiK_h5nu1yMsYfmT7yjEtGfJVrKuK46zxYfoOzyZlmLnNe1EAEKku8htEeF_ItAZZLqFPxAqMF2JgJbQ7kRHPsgyN1njXGScRp_mjoGgKUyzk2ZKqSNHuKYvi8Bi--_u5Bh7Xa1yU1s

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 03:58:06 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D24B 73 KB
30 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcnIB0aPjnRC9rV8WWjsCTaBjiVj1YFVN1j7qajvBQ93mAcPmAfaJumPyHjeB40535CksADMkKiPgRILbjP-kkSqWYAyrWPkD32k5hTUwlWSah5rT0jnnMBVVqXHO6FGPo1GDBSgASF3ayYiM8Mj68z1AwUg&dbm_d=AKAmf-DxOuxTqaEw3kc3YMBMYxmicv0p5BzNYsATFtm_9vAZl4CE3UtlyNzENdM92uES9oH49_x2HGgB76kdFKgMbfajtIOBL-cSJB2DxU7pUxQuXWf_IVpmJju2pEKQBZQp7VMVVTqsGsRe-3IhTWtO_QFCPpvA9ebkHF_Ak5UFCRXMvajddp3DKBl8DgrNYJkxXFHinrVCrmryyqPqzVHCLp_jKweB3DIcvqzg3BvRxoVat-W7wv_iJ0HlexEXY5zB1XUgdS03J_gSvovGILwh0uLpAR7p26w_tFO0DeKh88aHFkTSI7ngut8Qu4XBShH1uRNgbaxJMzlRSiMtw42tR9VSJxsdSjak_MdwtMLRxC1xlXL2pqHsZMbM6ZleWOQ7LzWmSuAIe7P4bfRg183shClF82cI8UrLlyIYkVhGsOC7CeL6anVBY7_2dQIiIOtirWS2PZdXWBOjZM8KemybSprk9Sk_c5p8RrsteoM48414QsK_XFvgaXwbC7VFyymbVgcW74KM6l7_BFB7ED_QYU37hmB59LMDwxVlUmwe_wplW-CKBx4LGeev1dPhMMcP7uIjoRbL8Bbw4GrkFe_7TWHjZl2VjIBYpe2aUYtg1XpvLHXBIDPqF7PCxZPXXYhxEFlfM5GF5OEjs9M6JgVgbjLu-pcUQ2ERinpOZjlqEalsAPIHis0oDNx3FFOINue6jm3viqRenax8Zy-jhmh_OhM7MbmI7m1X9rJvocbpvGh7VEkPub1d7XaFBFg1Js8Ptq9hd8UtVEn4ub9ZJJw600L6Lulax0UBGA2PhBSvyVeISNQko4RYWBwB2H6cvNxxbSF7VOPeyReeAKf8ehm8VDO-X9ZGZzh7qMCpmi1SywEseffJuxwVXAVR4AyMt8z5ha8wMhdpWh1klsQaop1b6hwpJCeI1NNtAX9Kx9dHMtGdY9az3WitGL361p9qPWeB70B7W8xi-Ot1jhe9YzruchOcx858Qe8SCONmGQ9pvEDOqJ5VWe7ZZkjygglS9G_uvkwNvScrkA17cfFNXsPa5sNyLsGcnX5RQaQdOo0RnDjzpwj2pX7LXYxFAnhqDeZWGQSNtuKKjhZ-VyreUJVBPpByDysr_2CG1oBERDZ6ZxyJqn_htvkVYdki7Txv8RcL5uQgazr2IjA0NWZpHX5bd75em7WJxgo4eOXiXxBeXrvcIrYuIT7WeuP-ePNb5f6pHZA3pUK1cyBxJ3GkQ0-pP3EigEa9BqVLoobzaO0EFfGMH6jX2bn1hLTtO1G4PGK5HUyIH_QBzpLEHl9NUwLSKTqm4-LdqSAyZRiJA33ShyEeWycjnj6KHQEYKFJZDj6fIL2-iXtf8wHWSTyxl-thgScglPWA6hZziuIuN8vHN1N27iBy6ETa1efX6vX0rVxhPVRNEC-oNd3Xcd5o8AhWs-L-v_21kJPBzmE0RAqj02N1FO1Ux4MksvMB-iUXVLvXAutAwpZLH1Bsz8ssj2bKFDsZ6YvmJhkuclxK__ovjMLO5iA3LKOWrl_B0XgwppTKjc2xTTrq_UfA1vhmn-5V9QONDYPUV9rQ0IgmUZYXT0bmRQ3MrGIx6g4zhRqB-eVTpBXAhrs9zRXd8-x9nN_KE1IhNKGhNjWpEqgYSPYU9jUEBBquxcuaJ_VRmsHWn8Kayf359yI0l52gPKV-uV47ZRuPTY591r0HN9c5Nk8YnDnjyowo0LY6yEqY8A-QRM-SgoNmtUjfqvOfo1ao9zXjb7XlQYhYq4SMMdiaGfJEwGJoSyO4KETNBtAhHEzLFDorKANyylkL8BPWGXvi5whbFMXyDGLGywjmCzTjWjBa6SnTMNIr40nKluDbHLAt4zAKYiyLNvmbuICU59eZlrLV9WKAbRq9ZvZUzrlIE-pUo93q979Sednkk1EO4k2ogRMjiMqyiCuPIjHqAbZkzlQRsANeKQO_g6XFalwVo66-e46fZ5KDVov0f6Aoog2ojdbmXWuMcL9d1_zNL5ELOryYR-g5ZqY6WGPLUyFSYcciIOymdbLqQP3BnntnP5hN5BiQvGCNoU6rWtshj49bZaVZfuNm3hY-mA5MEp1k4dY0HJJ6pRELeXJKTlTgQFz1DEeh6JkA_hQ6dc5vRUD-zORFl55lHGERxRRZBmib9L1QRDvObPmScLi68PH6UsWP3REoseyPTc4OXbTMLzDLzWWcFMWB9RWE7J1y9dcTmHMjzFw_rSb0Cp95Y-QlysKbVCcWetMe-CuHsA8vdUEGxhSMusdw_wM9whPCdh4-qxsppjoP7YuYPlwzDb-FTVK6zeJq5bPNpSF3qJj38UXrZzEyb0eEiZkP2n-5enwnO3UAX9LQTmrv7l7RQyITpvf8kemZOwpbWxa5LVyiN3J7oGSuU4iloZHihrUqBugsIOhi7lV9v1Vpd1afKIx8_1G0vvPIiysr9EbWS6wvbVmJVB5xaH3zLNgVgC35qpotTvJ2yK6-sYP6telbbfPfeMr3u8_AT3ZRkjlFYNaRXcYrZQHoN6ePtIPob0d1LARzzViOl31Jw6Vk4K8bFA5ZzIq16aC4iUsfTWLiAYAUJ5eMHZtd7v3WqDkgGctBmNFl8GPoGUV9_ZHSnurS3Ix-JcZUVNdyZ8QFXi4zZ2s2o2JlApURITLlruqXe4CFTivr7RHZUnB86QhBcASfyN1NGcJuysJgNvfq0neggVJjJpJ2JDjYrm-Hmd95g2QWeg19Hhsrr_tA5uH6doo8joat3RfXKN-QZoeRcP-wYymLvKdSewrUsAE7N65Bj6ygP3UhJ_ggYTB5bS8ehr73OwJhsB0aXTuqVDA4lDtyaR-l4UrvLWjH99Il6yd4UCkmHRRwWwgnUxQoe2CfLy_hmaVmimt1k8BijvDcCwHGL9r3rNzb84Oxhl95RsbyRBnolh6AsWVs-j5b5ylmQ8l-1WhbPiZbWRQK5NK5B_4DF7HK9ezurb5D6YJ--CMLkPb_vD2ZkBnfSGrahunCfQ5f_V2-VECJIv1Qe4of9XAmNBXEVFN4WmpQruO1Msj0EHqV8ATTvP5Vi-4MDAllyNQ&cid=CAASEuRo4l9g5ons138MbGjb6NuTGA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f316bc8fde9a13885b352267c828cdfc1be35016a4cefd8632a6792a7ac9dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D24B 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDtileVeBawf-jgVDx2ZJ9skrgNQ-rDe5Qzc0KTaVpTlWEOXL4c-AAzEitsErPDLGlfBr5XOuOBgJ1AxuSQBABHsT4Z0BdVUveKLIG45hV_BuaEKU

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D24B 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D24B 119 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D24B 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame FBD3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

43 B
894 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYsO2pvAEwAQ&v=APEucNXULTYy9tV9VEcY4lVIpxcEDK8aklah64mRTfl9GiK_h5nu1yMsYfmT7yjEtGfJVrKuK46zxYfoOzyZlmLnNe1EAEKku8htEeF_ItAZZLqFPxAqMF2JgJbQ7kRHPsgyN1njXGScRp_mjoGgKUyzk2ZKqSNHuKYvi8Bi--_u5Bh7Xa1yU1s
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F459
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YabyzJZszJ5A9JK4MIFgDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1

43 B
894 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYsO2pvAEwAQ&v=APEucNXULTYy9tV9VEcY4lVIpxcEDK8aklah64mRTfl9GiK_h5nu1yMsYfmT7yjEtGfJVrKuK46zxYfoOzyZlmLnNe1EAEKku8htEeF_ItAZZLqFPxAqMF2JgJbQ7kRHPsgyN1njXGScRp_mjoGgKUyzk2ZKqSNHuKYvi8Bi--_u5Bh7Xa1yU1s
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 03:58:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4nHvyYDPfoGRKSVmVHZ8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

43 B
1004 B

13ms
13ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYsO2pvAEwAQ&v=APEucNXULTYy9tV9VEcY4lVIpxcEDK8aklah64mRTfl9GiK_h5nu1yMsYfmT7yjEtGfJVrKuK46zxYfoOzyZlmLnNe1EAEKku8htEeF_ItAZZLqFPxAqMF2JgJbQ7kRHPsgyN1njXGScRp_mjoGgKUyzk2ZKqSNHuKYvi8Bi--_u5Bh7Xa1yU1s

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f3c1f204-c3fb-4896-a781-c7dc4e43b742
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL4FwIaRtQKHpc3vwEUpwbY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F459
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 938e3611-0cd5-4c4c-928c-431a082299b7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5Nzc0OTA2MzczODA1NTQ0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9EA1 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 01 Dec 2021 04:37:26 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D24B 106 KB
37 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 16:51:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame D24B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcnIB0aPjnRC9rV8WWjsCTaBjiVj1YFVN1j7qajvBQ93mAcPmAfaJumPyHjeB40535CksADMkKiPgRILbjP-kkSqWYAyrWPkD32k5hTUwlWSah5rT0jnnMBVVqXHO6FGPo1GDBSgASF3ayYiM8Mj68z1AwUg&dbm_d=AKAmf-DxOuxTqaEw3kc3YMBMYxmicv0p5BzNYsATFtm_9vAZl4CE3UtlyNzENdM92uES9oH49_x2HGgB76kdFKgMbfajtIOBL-cSJB2DxU7pUxQuXWf_IVpmJju2pEKQBZQp7VMVVTqsGsRe-3IhTWtO_QFCPpvA9ebkHF_Ak5UFCRXMvajddp3DKBl8DgrNYJkxXFHinrVCrmryyqPqzVHCLp_jKweB3DIcvqzg3BvRxoVat-W7wv_iJ0HlexEXY5zB1XUgdS03J_gSvovGILwh0uLpAR7p26w_tFO0DeKh88aHFkTSI7ngut8Qu4XBShH1uRNgbaxJMzlRSiMtw42tR9VSJxsdSjak_MdwtMLRxC1xlXL2pqHsZMbM6ZleWOQ7LzWmSuAIe7P4bfRg183shClF82cI8UrLlyIYkVhGsOC7CeL6anVBY7_2dQIiIOtirWS2PZdXWBOjZM8KemybSprk9Sk_c5p8RrsteoM48414QsK_XFvgaXwbC7VFyymbVgcW74KM6l7_BFB7ED_QYU37hmB59LMDwxVlUmwe_wplW-CKBx4LGeev1dPhMMcP7uIjoRbL8Bbw4GrkFe_7TWHjZl2VjIBYpe2aUYtg1XpvLHXBIDPqF7PCxZPXXYhxEFlfM5GF5OEjs9M6JgVgbjLu-pcUQ2ERinpOZjlqEalsAPIHis0oDNx3FFOINue6jm3viqRenax8Zy-jhmh_OhM7MbmI7m1X9rJvocbpvGh7VEkPub1d7XaFBFg1Js8Ptq9hd8UtVEn4ub9ZJJw600L6Lulax0UBGA2PhBSvyVeISNQko4RYWBwB2H6cvNxxbSF7VOPeyReeAKf8ehm8VDO-X9ZGZzh7qMCpmi1SywEseffJuxwVXAVR4AyMt8z5ha8wMhdpWh1klsQaop1b6hwpJCeI1NNtAX9Kx9dHMtGdY9az3WitGL361p9qPWeB70B7W8xi-Ot1jhe9YzruchOcx858Qe8SCONmGQ9pvEDOqJ5VWe7ZZkjygglS9G_uvkwNvScrkA17cfFNXsPa5sNyLsGcnX5RQaQdOo0RnDjzpwj2pX7LXYxFAnhqDeZWGQSNtuKKjhZ-VyreUJVBPpByDysr_2CG1oBERDZ6ZxyJqn_htvkVYdki7Txv8RcL5uQgazr2IjA0NWZpHX5bd75em7WJxgo4eOXiXxBeXrvcIrYuIT7WeuP-ePNb5f6pHZA3pUK1cyBxJ3GkQ0-pP3EigEa9BqVLoobzaO0EFfGMH6jX2bn1hLTtO1G4PGK5HUyIH_QBzpLEHl9NUwLSKTqm4-LdqSAyZRiJA33ShyEeWycjnj6KHQEYKFJZDj6fIL2-iXtf8wHWSTyxl-thgScglPWA6hZziuIuN8vHN1N27iBy6ETa1efX6vX0rVxhPVRNEC-oNd3Xcd5o8AhWs-L-v_21kJPBzmE0RAqj02N1FO1Ux4MksvMB-iUXVLvXAutAwpZLH1Bsz8ssj2bKFDsZ6YvmJhkuclxK__ovjMLO5iA3LKOWrl_B0XgwppTKjc2xTTrq_UfA1vhmn-5V9QONDYPUV9rQ0IgmUZYXT0bmRQ3MrGIx6g4zhRqB-eVTpBXAhrs9zRXd8-x9nN_KE1IhNKGhNjWpEqgYSPYU9jUEBBquxcuaJ_VRmsHWn8Kayf359yI0l52gPKV-uV47ZRuPTY591r0HN9c5Nk8YnDnjyowo0LY6yEqY8A-QRM-SgoNmtUjfqvOfo1ao9zXjb7XlQYhYq4SMMdiaGfJEwGJoSyO4KETNBtAhHEzLFDorKANyylkL8BPWGXvi5whbFMXyDGLGywjmCzTjWjBa6SnTMNIr40nKluDbHLAt4zAKYiyLNvmbuICU59eZlrLV9WKAbRq9ZvZUzrlIE-pUo93q979Sednkk1EO4k2ogRMjiMqyiCuPIjHqAbZkzlQRsANeKQO_g6XFalwVo66-e46fZ5KDVov0f6Aoog2ojdbmXWuMcL9d1_zNL5ELOryYR-g5ZqY6WGPLUyFSYcciIOymdbLqQP3BnntnP5hN5BiQvGCNoU6rWtshj49bZaVZfuNm3hY-mA5MEp1k4dY0HJJ6pRELeXJKTlTgQFz1DEeh6JkA_hQ6dc5vRUD-zORFl55lHGERxRRZBmib9L1QRDvObPmScLi68PH6UsWP3REoseyPTc4OXbTMLzDLzWWcFMWB9RWE7J1y9dcTmHMjzFw_rSb0Cp95Y-QlysKbVCcWetMe-CuHsA8vdUEGxhSMusdw_wM9whPCdh4-qxsppjoP7YuYPlwzDb-FTVK6zeJq5bPNpSF3qJj38UXrZzEyb0eEiZkP2n-5enwnO3UAX9LQTmrv7l7RQyITpvf8kemZOwpbWxa5LVyiN3J7oGSuU4iloZHihrUqBugsIOhi7lV9v1Vpd1afKIx8_1G0vvPIiysr9EbWS6wvbVmJVB5xaH3zLNgVgC35qpotTvJ2yK6-sYP6telbbfPfeMr3u8_AT3ZRkjlFYNaRXcYrZQHoN6ePtIPob0d1LARzzViOl31Jw6Vk4K8bFA5ZzIq16aC4iUsfTWLiAYAUJ5eMHZtd7v3WqDkgGctBmNFl8GPoGUV9_ZHSnurS3Ix-JcZUVNdyZ8QFXi4zZ2s2o2JlApURITLlruqXe4CFTivr7RHZUnB86QhBcASfyN1NGcJuysJgNvfq0neggVJjJpJ2JDjYrm-Hmd95g2QWeg19Hhsrr_tA5uH6doo8joat3RfXKN-QZoeRcP-wYymLvKdSewrUsAE7N65Bj6ygP3UhJ_ggYTB5bS8ehr73OwJhsB0aXTuqVDA4lDtyaR-l4UrvLWjH99Il6yd4UCkmHRRwWwgnUxQoe2CfLy_hmaVmimt1k8BijvDcCwHGL9r3rNzb84Oxhl95RsbyRBnolh6AsWVs-j5b5ylmQ8l-1WhbPiZbWRQK5NK5B_4DF7HK9ezurb5D6YJ--CMLkPb_vD2ZkBnfSGrahunCfQ5f_V2-VECJIv1Qe4of9XAmNBXEVFN4WmpQruO1Msj0EHqV8ATTvP5Vi-4MDAllyNQ&cid=CAASEuRo4l9g5ons138MbGjb6NuTGA&rfl=1%2Chttps%253A%252F%252Fwww.diarioceleste.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D24B 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:54 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 9EA1 41 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 12:23:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C182 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuRHolpvg3miMtQDdjtQ8qcn-NIrh0CsaYrhddsAWr2jQ3tyjQOAeEUdT1tb-qlBwdbo3n1p1mSk4MeL2h_i9qPTr3Vd-eUbe8eLntyGwIvdmncuvEiQ&sai=AMfl-YQfCNDIQC_6Lvr4Nz6QFNrSDK7EvaAz0d9mxewR1IMCExFEBJS1T4MNMQokhsyyMzChjovKDApt_GFXYpYry3KmVJPCTktnDedmBYpUObTfRN0o7n8ehiQTltRePcB1&sig=Cg0ArKJSzH__pEW8AF6eEAE&cid=CAASFeRovM51lLC90RE8MhszNvw02_dDKw&id=lidar2&mcvt=1007&p=621,1022,871,1322&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3288579592&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638331085097&rpt=277&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
97ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 137ms
136ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame E621 152 KB
36 KB 14ms
14ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 15 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f34b00de0af755057fe4057154c6e4fb1f4cbafbbb8383fc48ad452472d0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 4512
date: Tue, 30 Nov 2021 14:00:40 GMT
expires: Wed, 30 Nov 2022 14:00:40 GMT
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D24B 0
24 B 50ms
49ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua_9rQHCRrzfXBSyK7D7bBGx8kBMr2CVYWmGprcD4h5UDfRiMEXD2T0ywvhJDPaC-AdkgMT5jL9px6rOQaG_zSJtsIL91mApm6TehRHWxlTOQ9Hd9e_R4XO6wPfVsO3mijCk8OW_yYSjMnnMEjs1cGxdhPZm7_nvujrCFuFfTmwZnZyeBuelXvh1iK4TcCTgNo2SaTOHYG-J1uUaZTWOOG-6hMvGO8ccOGUcKWKP9OvRH5durrjTqrn7xJHBWCouRcL3EZLsinGwnXHQHiW-pys4xAAh8YjRfsY4qYZPcgQjRJ9rBSmGqD2cYO9jTL7SejvRbTARQf_dGOw9_KWEFw48Ay2L0bm6ityojIQOLFdenEJflDkaWPUIXFIxDhcioHGJ8pLuQBryXkC09hdt-TjH_4XBoyFNfI-92nPv1miBcNEvL8fXPU58ODIw9SeMsFOwT4l1xKuXY5l5Zy2HrgDb_vVRyraaxjBvTVWXarJGGG0WN0IbzenjHcqcCuQ3B4VEn4S4obWYk6_pwgAl6TE0jc8lloD-20swpMF2VFsrKY93jvHxsXydnvo4NZPrq7VX3KFDPi5TuyM15YtM59PieohF6T6SuMhG1gsi9suBVUpTcF9Jsz4JXFNUForvzL0lW3gvv7QjFDvM1J9sPE0neVU0n1REUNOG_Li2a2VgQgO5qIl2ihFVcwnOAMevZZbcr7Id_NExlfh9mdxX49rewHAdU9fZmk4VAZy6YOB6qgWKY7cXzZ-4GzEBawx6TzdrdYyw2ER3YtRW4r6A1iLe3VVpNEnDB77aZ_2041ylfOkoUcGE0Hcanw2NFHa5DLGMAsDFBNWebJkPx4ES4m26SRS285hP2JcuY8ADYr28JUA1ENjc8oyKk8UtwIuVMRjXrbKUppvsohfpBsZie1DLaQ2JPD_mGAUyrqzAmEZqFqtx9RJmrNdeQkTlQgsHWOS0YJlnMnU0hUybrSS67IMojWGzsAG1s8OZ7P_N67czpbonOWqb6GGfNSKdjmV0Rwqm6FmmxbcIFJsljD-n9VXENnrjs7-Lyc-3u-xdo0HudhACqjpELyQJzVQNDZ3o67Oq5B4hhM7d-huX9-fZFu5eFdSf3aJwOo5vRC7q5WZcOUYfSDK7ypNQ0H4wx4PMy5Q0fR4kT5uEscuhN7vFIQ8ysL2kXfU4QcLDuOpkfmDEPYonviUgBQsa_6bpyvZT45muBz&sai=AMfl-YTz1hqBOPc-siFpAuSDSZDib2VXiDLQOKSBAUSxvA-VaXWshR0Dz2WRiP5WDAHFoi6P5U4FYwWv8h-XnpNeoODlqjAAJV_d1XUL3YpFQJM8peF_tkVerIE1Fuwe1X0oVAe8FzJYvzj-RGg2T596RG7PcrUs6g&sig=Cg0ArKJSzCuw6emSZGm_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=67&cisv=r20211111.80628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Dec 2021 03:58:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 B9689862.280630144;dc_ver=81.236;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4188270516;ord=9qleyg;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 9EA1 45 KB
22 KB 52ms
52ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4188270516;ord=9qleyg;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diarioceleste.com.br%2F$0;xdt=1;crlt=YNvs_Y6'qk;sttr=70;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

51b2fc826bdb666b68400237c4b2371ea1e2120b602eb891e8023e171a2d2627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25F6 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5VIBPNfO0fcLpJSqpae6-9ZDcJubNwbmAG90t1SNPqWWdyZHheHYZXmsvgoJef8xqEA2SC9qlT-PoRljn_N2Sftf_GEK9dCHzm3eI&sai=AMfl-YSlgzUAT1U67X-ASSvhJQ8eFwlN_eYXxU1PTQbRzOrazRgB37qojTk1JqMpiLHDVccNfP9L0QmHcw1q8fzURbJrNQz18czpJSEEvRNTCbwCdwZTPQQ3DqLizLJWNECS&sig=Cg0ArKJSzA4QNJCwABo8EAE&cid=CAASFeRo6AV3BRFga7Ko7q_LyTklv4-9kw&id=lidar2&mcvt=1024&p=72,596,162,1324&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3206296387&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638331084908&rpt=517&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D24B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 29 Nov 2022 12:44:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 862B 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 05:53:44 GMT
expires: Wed, 01 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 79462
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D24B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0b54f1efd94db47099b5de7b78e84ae1dfb3008709e3c11d5695f77eed8a51d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C8DC 38 KB
14 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=55298
expires: Wed, 01 Dec 2021 19:19:44 GMT
date: Wed, 01 Dec 2021 03:58:06 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E621 38 KB
14 KB 10ms
9ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55298
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Wed, 01 Dec 2021 19:19:44 GMT

GET
H3 200 anim.min.js Show response
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 8 KB
3 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/anim.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e773643d244128c52ab5535c162c467b2378bef47a784567d2de56fdd4a9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3367
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

GET
H3 200 polyfill.js Show response
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 6 KB
2 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/polyfill.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59634d2853fa1300f9d99b9d1550fcfd09366ba7ae58776b291af9e67dedaa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1955
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

GET
H3 200 img1.jpg
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 33 KB
33 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/img1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3feb1d3c9a720750b41b2fbe4dde115af9c232cb69a26aede9c49f58396deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33834
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

GET
H3 200 container.html Show response
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 451E 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Dec 2021 03:58:04 GMT
expires: Thu, 01 Dec 2022 03:58:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 490F 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 9EA1 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4188270516;ord=9qleyg;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diarioceleste.com.br%2F$0;xdt=1;crlt=YNvs_Y6'qk;sttr=70;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:37:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9EA1 0
23 B 43ms
42ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrycMPQpqHwKjSGQFHrqYJMR1iIYZYuuzR5EU7XEvXi05deWQOv2POKD2ylEjF0l5DJ37joKRr7SoLVlObDkiuiJe9GPvAAMmNRvkBcr5iz7KoT6VBBq3RmxoycyRKlMUGQIhyjVlf4T_ejlOWHVrOGeQwThdr6A_U&sig=Cg0ArKJSzNoNvq9pRcHGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211111.99262&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9EA1 8 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4188270516;ord=9qleyg;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diarioceleste.com.br%2F$0;xdt=1;crlt=YNvs_Y6'qk;sttr=70;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0424488f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 17721130591974731406
s0.2mdn.net/simgad/ Frame 9EA1 69 KB
70 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:56:46 GMT
x-content-type-options: nosniff
age: 39680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 16:56:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F4B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCchDzfKmYaTWM4yG7_UPu_WHyA0AAAAAOAHgBAI&bg=!GBulG1_NAAZQLpa_UC47ACkAdvg8WobEy3F6rrgAagqWaGS37nRAioM9cFJAu1bLXcE2lfOC5cpPZQIAAADAUgAAADJoAQcKAGTe5j93U45REWoC8N5SP1dJpKSspbd1i7GCwXlqBtHA9D2ThZKZm204_VfdmRnfOeE97BQCrc_Rj4z55vHjsPN0k5Sn8BJHaKPzkc18JWXMFtv32DzoQAEqxhA6G0lv8xrRWihsmQLT1mcHzSWj-OiYpCgPvPXTti9jGlajWVgXSmUBVOs7RYoE4YJU9JkU6OgHmLdPRboggDuP1k8kNuv4UgyZ0K6ynnMj1fuWu2Iv8lTOmZaDA1FJHmKcNJrv8zaYXCjn-Flf7-M9PkNZ_kJxab0zQHhNiOL5Gx3Ce1Y9JXUkgDalmXEif58xD5m6X8MZn1JfUB10sneC1OZ1N7UMMlPagQ0rtSkeuKeF9xSJzG4JFwBAAHhCrm2GjdjcC8noVNuRqL9XfEwdNb-Oh0Cxh4afwN5C7Ap3RM4t6Bjjpvbx1USMDf0gC3XRY7OzD-F-qSZcX6PLRxP106bEiFyLFaVCPYe5ZETctHa-2-0zJsDjXYu8jdKbf1D63wlDMTfAVJr6hLf3uWwGCcWFXvEH0ksiJbkkyWxFH_kYdzW_F_kWBohaKnbzsIlO_GiR6Ao_DiAszXl4w226SyTxsYmdOacIoN2WQvx711ZOR5v-lajX_3Rz3GNy-ygY1ZlK1_wqHlyczJT4oyBtpmlQ4bdz1VT8BTGEdA8j3Or2XQAPeS8ktGEV83ZLbFyoKL_lViAMzkWd8TxM7Gzvx-EWQXsaC1gn-Q8ljm6k_tDce98kVvyg-FWlg3TUccF_BPGASIlJlIeYlFLTofUPvS9N_Q2m1ndBx0NTUk35nwHmxdAL65hSx7-N0Og646DWt1G9RoDpzE9pXZLZspvIChblcYWuJg_-fZx2M3g9jEnzW9PMPjfwTq6SYFlXWju1I7kafvbABxtMaYzwkiHjzEP_JOqylcN2AAKhU_P2MxCkPvZHcEWNFwSUq_aBY0yeDfeQHkh5NDAPVihWBdKoYmQMMNNH0et0GmuQ1lIfArC_SZfFgn0g0dls7o9VK45G0n16lKFfe5_rME_wo1EsWNiGWG7dmWJC21mKzzfyJBfSMcb4Ak3DwTdVXW2Iij20KFTJ5_mrC_xt-r2BBkwz

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6A9C 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 29 Nov 2021 12:44:40 GMT
expires: Tue, 29 Nov 2022 12:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 97ms
97ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 877 B
911 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a19d96fde3b62300f9f41f049f8881fcb4180a422f06f1ef6eeeb615995eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:58 GMT
x-content-type-options: nosniff
age: 50228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:58 GMT

GET
H3 200 titillium-web-v10-latin-700.woff
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 15 KB
15 KB 8ms
8ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/titillium-web-v10-latin-700.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae32776aae5fbba5f5e09afbc3f01e948cb97a1434924ebfbf25e8f2661d1625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:58 GMT
x-content-type-options: nosniff
age: 50228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:58 GMT

GET
H3 200 titillium-web-v10-latin-regular.woff
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 16 KB
16 KB 8ms
7ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/titillium-web-v10-latin-regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:58 GMT
x-content-type-options: nosniff
age: 50228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16572
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:58 GMT

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame DFF1 490 KB
89 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5E64 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 05:53:44 GMT
expires: Wed, 01 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 79462
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9EA1 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8d72136d296c0a225da505249e26e9f37ba4a053aba197c4092772592e63b6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C8DC 2 KB
3 KB 59ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20252190&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 0b034a034f563858396d02c401f20287676d1d43dad6c7379d9b4c1bb76bf231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame C6AC 0
150 B 37ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=69954700014419400710612011795011&a=d6e3987c&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=69954700014419400710612011795011&a=3321f33d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 862B 0
104 B 149ms
59ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFq676o0dDzrUSHQsq5uGaA&google_cver=1&google_push=AYg5qPJAcKytxQTjSJqLp2Svg2S0sxcGktSqEa1zraGjN0Vw5vhEM7TM9XzG63RdwrGTwpVd8yzlIQzDOlLHrZcCOB5LhH0EDaz-TA
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 862B 0
191 B 24ms
23ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAfgJcU0Fvu1LHtxtT6RXq4&google_cver=1&google_push=AYg5qPJH8HRJ1MUlxGlitAYJodN9c8Nth4YZjMoZxD8hpQEbZdKk2qZ6Tn8xukjKfkWmVMfenvL9KbirCq8Iqb4VyQIfQhSAJ_q1
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 862B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKpcFfreVBI1gjXFiZ6whY4&google_cver=1&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v6...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjU3ODQzNDM5NzgyOTI1OQ%3D%3D&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v689zq...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjU3ODQzNDM5NzgyOTI1OQ%3D%3D&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v689zqMfem5Z1GcsLQ

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjU3ODQzNDM5NzgyOTI1OQ%3D%3D&google_push=AYg5qPIx4s6KnOKNpcJfZ9WseCkEPMOYz4i6Ji2vi_ZOCVhUnOipk-3HsYNZeWZ8lVsAz5mltUdCZOMAmPk7v689zqMfem5Z1GcsLQ
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 862B
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEGTCnYJ1fQBcytMI55Wwoo&google_cver=1&google_push=AYg5qPJmNlffulEqTUL6LUmbqwI8VBisjYAes8jEMlFDb7Jf-6_j_yXSPEIOJMqgZN5Fal9yAX5g-JvI_9ZsZViet3H1...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=062c16a1-40af-4d96-bd50-977c0b30715d&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEUjZ0sCQ&google_hm=Ag0EEed2RQGCbgBIrwpPiw==

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEUjZ0sCQ&google_hm=Ag0EEed2RQGCbgBIrwpPiw==

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEUjZ0sCQ&google_hm=Ag0EEed2RQGCbgBIrwpPiw==
Date: Wed, 01 Dec 2021 03:58:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 862B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.targeting.unrulymedia.com/csync/RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLym-ZSnqSaqB_mqibXP...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg&google_hm=A7XqV3NuaU8alOk_vc9mwG0

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg&google_hm=A7XqV3NuaU8alOk_vc9mwG0

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLym-ZSnqSaqB_mqibXPp23-VfGuhC_HWSdLgOPUxWmQSHfq3netzyQFX8jNvxhmq5WZoy__U_o--QTDhu9QMoaK0W2k6xySg&google_hm=A7XqV3NuaU8alOk_vc9mwG0
date: Wed, 01 Dec 2021 03:58:06 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb5ea57736e694f1a94e93fbdcf66c06d003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 862B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFKPVQ46OQoT3Iz3cQYEZQM&google_cver=1&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z8FNP5CTz69xpu7yYF...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nTEp5QnRGRTJ1RmoyNmREbTJLQTBpQlI3cEFWNGVXZH5B&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nTEp5QnRGRTJ1RmoyNmREbTJLQTBpQlI3cEFWNGVXZH5B&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z8FNP5CTz69xpu7yYFUfL3KgcpUy_W9VQ22F7V415DAr7KM

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nTEp5QnRGRTJ1RmoyNmREbTJLQTBpQlI3cEFWNGVXZH5B&google_push=AYg5qPLW2InB4z1QKEgqVejJAWnID7MKVA02QV3wFxKiB1QgQMAs2i90Z8FNP5CTz69xpu7yYFUfL3KgcpUy_W9VQ22F7V415DAr7KM
date: Wed, 01 Dec 2021 03:58:06 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 862B 43 B
72 B 15ms
14ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELUYpzLrNwiom4inq_4utwo&google_cver=1&google_push=AYg5qPJkvvI6CvCAyiAhS-RISPck3RQr7jL9uOsfQfh9yIgvC_irBb5454z0JmwKu07AccHa7tT8vWuwCnrlQrHsYRC-YDVfh7sXtns

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 03:58:06 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 862B 0
12 B 14ms
13ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNZZ6jAmEZCigP16OrKMZHhaMP0eCeNTMo6Aft2AaRigahdvRSezL-_8q7JmSDPBKRbXWNBg4

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lyxor_climate_336x280.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/ Frame 4A89 3 KB
1 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc578a82050b4ddee276534ae332ba6932d8a817dd9b504fbf00be6edc25ef1a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 1312
date: Tue, 30 Nov 2021 11:04:58 GMT
expires: Wed, 30 Nov 2022 11:04:58 GMT
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 60788
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 451E 0
0 35ms
34ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf5RxzvKmYYbWC42L9u8PoO2AyAHNwovtZuq4x_WLD9vZHhABINbOt05glYKAgLQHoAHfpNOTA8gBCakCQxR6v8VPtj7gAgCoAwHIAwiqBIQCT9A48TieoemazfDk9PbD7pN7-LqXWUZiprpmzogG3VQ2ZJIfns93CgxUfD_0WM6avffro8e8uKaJ9BVBmIlGyLFz4W8xwIsQy7dqKuFfumtyX0hXJHthkiAogGZuyS2Wtag0c_h7uCvOekvb7PZk1oQWHWZ4d646oHUtKYIaY7UCz6MswZr8V9xFLHFjmAYIYcS2trbRunRVE6yPgaiNLrIZ96Kw1lsWMXWgVangIOfpnhjP0jFogT27VDWBm_ZPwnBSK78HufttdpShkY6L_XYiVvgTb0GUbEgSJV994uxm-ZkNmMMuOn6rPpVld6jfzPRwWXnZvkiOGlABiwwiRhW0CEzABNDx6OS3A-AEAZIFBAgEGAGSBQQIBRgEoAYugAeJ26xsqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQxLwU0ggJCIDhgBAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTI4NDU0NjM0MzgxNTM3ODIYz9Rp&sigh=7KYzpdXxC4c&uach_m=[UACH]&template_id=419
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 451E 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:40:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 451E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 451E 119 KB
36 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Dec 2021 03:58:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 451E 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 03:38:21 GMT

GET
H3 200 img2.jpg
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 11 KB
11 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/img2.jpg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a43f1770b29491ce75b2b31fc89160be563726e06117498693299e2e1334b489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10876
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

GET
H3 200 img3.jpg
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 24 KB
24 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/img3.jpg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86297c2f055f491d40c32be608db8f179c45806bb49b05750919852629e1ef9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24495
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

GET
H3 200 cta-fx.png
s0.2mdn.net/sadbundle/5680777572656888565/728x90/ Frame DAF6 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/cta-fx.png

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d91d6727627a6b0c5540c941852e963f30c79ffd9f6779fbb3456036679e152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5680777572656888565/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:00:40 GMT
x-content-type-options: nosniff
age: 50246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 09:06:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 14:00:40 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D24B 0
23 B 43ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua_9rQHCRrzfXBSyK7D7bBGx8kBMr2CVYWmGprcD4h5UDfRiMEXD2T0ywvhJDPaC-AdkgMT5jL9px6rOQaG_zSJtsIL91mApm6TehRHWxlTOQ9Hd9e_R4XO6wPfVsO3mijCk8OW_yYSjMnnMEjs1cGxdhPZm7_nvujrCFuFfTmwZnZyeBuelXvh1iK4TcCTgNo2SaTOHYG-J1uUaZTWOOG-6hMvGO8ccOGUcKWKP9OvRH5durrjTqrn7xJHBWCouRcL3EZLsinGwnXHQHiW-pys4xAAh8YjRfsY4qYZPcgQjRJ9rBSmGqD2cYO9jTL7SejvRbTARQf_dGOw9_KWEFw48Ay2L0bm6ityojIQOLFdenEJflDkaWPUIXFIxDhcioHGJ8pLuQBryXkC09hdt-TjH_4XBoyFNfI-92nPv1miBcNEvL8fXPU58ODIw9SeMsFOwT4l1xKuXY5l5Zy2HrgDb_vVRyraaxjBvTVWXarJGGG0WN0IbzenjHcqcCuQ3B4VEn4S4obWYk6_pwgAl6TE0jc8lloD-20swpMF2VFsrKY93jvHxsXydnvo4NZPrq7VX3KFDPi5TuyM15YtM59PieohF6T6SuMhG1gsi9suBVUpTcF9Jsz4JXFNUForvzL0lW3gvv7QjFDvM1J9sPE0neVU0n1REUNOG_Li2a2VgQgO5qIl2ihFVcwnOAMevZZbcr7Id_NExlfh9mdxX49rewHAdU9fZmk4VAZy6YOB6qgWKY7cXzZ-4GzEBawx6TzdrdYyw2ER3YtRW4r6A1iLe3VVpNEnDB77aZ_2041ylfOkoUcGE0Hcanw2NFHa5DLGMAsDFBNWebJkPx4ES4m26SRS285hP2JcuY8ADYr28JUA1ENjc8oyKk8UtwIuVMRjXrbKUppvsohfpBsZie1DLaQ2JPD_mGAUyrqzAmEZqFqtx9RJmrNdeQkTlQgsHWOS0YJlnMnU0hUybrSS67IMojWGzsAG1s8OZ7P_N67czpbonOWqb6GGfNSKdjmV0Rwqm6FmmxbcIFJsljD-n9VXENnrjs7-Lyc-3u-xdo0HudhACqjpELyQJzVQNDZ3o67Oq5B4hhM7d-huX9-fZFu5eFdSf3aJwOo5vRC7q5WZcOUYfSDK7ypNQ0H4wx4PMy5Q0fR4kT5uEscuhN7vFIQ8ysL2kXfU4QcLDuOpkfmDEPYonviUgBQsa_6bpyvZT45muBz&sai=AMfl-YTz1hqBOPc-siFpAuSDSZDib2VXiDLQOKSBAUSxvA-VaXWshR0Dz2WRiP5WDAHFoi6P5U4FYwWv8h-XnpNeoODlqjAAJV_d1XUL3YpFQJM8peF_tkVerIE1Fuwe1X0oVAe8FzJYvzj-RGg2T596RG7PcrUs6g&sig=Cg0ArKJSzCuw6emSZGm_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=242&dett=3&cstd=67&cisv=r20211111.80628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9EA1 0
23 B 44ms
42ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame 3F8E 490 KB
89 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DFF1 2 KB
1 KB 90ms
16ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=136&ttfrms=21&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTar9EEADTbpTauTauh4dea527h2ehe4hg25_d__%6076%60d3262f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=578&ddur=9&uid=1638331086773435&jsCallback=dvCallback_1638331086773332&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=17&brh=2&sdf=2&dvp_epl=253&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.diarioceleste.com.br/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iZuGyfwQSJ3A9whXNivynd&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42847368&DVP_DBM_4=327229165&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=850394821177&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=4828961827.267788&dvp_tukv=219072302013.02896&dvp_uuid=405106776546.2174&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=979800739978
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d8e026f0ee58a2a116200b9bcee4a3b7369162163fe035b1c058276a47fa28e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/30/2021 3:58:06 AM

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4A89 9 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 01 Dec 2021 16:08:31 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4A89 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 01 Dec 2021 16:13:39 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4A89 236 KB
63 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 03:58:06 GMT

GET
H3 200 lyxor_climate_336x280.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/ Frame 4A89 63 KB
9 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac13cf1e5316b7b485102106a7d360417d9e1975be4d84dedcc6a84ac20d0b6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 546322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9232
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 20:12:44 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 20:12:44 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame BFAD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C

35 B
468 B

20ms
20ms

Document
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EE95
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5871054209374493530

42 B
210 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5871054209374493530
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug001:0:423
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5871054209374493530
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 78B3 43 B
334 B 45ms
15ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Wed, 01 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 589788

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

9ms
9ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=69287
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 01 Dec 2021 23:12:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=762361a6-f2ce-4b00-8ef3-835532d82ac7

0
260 B

64ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=762361a6-f2ce-4b00-8ef3-835532d82ac7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=762361a6-f2ce-4b00-8ef3-835532d82ac7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET

/
loada.exelator.com/load/ Frame C8DC
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=DF76A8B7-E559-47FF-B629-21A3FA94937C
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=81f4bbe6-2392-4623-a7c6-9b065981d726&icm
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY3NkE4QjctRTU1OS00N0ZGLUI2MjktMjFBM0ZBOTQ5MzdD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

68ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGXiVPPWRNVWv1lnoJmOMUI&google_cver=1

42 B
594 B

67ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGXiVPPWRNVWv1lnoJmOMUI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:360
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGXiVPPWRNVWv1lnoJmOMUI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C8DC 43 B
617 B 52ms
13ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 30 Nov 2021 03:58:06 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=

42 B
649 B

46ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:376
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Dec 2021 03:58:05 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4414064395881013374

42 B
234 B

12ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4414064395881013374
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:448
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4414064395881013374
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81f4bbe6-2392-4623-a7c6-9b065981d726

42 B
294 B

14ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81f4bbe6-2392-4623-a7c6-9b065981d726
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:527
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=81f4bbe6-2392-4623-a7c6-9b065981d726
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2797749063738055443&gdpr=0&gdpr_consent=

42 B
211 B

70ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2797749063738055443&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:493
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 913dad7f-5b75-44ff-8322-b308a68559e5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2797749063738055443&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C8DC
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK

42 B
312 B

25ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:394
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBD3 0
20 B 47ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiXH5zvKmYeOUB__D7_UP0qu1uAcAAAAAOAHgBAI&bg=!0NOl05fNAAZQLpa_UC47ACkAdvg8WvcVeUYqwCWK4USYtj0W3noxJuFeuCnlAVL9RmWHUrfFLkICDQIAAAEfUgAAAGxoAQeZAuGaCC8it_H5YCQuVwtv6X019QqqnPwAdaN47MUNOAE8shnGLD-1og3viUGSRFJULk_sF_nKB6zwxe3v6RjwGv9LmteBKNZOFfCia-6Zsuj6z_1kBMUPz7YT3NAtbyxCMJKKRT-y_krO7xDs0LOcaG3SNuFaA-zGPR_vUWfvU1kqCYdZ3q_nLeRmiLcR_rdpjLuMUyGdOKxJIOFEN2s2fxfjti-qHY7CnQzc1Jc2vFK048FC0NOpTOh6qfrHfp53p-JfsegW2MxGTDDJX0xTokullD7-7WmQYSIz6Q9RUkxcmmyKkmlbUtx1LuWCMNT75EjodcvE-3xDs775SvMYa33g5HbESYXKqZd4vOH0TTmVudANwTSgXX9A_9ZxbO3LdRsCnpt9PnB1aEmVY20QJqQuoTUXgjmSuYbCz6S-G9V_UR3nnJ-xYVuvYgpgf9wknz1qj3Tx4BOXRoZh4B2Mr_kyCyWP8cSYwAaxId6KoLMqQbHD2i9CBSJRVXD5w-qRi8yjp-3KL6JrFCysxyqPU1QPQD2KZ8HtnpAiTGoCrzngeSwPMSXiZlKNGv_EduhqhccM-aR-DRmCyqroe21gblAa8CAMnVhQf3IIgj95kjOuh3w1UU0Y8rq3SHbnWg3q-rB63feLeKewQ1RdzzHQlANS0ClOZXA6FokkavK4aM0YmfzimJdC_qiLwsxIoGkFfhdPNBb9ZYpmgW3xKSB2LxpBdlpfj6HJFLWNlUoeIOXLzy9xNHmiy1KgeUxbPcA_4s3SspEIa0DyoDqgsVwHoWgH1nkcPsXlHkMZvNr4JB-q7H3yS1I9lE8Jzl_Oj93RjZ-sNlWVSpzf3v6qWx7sf2V5wAaXZ3-wk6GDgR7el2pMj__wnqZUuwADeiX7ScATo5Hhsbu6om-0dJhqMgF9-D-CPzxr9Zz7m_SO6FPPtpfpOKVo6llqS2sBbqkjZuwWaPmI9X44Tt0DZY9V8tKmY2qYOg

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 490F 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B00C 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Dec 2021 02:58:29 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 451E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa751c03c47b3bc3ef8fae4deed4850800745c3154e875470a08daa77e43c339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/ Frame 5E64
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC7XyLyslK3nl-ZMUUDTqTU&google_cver=1&google_push=AYg5qPL_segQmbrg9oBn7qnecS6piQPv-f6Lyg6cM89BF0lDGuCyfix7CArrULN60uFKthGVrIK3XddLc9LwUwJv1iEU...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519723606990&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=Ag0EEed2RQGCbgBIrwpPiw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEGnhTJ4mxZenFBOhFElTMdw&google_cver=1

43 B
220 B

9ms
9ms

Image
image/gif

18.194.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEGnhTJ4mxZenFBOhFElTMdw&google_cver=1
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 18.194.4.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEGnhTJ4mxZenFBOhFElTMdw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5E64 43 B
72 B 20ms
17ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEJnKQYT4TDeRb2oV4KE5GsU&google_cver=1&google_push=AYg5qPKqX__51X6mmN5A8uU2xdIbY4JmRPJdrs4jXiIClw5YLSgqUSw4-1HC4vv57GL6LfW8FkaEq-YzM9eT98NbSCB82Q3Na-8

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 03:58:06 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5E64 43 B
351 B 41ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFpdoiww9-HkbskTfF8YiIE&google_cver=1&google_push=AYg5qPJ37LBls06h2AckLoOy0gscbk9x3WuuxGysDBi1mS_mKljGWos5CSO_hye26MJ-xlbFchMYj5CH4FhBS19HGMHaufJY5g0
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hs67ne06h8clucu0jieg7jill6kr6apj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E64
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHE2dOjt3EMU3wSD9ECPT95vXZ8vsGkKLKPAbFmTMN8kvkduts_cLs50X4w-nLIqUVGC84pIGoWyk7dIlP6ZnHL027MqE

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33aot-VZR_-2KSGj-pSTfA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHE2dOjt3EMU3wSD9ECPT95vXZ8vsGkKLKPAbFmTMN8kvkduts_cLs50X4w-nLIqUVGC84pIGoWyk7dIlP6ZnHL027MqE
date: Wed, 01 Dec 2021 03:58:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 5E64
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjox...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E64
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMUx6hYZMph3OCSDCK-Nig8&google_cver=1&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTMwNjQ5NTA3ODE2NDgyNzg3Ng%3D%3D&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nk...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTMwNjQ5NTA3ODE2NDgyNzg3Ng%3D%3D&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTMwNjQ5NTA3ODE2NDgyNzg3Ng%3D%3D&google_push=AYg5qPJENIH_6ZUq6E5oNw2ixB91f3j7bSf7Aj4zjFufaLHLE9Bwb-JeM1nkYbma3oJpfaQXuABjvtqjGr-x4QutAL8VlldVCrw
date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5E64 43 B
72 B 21ms
18ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEK3jdLXIsx0C4MBXOOEGyAY&google_cver=1&google_push=AYg5qPKKR-NlaRW3C_HBwboYu9o2TZ4HU8Vt3XVgiw3IbHr4n7P5OZ6f-AhRiYNrMmQ6BS8WkoUmGzoXt5E2tQhq-gFYVPNCBf0N

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 03:58:06 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5E64 0
12 B 19ms
16ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHHNbHLjn4jS8mOI8eACqFvxMUUQIBuIKsF4QybMXJOPDsTEsSkgGgNthxlT4LlnVHR1s0ZQ

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A9C 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 3F8E 2 KB
1 KB 15ms
14ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=127&ttfrms=6&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5%3A2C%3A%4046%3D6DE6%5D4%40%3E%5D3CTar9EEADTbpTauTauh4dea527h2ehe4hg25_d__%6076%60d3262f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=578&ddur=9&uid=1638331086865846&jsCallback=dvCallback_1638331086865500&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=17&brh=2&sdf=2&dvp_epl=253&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=4828961827.267788&dvp_tukv=1403774643086.1287&dvp_uuid=664104930.727126&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=232958069816
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: c0fec1765005f1b382dab221f83a1ad761d29f811155db354c59712f127d319c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/30/2021 3:58:06 AM

GET
H3 200 CO2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/CO2.png?1634656093142

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c609f8f7819028f762fe27174c582eefd962575a444804f97db9ea7ccd96e72

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 597854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:53:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:53:52 GMT

GET
H/1.1

200
OK

event.png
tps20237.doubleverify.com/ Frame DFF1
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tps20237&param=akipv6&impid=912073241ed34a308d34042d8e0ffdcc&cbust=1638331086950213
https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&akipv6=2a0f:9441:5:0:e5::1

67 B
322 B

43ms
7ms

Image
image/png

213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 11/30/2021 3:58:07 AM

Redirect headers

Location: https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&akipv6=2a0f:9441:5:0:e5::1
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

event.png
tps20230.doubleverify.com/ Frame 3F8E
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tps20230&param=akipv6&impid=182aa42d19e4490884e6e729e6deb3a0&cbust=1638331086983978
https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&akipv6=2a0f:9441:5:0:e5::1

67 B
322 B

40ms
7ms

Image
image/png

213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 11/30/2021 3:58:07 AM

Redirect headers

Location: https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&akipv6=2a0f:9441:5:0:e5::1
Date: Wed, 01 Dec 2021 03:58:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/CTA.png?1634656093142

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4197adb87563ca3d3115daa81275de9981a6c44a7202d1e27812da11266255f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 561635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1585
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 15:57:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:57:31 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame E621 27 B
557 B 127ms
78ms XHR
application/xml 185.64.189.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C&us_privacy=&cb=1638331086508&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diarioceleste.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diarioceleste.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-1%203:58:7&ranreq=0.8599749891836852&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12791799170335911211823775059%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B00C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Dec 2021 03:58:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Dec 2021 03:58:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 graph.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/graph.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9265b0be6fc386998ffc511173c64515af3d42022f299c4a9f9da0db98760654

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 60473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 11:10:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 11:10:14 GMT

GET
H3 200 legals.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 43 KB
43 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/legals.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

835daade5b8a4ea2d16c65460dc18a3f282fd0ed2782d7180d810b6c588893e2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 470974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44120
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Thu, 25 Nov 2021 17:08:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 17:08:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF43 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxuLpnWrd5LPNwTvCYF8vQxHvobOwPX3HXjM68G3ozbSXxfNJvF51qrhps6WS_oM4kwtS9FkTylRebLzRVwMHo2G8i505IYFtMMUJ1NSMa-vpbjK4C7w&sai=AMfl-YTAJo1HYQExk6iRVY6bW9PssNa_f2ORsQjx36cHKYINKifQkPXbZUx0JSoIi2nQFR2pRznQtZoKSpVw2GAOuPsbxLlDhchdqduy5ae3qa-Flf4Ngj35dUzTO7K-awT6&sig=Cg0ArKJSzKUIKZL5UVUnEAE&cid=CAASFeRounqvmQu3hCPOpBA0DQJV3F2mqQ&id=lidar2&mcvt=1015&p=931,266,1021,994&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2701482268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638331085772&rpt=255&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 legalsCTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/legalsCTA.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8d5bf17b662b28e16ea3ad102f602ecbd6268f304fdd22cd3e9d1d978ca6bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 598912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2193
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:36:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:36:15 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/logo.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85160a9664fcf8bbfe3868416eb491e740b55dde3136dbfd011d3b70fc31c71c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3784
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:50:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:50:40 GMT

GET
H3 200 logoPanel.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/logoPanel.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e500e895349a0dd1359c3e9abe2b65033329c9eec7aa858c16818a89ad92392

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 598019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1516
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:51:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:51:08 GMT

GET
DATA 200
OK truncated
/ Frame 460F 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 5F41 152 KB
36 KB 14ms
13ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 track
aktrack.pubmatic.com/ Frame E621 0
61 B 29ms
8ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638331087&wa=0&e=95&vc=2
Requested by: Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-length: 0
content-type: text/html

GET
H3 200 marketingPurple.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/marketingPurple.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee67a97d3b531bffdd313aba208e0c1e812648929d41e3b100bebdc83b41d39

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:21 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 97ms
95ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H3 200 marketingWhite.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/marketingWhite.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cfddec0a200816e689bbea5b7f4fab75166b768f382d5684bd3c9895941cd8b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 21:23:27 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 21:23:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 490F 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2NLxzvKmYayMEr3C7_UP4v6h-AkAAAAAOAHgBAI&bg=!i4iliMzNAAZQLpa_UC47ACkAdvg8WnEP8QodSqECex332_Xymb27Z_MkLx2QRwfiUgNV3N2PPr8VJAIAAADYUgAAABJoAQeZAt2a8BHjy2Zm-uu1PRjgmkEGHTAzywOSqxW7s8_UGe0ghF9wJRwmc_YoJ8Fs-5chI03P_2ITlVbIIqmogagzqSa5UD3vBmA1_cZ_yde0UAycLfILBgKgjmw6f0sqaV97QV5lXKHZyA-hPfygtF_IZjcnQLhFCcKWfcMk342j1k0kDYeas6hjSoTNOU9uxM4H9yDl_qIMxnuv_m07Wm6QkQT25WP6BnuWlX874pZY0ZzAoDS5gV_EEV0MTBrjKcJDO8-UNfOIsH6BzEZQq4QClsndzfxYm0B2IicZTAqELt0_2ER6QQ-dD07b7UgoP7NLh5cnXc8n1b-AHrFeHJS_y8teavjS7XEoSR9WHaxd3Q7djSqHOexOmhCAgGyp54EF0ag6RClTE0MIrBnC00Zw8Wn70Wr_4zVQQbcw2i-Jx4xvs61agk-9b7Npk_KZ12prBBsXIxQ3Ir7zzE7zB1T-P-8I5b6vRhUJKB5-kHGW4CUzzhrGPoyRxzv_X-59FDgytluWtDH17ezJWRBVQd7_rau5z9j-nae7tcfmEu8u4vio7_-DYo-IoXhTm0KMaVDGqiaHedJmQ4726qVFRb_A-DdgP6wUgOHgQF1iO0kRMwQt0qJFswOl4b0oVBNshz2YYGvSTWhZvbF_K9Ej1dlmG-t6U9sx69qzpwlBMSnLp6S-rrZvZcV8BypVCsB4-x-uRmR4j_wHiVDO9tPQIBRLSpSozx4TuUuBK5jecReL4CG_9PTznX7o_i20biw1UQRuqv8s4vYraFVHrLoYhqTKWvTBVpN7tsCFEqp0a_jDvMY8x3orKtKXXw1dydUr-g5h4SvC8AxJBQEWHego_qu2zWM4Nhq5GxWqYDKS_rp_e84kY2eMkbxJS12yaZujmCgg-mpMAu_Ur4oQZr-a9WEaeyEqE54lr6vsQxtoFHMWmyv3YV37_Iv5SVrtdoNdVHZIlMyAkCPAgyS29IrU7feU

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7D4E 38 KB
14 KB 12ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=55297
expires: Wed, 01 Dec 2021 19:19:44 GMT
date: Wed, 01 Dec 2021 03:58:07 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5F41 38 KB
14 KB 12ms
11ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55297
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Wed, 01 Dec 2021 19:19:44 GMT

GET
H3 200 percent.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/percent.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7353f59c80267b53f0279a88b5cd10f38df89ee70e8e2d0764c8e4cd04bf643

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421748
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1771
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:48:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:48:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A9C 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlXxwzvKmYf7uHJCNgQe1hYawBwAAAAA4AeAEAg&bg=!d3SldDDNAAZQLpa_UC47ACkAdvg8Wp09lMRKOglZkYsPOSFFn4qKvXNS-TbFR_UP5FVnkEfxNjOVIQIAAADfUgAAABVoAQeZAuKZ6NU006XxDOpjP-F9-l8J09Q3zDd2JZqSYUUF-Zatarpbhu38OBgbTxFxKdrWneFSYIEFAPZnHqGIBNVsRpqN5FPva0WD-Gpwwe82QWkTVxZGLh_uHYKuAGj4_PMv_IYnuA10q1DDeH2aGnT9aQcvghgmfa3gzVaIsXxqThaOr1RHBTbFJSvOjq6yoc2mw-vW3ajGOgv3UcbGm5mczShcp6ifBOa6SHYoN3wBn97eDhR0CgTWu6XgTMiLO3gzxVTfSVdOBR0NQsWhOVJ2QC1b0Hk372X6QuaEBQGjt_JUGdnpLRZAMQntsUnU_68z8NWE9mpRnLw84uKS2zRC1GFNmZ_u_ZpRLEQMJoJ2XD3NDWO4XQazRzyCi_-q0wCQblHgvKCVa5XT_jxlDiz5a1PPY2DQ9KnVK9iGRUK8txueFWRNHNF2lYZahnR_qETNmc6feKH0iQg0-hCvW1SvGx0x9mvTE1RCqFdDV8-a9bfHVxlwYgbkGpRM7b409VHqEGsSDeP7qP25e61D6xDA1go5-SVjiCu5j9Ixdk9EubMnT2pTwvwHZirsyqMZa5POy5qbxJLq-kokva5h8Y_jiYvCSJI-poKLZTcsl8upCqAK7QrM9wFZmPmV_IFkDYMProkix_8DKx7ZKZH2LLQyP6ehKtjHt8uW9TS0Fw1Z--BZVRHgOpLqGe2oJC7HkPnRSUriAdqRHKZLlcMlg7H55wMecmqqCajIXlB-02gFT-N4inG3oKU9TVe1WixBGjxJMPDgFo3Ig3vy0YylVtnUDOwJoRt5tzc2F48kZBAUS7awcgrnEKCKkaC_tJnCyE3QEWswldspEKIaZYTIMZQ_A-S55-xCQD1RAILOafcj6r1Js3NvMv-1vnHSpvAgisbcqPDNz8_hkWiyrRp6dMg8lpn2CgkN-rxBzw7uBDiycrRxWdwRDOTgN9flerip5FO6S2V_SZFMuKGtWUpV5Dnkr4tL1OI

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 text01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 4 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/text01.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8684d7c52d32980263f516fd9eb038737895a11b39fa06c240e82338484de5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 560945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4592
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:09:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:09:02 GMT

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 6 KB
6 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/text02.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c1470a0414fc28bde187abf7cbd64d6046589d3147e50bd6e913c283a9a7916

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 597848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5826
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:53:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:53:59 GMT

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/text03.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c8f5ba5a33a30b418ca65d91f2e8631c855f1348e8e3d3b66e0b1b9579a93

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 21:23:27 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 21:23:27 GMT

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/text04.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94e620b69282c26c52017aebc0f03ebe9452ec5cbd5900a2c445f78048648d50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1860
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 10:58:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 10:58:11 GMT

GET
H3 200 text05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/text05.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c0b66e9609f81249a372521027e9da67e95dd965160c5dff78c16a6364fc25

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3173
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 10:56:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 10:56:41 GMT

GET
H3 200 Tie_00000.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00000.png?1634656093142

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d86ba42aff88f249b7eb43e9e7758ccf273457f537ebb11d07b17af5b1a4e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 562036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 15:50:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:50:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70417d885beba08dd0d5ad1cacd561cb4fbecbf69e81cca8b6ae36d8e4301fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9244
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 01 Dec 2021 03:58:07 GMT

GET
H3 200 Tie_00001.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00001.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b7c986e925be26a11b25dc3cb1892ba51118ec0a2c95576ecdb553e1cff614e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:50:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:50:39 GMT

GET
H3 200 logodiariocelesteazul.png
www.diarioceleste.com.br/wp-content/uploads/2021/01/ 26 KB
26 KB 17ms
16ms Image
image/png 2606:4700:3031::6815:11c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diarioceleste.com.br/wp-content/uploads/2021/01/logodiariocelesteazul.png

Requested by

Host: www.diarioceleste.com.br
URL: https://www.diarioceleste.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35427bee7326b9125939440515fc52b3ec2228de0280561c62a1f3e1e29e93d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2921409
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Mar 2021 13:39:29 GMT
server: cloudflare
etag: W/"60423491-671c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOubW91RWAR48hPb0aA7T0CzNW9OnmwKYWEiNXwX2nRgMgcs2wLUtHbmqShphxsWDIlzIYk17accxclqjEQ98NEwWrnMdLNXqClcvPgZ6ObNXU%2BV7Mr16Vx3PSV2VlCKpJn3zlFXglm0hQyz7tqx0jRzZlj1cxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6b6965304d29d711-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Tie_00002.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00002.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da19a7346f0674bfcdbc1161079cb16b92b5ab527847a47ed1fbba95924bc9f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 579337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:02:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:02:30 GMT

GET
H3 200 Tie_00003.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00003.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340ac1e11d1d0914370c0cebc355151257668cc492887577b087a77da82bf98d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 21:23:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 21:23:28 GMT

GET
H3 200 Tie_00004.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00004.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989b20a9c6018d3f2de9377f94034ab0959c1299fc892768caa0af4a13644cbf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 562035
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 15:50:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:50:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6A54 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 30 Nov 2021 20:36:20 GMT
expires: Wed, 30 Nov 2022 20:36:20 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 47DF 783 B
536 B 18ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77eed2c6afa5de766a8f37dace0298efb76681dbb2a0aaed3e6f54ef20c4ec43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mYTT7+/nvRzNXNaG0JUMfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 01 Dec 2021 03:58:07 GMT
date: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mYTT7+/nvRzNXNaG0JUMfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Tie_00005.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00005.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03591d1f7c6491e2f47458007ae69ae8827c89c0aaf0dbcaed8a60d90b74b02

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 578712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:12:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:12:55 GMT

GET
H3 200 Tie_00006.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00006.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1270970aeaa9f6843dab63421c1328d05124083084c17dcfb9ffc2d954d4e285

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:24 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:24 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A54 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 23:07:43 GMT

GET
H3 200 Tie_00007.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00007.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

954bfa46d252b19670e7ce30f070e15c11515259a41220be260833bc9d9ad30d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 577935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:25:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:25:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 47DF 0
0 58ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2978480186622626&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 Tie_00008.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00008.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca83f6c91fc96a55e97300e35938c6b1ece61edb0c5c170009622fbe8bff2ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:46:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:46:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D24B 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7NKtiQr9ADsazKfhm_eoPbFtQakKJS-TGjiSAiLdSBcZ56FssZWI08NQQ-vtmQ3oOfnV-sQOf2RRJoSYAkdux4lFpgamNf9Z-m9hkwwBLApQCxNVi_Q&sai=AMfl-YTrHZxt2qt38pv4kCE8s01y_UgvLHewHuzg5JcDeCN9SO6vKY_ahW-WJkx8iu_GLteIGDs0YRY6gSOcmyOt3hdbjvwIWrpuDU8uUZhBdAoFI3pIfQQu7PZnfwE&sig=Cg0ArKJSzOjJFUh-P-esEAE&cid=CAASEuRo4l9g5ons138MbGjb6NuTGA&id=lidar2&mcvt=1012&p=1110,436,1200,1164&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3635015924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638331086220&rpt=266&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Tie_00009.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00009.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4805df4268f9d8dd7aabd5a9a9ff7c1f83f2fd2bbd03908538ec1decf2bd4fe9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 422256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:40:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:40:31 GMT

GET
H3 200 Tie_00010.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00010.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67faa4ae3b67493c323a6571fffce4ca47c1c5e544a5517664136cebfb142cee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 597982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:51:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:51:45 GMT

GET
H3 200 Tie_00011.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00011.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2454e659567ca1f715e850a86e4a6bf630b59df3b3bc92468ed55092184514f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:24 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:24 GMT

GET
H3 200 Tie_00012.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00012.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad4e92c60d99539743ecd428f0cfa1a5d08e38c9c2c585e6dcd32a776467618f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 21:23:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 21:23:28 GMT

GET
H3 200 Tie_00013.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00013.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e4ece42b03c3da15c51aadcc8e9366c98d85121fab08fb2e8580e906b3a1771

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 598526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:42:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:42:41 GMT

GET
H3 200 Tie_00014.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00014.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1372e404f608327da016299b644fbf42bfc3c97929c029d48f348bcea2b70c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 422752
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:32:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:32:15 GMT

GET
H3 200 Tie_00015.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00015.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aa7513aa8098b717a0761605a349ddc2e24d2598d069df389b8a88d7d1f0147

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 560940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:09:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:09:07 GMT

GET
H3 200 Tie_00016.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00016.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

739cef2e2541380f02906f6b85b492897200f26091445ffa9fbf9b66d25819f8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 578572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:15:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:15:15 GMT

GET
H3 200 Tie_00017.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00017.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

305f88cf3f53f8c43f0c1d19cc5e4214732f8e1a65d89024cfb17d7afb819922

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 577934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:25:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:25:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2978480186622626&bg=!6Oul66_NAAZQLpa_UC47ACkAdvg8WpBRekCFmGA0ODggd-PRdpl7zXNpId4PEIp1IPkUAvSkEGupfQIAAABvUgAAAApoAQeZAoUzkFvQOkk7QsHQFHsEHfLRd1IV3kIaA1snCdJsV18cDzJkemTkAujJjGTOIVQYKhZp3VNOHyBIC1AvAgDzv2DNsB5TVmrdD8gwVi7Y3pf2LUGDQugphyhM72PbglqyPRkP7IByYnsFDVONYk4SiIF9SodFWu_Upo4GJFLnoA66yRU35HklT952lYoBvicugC8SSRgcVaBTWBIDHBhkJR7RGeAvH8Pci4Lmv3qemUCgp8Zp1UFGzXtIL_KLlneTmj8ZGtZw3PfAuhSbisA7lg736EwsRP5O9j0IDUe0cstpGbgLH3sNgRWQaTDiTOF5VLGd_qvTDo5ZS6fVuRb14AfQZw4NvwuzD98lWUIeG4JCYgXwhGP6WEy2SmG1X5gRNg_ItQ4DqCKKXwwCb7-L6CuT6hLIw2fpUdeCcegEijwZXbY5mS9goMAUv_2qlHlJk9BSNB6-elbM5lfJGqrDEDfuG-bPKagHwf04zBlt9GkCC1dXkF0y5eKiUf0bX4TFKOs0EeXCiPXF3jkCbgIQqKApvp9aT_vbP1MBTg-XXoq_ijYyLNDp4Ds5w9yvzkeWakRmoq0SLwhUZFM9HoLNH29-hV_eqZinLSdP4v_V67OQLx574mQd8-DzQghMPSI0L6QmrRbwE_Pe9LNHQi05GUxePQ9M1XgSneE_P5hx578LCMAiNYEqkGmBywEctgjSd5HEwRDu0nld9wjbfgpAL28e_mGoueW_T-N947QxY3Kjw8KVD60EOslVgBCYFTYti3tJFdLXi7YA2oskZg24eqNKiIdI4kClsGcmOjjCzrepPhABLVaYtJ__-39Po64GyI1rYYLHIhvQphSH62anAel6gK-o6CU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Tie_00018.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00018.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1eb047759883d34168d1da99d0dde396a2e7757c9d45a30b1848ac397d96d7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 29193
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 19:51:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 19:51:34 GMT

GET
H3 200 Tie_00019.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00019.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0503eb589c02a668162ea686de146f2cb56bb4278a4ebed33d76377d62e17f17

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:53:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:53:00 GMT

GET
H3 200 Tie_00020.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00020.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1d35651b8ec9b5fe6f9692c7ea01b6876402f4ac478b9d60b21ae7919d2420

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 474688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Thu, 25 Nov 2021 16:06:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 16:06:39 GMT

GET
H3 200 Tie_00021.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00021.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c606177a3fda760fe20ef711c1dd18edfca6bc46e97f9d16a183bb4096684cbc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 446106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 00:03:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 00:03:01 GMT

GET
H3 200 Tie_00022.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00022.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fef318e1c870fd934db6ff4c77a1a5483f5e21c9829b89fe9328129f13b20cec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 422752
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:32:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:32:15 GMT

GET
H3 200 Tie_00023.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00023.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9534a6484c8789aefe4dad13cfe36ae547de32bb167f3399db1f9bedf4edb25

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 422752
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:32:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:32:15 GMT

GET
H3 200 Tie_00024.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00024.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d33a5168ed0f2cc66fde8550aac207fde970b43ae64468eeff6d90bb2521155

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 599017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1038
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:34:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:34:30 GMT

GET
H3 200 Tie_00025.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00025.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd1ea6ce7921bbe164d7dad7c10ec31cd809052f39fac8991b8a2d0d470859d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 577933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 11:25:54 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:25:54 GMT

GET
H3 200 Tie_00026.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00026.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9eb336660411f4788017d6889cdb83f50b8ae3eaced4a56994520677fff3085

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 59647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 11:24:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 11:24:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 5F41 27 B
130 B 60ms
60ms XHR
application/xml 185.64.189.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C&us_privacy=&cb=1638331087202&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diarioceleste.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diarioceleste.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-1%203:58:7&ranreq=0.7306536862783486&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C4286517091279179917033591121%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 Tie_00027.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00027.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a45e91edd48c917ed3a28e199a57c678fe360fc3bd54a84979d9228769baa9a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 560937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:09:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:09:10 GMT

GET
H3 200 Tie_00028.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00028.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f35f36f3a4874ba16dbb09d16259f3e8f40cc2daba99662e72bcfe3ba77c7fb0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 07:00:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 07:00:47 GMT

GET
H3 200 Tie_00029.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00029.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d00065664af3b1c28ba9f9227afef21b6313df30eb620fa2cf3c09ff0ad1d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 560937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:09:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:09:10 GMT

GET
H3 200 Tie_00030.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00030.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

373ff49c2adbe1aa2ad17a2aa39bcd532b1d5fdb84de5ca39352de6a671bae06

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:25 GMT

GET
H3 200 Tie_00031.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00031.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a6748fc67ecd0a99c12a290cf706fc9c68e90a313d43ea0ff7f392d68e30857

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 546248
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1108
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 20:13:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 20:13:59 GMT

GET
H3 200 Tie_00032.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00032.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66b49bbd40bd678fa9fd0359d82041423d8ce27ca10cf797125ea6c6a341020d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:25 GMT

GET
H3 200 Tie_00033.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00033.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca018461a93470dfdaa23bd51a821ceb5974a581a00927640dc4125ab0b794a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 558813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:44:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:44:34 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame F926 495 KB
87 KB 62ms
8ms Script
application/javascript 2600:9000:206f:b200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 984379
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: AfhdiJtVMy47Kn8AcGu0m1DOvDvJTxhP9LZY4hrbzBHC4wGepIRYmg==

GET
H2 200 track
aktrack.pubmatic.com/ Frame 5F41 0
61 B 7ms
7ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638331088&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-length: 0
content-type: text/html

GET
H3 200 Tie_00034.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00034.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e650abaecbfe86b6ced4592cdbff20ce1fbc47e8b4a954dfc880863cca3494c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:25 GMT

GET
H3 200 Tie_00035.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00035.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d58307e227d262afcf84484cc627616d942fc8551c6f48050b97998a5dfe2c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 562150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1109
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 15:48:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:48:57 GMT

GET
H3 200 Tie_00036.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00036.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adc1d84cde973fc7ac766f9d378c88f73428d3e6c4ec45e9b9dd6e27171ab1b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:56:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:56:28 GMT

GET
H3 200 Tie_00037.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00037.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6f59b42f7668f33fd6f36cef8ed8e2aaeb4bc302e3f09bb406ead0349ccfc8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 558812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 16:44:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 16:44:35 GMT

GET
H3 200 Tie_00038.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 10ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00038.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab334c0eb81464ee8990501ce28c09a99048e65be89c184c72af1d760b041720

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 451E 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTEL2RcTq5TlIGVOWI7DqhEPsWJYFU9_KPp063_FjWTpsV7PEhBihjU6lD1BLJJXt0a-c0YoKtvoy9wihz3K_YXSys2IOGvmFvz-2GYwB8Ci2qa6u_Ug&sai=AMfl-YT19qsdrHvf1lZw_Jc1AkqEgOQyaHC9D1_Fu71JYiEmCUYxEmgPLpnYRM5QUhme1veZzsbdtAxv8m0wO-L_HoIk4C9PQlBdfwuXeB50nb2reE1vpw8EP_6wOfGY&sig=Cg0ArKJSzB5CIZZsD76fEAE&cid=CAASF-RoSt9zzvKuENd8tx0tuPYLatGpKrwK&id=lidar2&mcvt=1007&p=324,1010,604,1346&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3922882899&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638331086515&rpt=315&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Tie_00039.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00039.png?1634656093142

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea99adea4a43fccfd001f1fe90570cc33cfeb6fcc219d81ed7fad2f61ba161d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 60327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 11:12:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 11:12:40 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame F926 968 B
857 B 9ms
9ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c865e2e5b767da1aaad2f67b8b4532d403c34526c788a9b8b9183d3aa6021710

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Wed, 01 Dec 2021 03:58:07 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame F926 0
225 B 8ms
8ms XHR
application/json 18.194.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.154.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-154-127.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H3 200 Tie_00040.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00040.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a776dd2fdb00e7f8738cd10841337b63149d867a2091928ce6c105a6b22630

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 421244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:57:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:57:23 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6090 152 KB
36 KB 16ms
15ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 Tie_00041.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00041.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0b063b5bf6a79f12d2ba7dd2ab0daa100b5f0389d9108ac387572a8a3e81fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:26 GMT

GET
H3 200 Tie_00042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00042.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f38e7a7ab34085d381299020a6cfdd196cfc31e995ee842a690961d7853464

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 01 Dec 2021 00:02:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 00:02:26 GMT

GET
H3 200 Tie_00043.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00043.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0491344ed95e539b258774152adfb84b8f318437faab0858edf67ac69c2e7099

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 599307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 05:29:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:29:40 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 42E6 38 KB
14 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=55297
expires: Wed, 01 Dec 2021 19:19:44 GMT
date: Wed, 01 Dec 2021 03:58:07 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6090 38 KB
14 KB 7ms
7ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55297
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Wed, 01 Dec 2021 19:19:44 GMT

GET
H3 200 Tie_00044.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00044.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d41515afecef8a085491155875b146864a33c91775e3a002244b6cfbb48fe6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 470971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Thu, 25 Nov 2021 17:08:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 17:08:36 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 96ms
96ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:08 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H3 200 Tie_00045.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00045.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae1b47cdae67376267dbd2ee5d87d17aa94c977dd355db86f52aa1f015830c9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 463019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Thu, 25 Nov 2021 19:21:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 19:21:08 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 42E6 2 KB
2 KB 12ms
12ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25687006&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ddbd36cd141c78fc72cd12544076befd1cdb1afd6410eb9299794dd54e0b5944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2046
content-type: text/html; charset=UTF-8

GET
H3 200 Tie_00046.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00046.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f7ebc1dd945b73ea2089bce54cb69c929e2cd753e93a7cbef591bede7b6037

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 422128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Fri, 26 Nov 2021 06:42:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:42:39 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1688
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036578434397829259

42 B
367 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036578434397829259
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug003:0:447
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 01 Dec 2021 03:58:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036578434397829259

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 286B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yaby0AAIlrEttQBR&gdpr=0&gdpr_consent=&_test=Yaby0AAIlrEttQBR

1 B
234 B

13ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yaby0AAIlrEttQBR&gdpr=0&gdpr_consent=&_test=Yaby0AAIlrEttQBR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug004:0:409
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yaby0AAIlrEttQBR&gdpr=0&gdpr_consent=&_test=Yaby0AAIlrEttQBR
accept-ranges: bytes
date: Wed, 01 Dec 2021 03:58:08 GMT
via: 1.1 varnish
x-served-by: cache-fra19127-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1638331088.137423,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET

pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 1033
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8322
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
88 B

13ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:06 GMT
content-type: text/html; charset=utf-8
x-lat: amspug012:2:246
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Wed, 01 Dec 2021 03:58:08 GMT
server: _

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 42E6
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF76A8B7-E559-47FF-B629-21A3FA94937C&addseg=19,36,42

43 B
43 B

61ms
14ms

Image
text/plain

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF76A8B7-E559-47FF-B629-21A3FA94937C&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
content-length: 43
content-type: text/plain; charset=utf-8

Redirect headers

date: Wed, 01 Dec 2021 03:58:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF76A8B7-E559-47FF-B629-21A3FA94937C&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 42E6
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

21ms
21ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 77.243.60.138 Ballerup Municipality, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
frontend-id: 12
location: /pubmatic/1/info2?sType=sync&sExtCookieId=DF76A8B7-E559-47FF-B629-21A3FA94937C&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 42E6 95 B
454 B 39ms
21ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DF76A8B7-E559-47FF-B629-21A3FA94937C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6b696534194d073e-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 42E6
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=DF76A8B7-E559-47FF-B629-21A3FA94937C
https://a.audrte.com/p

68 B
617 B

93ms
92ms

Image
image/png

34.206.28.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-28-97.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:08 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 01 Dec 2021 03:58:08 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 DF76A8B7-E559-47FF-B629-21A3FA94937C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 42E6 43 B
871 B 120ms
38ms Image
image/gif 2a05:d018:d29:3602:e219:12f7:637c:c071
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/DF76A8B7-E559-47FF-B629-21A3FA94937C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e219:12f7:637c:c071 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 42E6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF76A8B7-E559-47FF-B629-21A3FA94937C&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uCX_MGBE2uW7duddYNzr4x.t_Lnqang-~A&gdpr=0&gdpr_consent=

0
128 B

14ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uCX_MGBE2uW7duddYNzr4x.t_Lnqang-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uCX_MGBE2uW7duddYNzr4x.t_Lnqang-~A&gdpr=0&gdpr_consent=
date: Wed, 01 Dec 2021 03:58:08 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 42E6
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=020d0411-e776-4501-826e-0048af0a4f8b
https://x.bidswitch.net/sync?dsp_id=4&user_id=a031bb8c-1d07-414a-ba46-b3920170b40b&ssp=pubmatic&expires=30&user_group=5&bsw_param=020d0411-e776-4501-826e-0048af0a4f8b
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

13ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:410
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=020d0411-e776-4501-826e-0048af0a4f8b&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 01 Dec 2021 03:58:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 42E6
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9166458971282832915&gdpr=0&gdpr_consent=&us_privacy=

1 B
186 B

13ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9166458971282832915&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:386
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9166458971282832915&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 42E6 0
103 B 21ms
12ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DF76A8B7-E559-47FF-B629-21A3FA94937C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 42E6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
359 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:391
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:07 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 Tie_00047.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00047.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8472cca6f1af5645dcc26142e27b1623ba57af3dd7cc48a318cf2f26d7cab336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 470972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Thu, 25 Nov 2021 17:08:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 17:08:36 GMT

GET
H3 200 Tie_00048.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00048.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b03c18c132f22270aac47d634459f9be9fd8f444ebdb7718c03f356000ea3c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 562433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Wed, 24 Nov 2021 15:44:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:44:15 GMT

GET
H3 200 Tie_00049.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/ Frame 4A89 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11360513469383436707/lyxor_climate_336x280/images/Tie_00049.png?1634656093143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd106a0ecf2e04710f9bd05275db4c07edfcd44abcb8db181be608a99fb343

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 23674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 11:13:58 GMT
server: sffe
date: Tue, 30 Nov 2021 21:23:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 21:23:34 GMT

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame 9EA1 807 B
1 KB 42ms
7ms Ping
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=240a5c3f209b432ba0d2049c75cb654e&pltfrm=Linux%20x86_64&cbust=1638331088350953
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/30/2021 3:58:08 AM

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6090 27 B
0 63ms
62ms XHR
application/xml 185.64.189.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,&us_privacy=&cb=1638331087949&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diarioceleste.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diarioceleste.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-1%203:58:8&ranreq=0.4937948719283274&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085332,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame F926 0
123 B 314ms
102ms XHR
text/plain 3.128.15.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=8d54c2ff&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.15.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-15-210.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame F926 0
61 B 8ms
8ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638331087&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
content-length: 0
content-type: text/html

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame BD20 495 KB
87 KB 7ms
7ms Script
application/javascript 2600:9000:206f:b200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 984380
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: aUcU7D-zZY1R4ziXDVHj1HxMHJ4uqOyG7iqHx6Vly24wCJDiuUPPgg==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame BD20 968 B
856 B 10ms
10ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 76be53246679b9e9b17455e1518403e2013531de497ffbf1869a0e628993f8be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:08 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Wed, 01 Dec 2021 03:58:08 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame BD20 0
225 B 8ms
8ms XHR
application/json 18.194.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.154.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-154-127.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame B2FF 152 KB
36 KB 20ms
20ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0670 38 KB
14 KB 14ms
13ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=55296
expires: Wed, 01 Dec 2021 19:19:44 GMT
date: Wed, 01 Dec 2021 03:58:08 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B2FF 38 KB
14 KB 13ms
12ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55296
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Wed, 01 Dec 2021 19:19:44 GMT

POST
H/1.1 200
OK event.png
tps20237.doubleverify.com/ Frame DFF1 67 B
465 B 9ms
8ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgB=142&vdur=91&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=9&tetms=7&msltms=19&vltms=91&sei=289&vetms=86&engms=1&engisel=1&ttfurm=2197&cbust=1638331088951549
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:08 AM

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 98ms
98ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:09 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0670 2 KB
2 KB 13ms
12ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56791291&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 22b0a2bd3484b0139eaa8510a90ce62fc7d0b61ee2973ef1e4b199895cb3601f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1735
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK event.png
tps20230.doubleverify.com/ Frame 3F8E 67 B
465 B 15ms
15ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=76&vdur=17&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=9&tetms=6&msltms=15&vltms=17&sei=290&vetms=100&engms=1&engisel=1&ttfurm=2126&cbust=1638331088986445
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:08 AM

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DD9B
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674074957
https://sync.1rx.io/usersync/tradedesk/81f4bbe6-2392-4623-a7c6-9b065981d726
https://sync.targeting.unrulymedia.com/csync/RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003

42 B
384 B

13ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:464
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003
etag: RXb5ea57736e694f1a94e93fbdcf66c06d003

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7B6B
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ka4watdtAeutogcHaBXnX6Du

42 B
371 B

19ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ka4watdtAeutogcHaBXnX6Du
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:429
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Wed, 01 Dec 2021 03:58:09 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ka4watdtAeutogcHaBXnX6Du
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 19BF 15 B
916 B 183ms
19ms Document
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b69653b393f6957-FRA

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 5999 43 B
277 B 206ms
24ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: erebus-ff7bfd829a2e@version_1.358
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 0ms
Date: Wed, 01 Dec 2021 03:58:09 GMT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 16CE 43 B
408 B 163ms
12ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Wed, 01 Dec 2021 03:58:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2B2C
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

36ms
14ms

Document
text/plain

151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 01 Dec 2021 03:58:09 GMT
via: 1.1 varnish
x-served-by: cache-hhn4067-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638331089.191695,VS0,VE8
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Wed, 01 Dec 2021 03:58:09 GMT
via: 1.1 varnish
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638331089.153195,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 3360
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
417 B

172ms
172ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b69653c3e294e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 13
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b69653b2d724e08-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 0670
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4133454471
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DF76A8B7-E559-47FF-B629-21A3FA94937C

0
268 B

41ms
19ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DF76A8B7-E559-47FF-B629-21A3FA94937C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:09 GMT
via: 1.1 google
last-modified: Wed, 01 Dec 2021 03:58:09 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=DF76A8B7-E559-47FF-B629-21A3FA94937C
date: Wed, 01 Dec 2021 03:58:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0670
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ee2ac840-1afb-479d-9c2b-ea91ae3da3e3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
187 B

13ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ee2ac840-1afb-479d-9c2b-ea91ae3da3e3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:09 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ee2ac840-1afb-479d-9c2b-ea91ae3da3e3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 01 Dec 2021 03:58:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0670
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2797749063738055443

42 B
110 B

13ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2797749063738055443
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:293
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0ca2beac-67c4-41a5-9c99-519758a0491d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2797749063738055443
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 0670 35 B
238 B 189ms
30ms Image
image/gif 54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame B2FF 27 B
0 180ms
180ms XHR
application/xml 185.64.189.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,&us_privacy=&cb=1638331088935&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diarioceleste.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diarioceleste.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-1%203:58:9&ranreq=0.2285915015624569&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0,1!vidoomy.com,52453,1,1638331085333,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:09 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame BD20 0
122 B 102ms
101ms XHR
text/plain 3.128.15.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=5ec14620&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.15.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-15-210.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame BD20 0
61 B 7ms
7ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638331088&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:09 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame C89B 337 KB
114 KB 100ms
19ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop010.ml1.t,1638331089.cds209.ml1.shn,1638331089.cds209.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 96ms
96ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:09 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame C89B 25 KB
25 KB 113ms
26ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1638331089887
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:09 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop012.ml1.t,1638331089.cds202.ml1.shn,1638331089.cds202.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

pixelSync
pixel-sync.sitescout.com/dmp/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=77be93f040989744c28fdd7d46c8504d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l21ce_7036578451570069572
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTHYB8CuZ7k2sPQSL-ot1s&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=81f4bbe6-2392-4623-a7c6-9b065981d726
https://pr-bh.ybp.yahoo.com/sync/stickyads/77be93f040989744c28fdd7d46c8504d?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2797749063738055443
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACrkE07DTeYAACtY6DCPLQ&gdpr=0
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yaby0AAIlrEttQBR&gdpr=0
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=9166458971282832915
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame C89B 301 B
866 B 19ms
18ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1638331089843009-553
Expires: Wed, 01 Dec 2021 03:58:09 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame C89B 67 B
730 B 119ms
118ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=0&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C1279179917033591121634953366%2C%2C&vav=6506c2d58a3efce55a925d39de67cefc&vaviv=429ac579c84d28fc2d801f1f7e931ea2&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638331088961095-584
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331089020094-546
Expires: Wed, 01 Dec 2021 03:58:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

289ms
95ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8Q0AKGNZVQ50TF5BXG9Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331089020095-546
Expires: Wed, 01 Dec 2021 03:58:09 GMT

POST
H/1.1 200
OK event.png
tps20237.doubleverify.com/ Frame DFF1 67 B
465 B 8ms
7ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=28&isumms=28&isvelg=1&nvr=2&isgmmims=28&isgmv4mims=28&elmtp=6&isbxdms=2232&b0=2391&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2391&sftb=2391&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=27&dvp_dpr=1&cbust=1638331089950501
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:09 AM

POST
H/1.1 200
OK event.png
tps20230.doubleverify.com/ Frame 3F8E 67 B
465 B 7ms
7ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=9&isumms=9&isvelg=1&nvr=2&elmtp=3&isbxdms=2209&b0=2406&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2406&sftb=2406&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=9&dvp_dpr=1&cbust=1638331089985105
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:09 AM

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4BBE 337 KB
114 KB 20ms
19ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop010.ml1.t,1638331090.cds209.ml1.shn,1638331090.cds209.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 4BBE 25 KB
25 KB 25ms
25ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1638331090088
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:10 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop012.ml1.t,1638331090.cds202.ml1.shn,1638331090.cds202.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 4BBE 0
0

GET

generic
sync.ipredictive.com/d/sync/cookie/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTHYB8CuZ7k2sPQSL-ot1s&google_cver=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=81f4bbe6-2392-4623-a7c6-9b065981d726
https://pr-bh.ybp.yahoo.com/sync/stickyads/77be93f040989744c28fdd7d46c8504d?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2797749063738055443
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACk8Hk7DTeYAACsT6DCPLQ&gdpr=0
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yaby0AAIlrEttQBR&gdpr=0
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=9166458971282832915
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=0703220402daad39f896e851&gdpr=0&gdprConsent=
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6914951&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4BBE 301 B
866 B 16ms
15ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1638331089119066-509
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 4BBE 67 B
730 B 122ms
121ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C14307433111279179917033591121%2C%2C&vav=7f6fb795ae1e346bc5b78925b59836c2&vaviv=6d531428d07ed9e8a027cff9fc385652&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638331089418015-529
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4BBE 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331089244081-506
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4BBE 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

183ms
94ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0EVGXG9ZYXVFK0XXR3YT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331089853046-589
Expires: Wed, 01 Dec 2021 03:58:10 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 97ms
96ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:10 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 9559 337 KB
114 KB 19ms
18ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop010.ml1.t,1638331090.cds209.ml1.shn,1638331090.cds209.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 9559 25 KB
25 KB 25ms
25ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1638331090293
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:10 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1638331089.dop012.ml1.t,1638331090.cds202.ml1.shn,1638331090.cds202.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 9559 0
0

GET

dmp
vop.sundaysky.com/sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=46d061a6-f2ce-4200-949c-585e6ba19a78&gdpr=0&gdpr_consent=null
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4414064395881013374
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Pr8n91Tq1MSgL05
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=ACeeME7DTeYAACqk6DCPLQ&gdpr=0
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent&gdpr=0
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=8877894&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=e6e3419e-525a-11ec-81ab-33deef32883a
https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=l21ce_7036578451570069572
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=0703220402daad39f896e851&159=CAESEBTHYB8CuZ7k2sPQSL-ot1s&17...
https://ads.stickyadstv.com/user-registering?dataProviderId=849
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 9559 301 B
866 B 14ms
14ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1638331089694069-579
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 9559 67 B
730 B 121ms
121ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C12327045911279179917033591121%2C%2C&vav=b87665cfdb278b8e429c663e8081f018&vaviv=ccbc0b0650964a6fcd10211677440e78&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.diarioceleste.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638331089772062-570
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET user-matching
ads.stickyadstv.com/ Frame 9559 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzdiZTkzZjA0MDk4OTc0NGMyOGZkZDdkNDZjODUwNGQ=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331089858044-576
Expires: Wed, 01 Dec 2021 03:58:10 GMT

GET user-matching
ads.stickyadstv.com/ Frame 9559 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

95ms
94ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R6QF2KKMAYYHWDJN7CN0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:10 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=77be93f040989744c28fdd7d46c8504d&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638331090023045-560
Expires: Wed, 01 Dec 2021 03:58:10 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 102ms
101ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:10 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame DA70 0
170 B 96ms
96ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:10 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 8519 2 KB
2 KB 261ms
261ms XHR
application/xml 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=50120876&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a9c9e54ba1faa955b7f3602b4d8f4ad0cc888e422690683ac160901c7847fb67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1363

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame AA98 230 KB
61 KB 25ms
24ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1638331091.cds034.ml1.hn,1638331091.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 8225 5 KB
2 KB 25ms
25ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1638331091.cds034.ml1.hn,1638331091.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame AA98 135 KB
7 KB 509ms
509ms XHR
application/json 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=50120876&m=&rtv=1&thost=www.diarioceleste.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: daadc5659f7330604ecae080ee66fd7d2a2b4fb055e8d4be4fab019b3841da6f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 7314

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 97ms
97ms Preflight 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&dnt=0&c1=https%3A%2F%2Fwww.diarioceleste.com.br%2F&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=50120876&m=&rtv=1&thost=www.diarioceleste.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:11 GMT
content-length: 0
access-control-allow-origin: https://www.diarioceleste.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 8225 43 B
308 B 91ms
89ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8225 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8225 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8225 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 8225
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9166458971282832915
pragma: no-cache
date: Wed, 01 Dec 2021 03:58:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame E119 0
170 B 96ms
95ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:11 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:11 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 26ms
25ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=1755970332&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C16860497265022867621341841117%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000221
X-SpotX-Timing-SpotMarket: 0.005114
X-SpotX-Timing-Page-Mux: 0.000206
X-SpotX-Timing-Page-Require: 0.000306
X-fe: 116
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.009257
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000252
Last-Modified: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005114
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003124
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 26ms
26ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=1241510025&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C18803990351686049726502286762%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000229
X-SpotX-Timing-SpotMarket: 0.005087
X-SpotX-Timing-Page-Mux: 0.000194
X-SpotX-Timing-Page-Require: 0.000307
X-fe: 140
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 77
X-SpotX-Timing-Page: 0.009870
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000267
Last-Modified: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005087
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003755
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 27ms
26ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=1321734825&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C16860497265022867621267184887%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000293
X-SpotX-Timing-SpotMarket: 0.005987
X-SpotX-Timing-Page-Mux: 0.000207
X-SpotX-Timing-Page-Require: 0.000346
X-fe: 134
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 77
X-SpotX-Timing-Page: 0.010360
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000279
Last-Modified: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005987
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.003217
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 54ms
27ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diarioceleste.com.br%2F&cb=1337382314&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762493073614%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000261
X-SpotX-Timing-SpotMarket: 0.005998
X-SpotX-Timing-Page-Mux: 0.000295
X-SpotX-Timing-Page-Require: 0.000428
X-fe: 061
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.011614
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000384
Last-Modified: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005998
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
X-SpotX-Timing-Page-Misc: 0.004209
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&...

249 B
528 B

460ms
422ms

XHR
text/xml

52.57.42.190

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=979c47a5-2aa1-4d91-9c21-4dec7d86d95c&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOC4zOTAzODE6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTk3OWM0N2E1LTJhYTEtNGQ5MS05YzIxLTRkZWM3ZDg2ZDk1Yw==
Protocol: HTTP/1.1
Server: 52.57.42.190 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:12 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.diarioceleste.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=997366369&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=979c47a5-2aa1-4d91-9c21-4dec7d86d95c&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOC4zOTAzODE6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTk3OWM0N2E1LTJhYTEtNGQ5MS05YzIxLTRkZWM3ZDg2ZDk1Yw==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
730 B 122ms
121ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762533846892,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:12 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638331091375055-596
Expires: Wed, 01 Dec 2021 03:58:12 GMT

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&...

249 B
528 B

461ms
423ms

XHR
text/xml

52.57.42.190

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=61b968fb-c3df-409d-8c37-eae713c01dc3&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOS40ODE2ODk6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTYxYjk2OGZiLWMzZGYtNDA5ZC04YzM3LWVhZTcxM2MwMWRjMw==
Protocol: HTTP/1.1
Server: 52.57.42.190 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:12 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.diarioceleste.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=638918339&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=61b968fb-c3df-409d-8c37-eae713c01dc3&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkwOS40ODE2ODk6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTYxYjk2OGZiLWMzZGYtNDA5ZC04YzM3LWVhZTcxM2MwMWRjMw==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 997 B
875 B 13ms
12ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762510967062%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 63156795da94712f8b63e8c136a8ec52e2d8397b1e83e5268adadce62176c763

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 612
expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 998 B
877 B 12ms
11ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12367349371686049726502286762%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b055cfebf68c6da2d0f11badfd902275092d406eace198dea05849ef65f640ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 03:58:11 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diarioceleste.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 613
expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 16ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762369218623%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8de7375ecf339d5e86dca8528ecbdc70dea37912954cbca38a26f587315acdd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1638331091613044-587
Expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 16ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C8274895411686049726502286762,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a547aa81c967d51853c726b8236696b6df6cb314c4a075255fa77568b4c8cb2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1638331091343059-527
Expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 15ms
14ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C8388325791686049726502286762,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0834d35104b29ccbbde798bd7aeadc082b4dd54e839637d6c1bc18312ef38154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1638331091427077-568
Expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 16ms
15ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762815848228%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 76c2616a81cd8e00250d97e1e0177367f81fbab487f3bf6508e507a995b67ef7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1638331091076094-573
Expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 27ms
14ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C9573536501686049726502286762,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 832a966494f6980391c74a9d8a92769b5616c1959912f22afd7319c126d91b8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diarioceleste.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1638331091315070-569
Expires: Wed, 01 Dec 2021 03:58:11 GMT

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400...

249 B
528 B

460ms
422ms

XHR
text/xml

52.57.42.190

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=6e896e84-6097-4960-9b66-0f037e80a0fe&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkxMS41NzI3NTQ6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTZlODk2ZTg0LTYwOTctNDk2MC05YjY2LTBmMDM3ZTgwYTBmZQ==
Protocol: HTTP/1.1
Server: 52.57.42.190 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.diarioceleste.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:12 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.diarioceleste.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1293175328&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=6e896e84-6097-4960-9b66-0f037e80a0fe&a.is_yahoo=3&redirect_y=dHM9MTYzODMzMTA5MTkxMS41NzI3NTQ6YXBpZD1VUGUzODgyZjdkLTUyNWEtMTFlYy04YmFiLTA2ZmU5MjE3MWJkODpyZXF1ZXN0X2lkPTZlODk2ZTg0LTYwOTctNDk2MC05YjY2LTBmMDM3ZTgwYTBmZQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK event.png
tps20237.doubleverify.com/ Frame DFF1 67 B
465 B 7ms
7ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20237.doubleverify.com/event.png?impid=912073241ed34a308d34042d8e0ffdcc&gdpr=&gdpr_consent=&mascid=kwn0115cup5cevvbneleozcnc4w7hmtc&dvp_masver=1874&eoid=11&cbust=1638331092054650
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:12 AM

POST
H/1.1 200
OK event.png
tps20230.doubleverify.com/ Frame 3F8E 67 B
465 B 7ms
7ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20230.doubleverify.com/event.png?impid=182aa42d19e4490884e6e729e6deb3a0&gdpr=&gdpr_consent=&mascid=kwn0115cup5cevvbneleozcnc4w7hmtc&dvp_masver=1874&eoid=11&cbust=1638331092084709
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 03:58:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/30/2021 3:58:12 AM

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame E119 0
170 B 138ms
137ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:12 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame AA98 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 68F2 152 KB
36 KB 17ms
16ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762510967062%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:12 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9B32 38 KB
14 KB 10ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762510967062%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=55292
expires: Wed, 01 Dec 2021 19:19:44 GMT
date: Wed, 01 Dec 2021 03:58:12 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 68F2 38 KB
14 KB 8ms
7ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1686049726502286762510967062%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55292
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Wed, 01 Dec 2021 19:19:44 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9B32 1 KB
1 KB 12ms
12ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51975707&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 2fa14fba5f16e260f786b66816b62666006715acd1f44ae459a31eaeb92b9a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1076
content-type: text/html; charset=UTF-8

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 6E60 0
44 B 291ms
94ms Document
text/plain 169.197.150.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 -, , ASN (),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Wed, 01 Dec 2021 03:58:12 GMT
server: a

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9E76
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr8n91Tq1MSgL05&gdpr=0&gdpr_consent=

42 B
365 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr8n91Tq1MSgL05&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:11 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug001:0:519
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Wed, 01 Dec 2021 03:58:12 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr8n91Tq1MSgL05&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 5A7F 0
114 B 311ms
101ms Document
text/plain 38.27.122.158

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 01 Dec 2021 03:58:12 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3F80
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:00B497BEA5EA430B947EF2E8CB3A7D42

1 B
144 B

12ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:00B497BEA5EA430B947EF2E8CB3A7D42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:12 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug010:0:319
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Wed, 01 Dec 2021 03:58:12 GMT
content-type: text/html
content-length: 138
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:00B497BEA5EA430B947EF2E8CB3A7D42
expires: Tue, 30 Nov 2021 03:58:12 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET sync
sync.srv.stackadapt.com/ Frame CA63 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9B32
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e6e3419e-525a-11ec-81ab-33deef32883a&gdpr=0&gdpr_consent=

1 B
215 B

13ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e6e3419e-525a-11ec-81ab-33deef32883a&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:58:11 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:344
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e6e3419e-525a-11ec-81ab-33deef32883a&gdpr=0&gdpr_consent=
Date: Wed, 01 Dec 2021 03:58:12 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: e773255c-525a-11ec-aac1-232265c5b130

POST
H2 200 t Show response
t.lkqd.net/ Frame E119 0
170 B 99ms
98ms XHR
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diarioceleste.com.br
date: Wed, 01 Dec 2021 03:58:12 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
89ms Preflight
text/plain 146.20.132.145
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.145 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diarioceleste.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Dec 2021 03:58:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diarioceleste.com.br

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250071;a.a=486510943;cache=1831671044;

Domain: loada.exelator.com
URL: https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6914951&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: vop.sundaysky.com
URL: https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

120 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clevernt.com/	1969-12-31 23:59:59	Name: hstpv4user Value: eyJJRCI6IjU0MDEwMTM0d2FuNjFhNmYyY2MzMDZiYyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMTUzOTc5ODYwMSIsIkxhc3RVcGRhdGUiOjE2MzgzMzEwODR9
.diarioceleste.com.br/	1970-01-20 16:36:43	Name: _ga Value: GA1.3.767454497.1638331084
.diarioceleste.com.br/	1970-01-19 23:06:57	Name: _gid Value: GA1.3.481305750.1638331084
.diarioceleste.com.br/	1970-01-19 23:05:31	Name: _gat_gtag_UA_175164381_50 Value: 1
.bidswitch.net/	1970-01-20 07:51:07	Name: tuuid Value: 020d0411-e776-4501-826e-0048af0a4f8b
.bidswitch.net/	1970-01-20 07:51:07	Name: c Value: 1638331084
.bidswitch.net/	1970-01-20 07:51:07	Name: tuuid_lu Value: 1638331084
.taptapnetworks.com/	1970-01-20 07:51:07	Name: SONATA_ID Value: csonata_0e1dcee8-6724-41fd-a444-34fd5f4a1d82
ads.stickyadstv.com/	1970-01-19 23:48:43	Name: UID Value: 77be93f040989744c28fdd7d46c8504d
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: ae5cc97561a3c059ab6a958db3abd9f9
.vidoomy.com/	1970-01-20 07:51:07	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTY0MDkyMzA4NH19fQ==
.turn.com/	1970-01-20 03:24:43	Name: uid Value: 9166458971282832915
.casalemedia.com/	1970-01-20 07:51:07	Name: CMID Value: YabyzJZszJ5A9JK4MIFgDQAA
.casalemedia.com/	1970-01-20 01:15:07	Name: CMPS Value: 5224
.adnxs.com/	1970-01-20 01:15:07	Name: uuid2 Value: 2797749063738055443
.casalemedia.com/	1970-01-20 01:15:07	Name: CMPRO Value: 1138
diarioceleste.com.br/	1969-12-31 23:59:59	Name: wp-ps-session Value: ebcgrdspkqc0j972n8vpdteqlk
.o2online.de/	1970-01-19 23:15:35	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146032381_-0&ref=25667676_4307561_303197273_146032381_-0
.redintelligence.net/	1970-01-20 01:15:07	Name: 8lcfmzhxc8d6_uid Value: 54ce5cd628c52ada
.yahoo.com/	1970-01-20 07:51:28	Name: A3 Value: d=AQABBM3ypmECEPtHr-0Ij0tcplwVj8CJar4FEgEBAQFEqGGwYQAAAAAA_eMAAA&S=AQAAAgnUaaEqkF0icUpraKfBHnw
.spotxchange.com/	1970-01-20 07:51:07	Name: audience Value: e34d33b2-525a-11ec-8099-17ca89300306
.advertising.com/	1970-01-20 07:52:33	Name: APID Value: UPe3882f7d-525a-11ec-8bab-06fe92171bd8
.adtriba.com/	1970-01-20 16:36:43	Name: atbgdid Value: 09931f64-e8fa-49be-ae9d-27dcadbeab7f
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPe3882f7d-525a-11ec-8bab-06fe92171bd8
.yahoo.com/	1970-01-19 23:06:57	Name: APIDTS Value: 1638331086
.casalemedia.com/	1970-01-19 23:06:57	Name: CMST Value: YabyzGGm8s4A
.adnxs.com/	1970-01-20 01:15:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%utd+IQ!]tbd8i_iqf!oN/@E'zz<Z0Q-yz/hgzOB8b?c<EI3y=kCk0CYj%(]>Q=J0<QG=%9sk@3@'s>T1e+wM
.agkn.com/	1970-01-20 07:51:07	Name: ab Value: 0001%3AmpKT%2F5qEIRPd6523909IXyV%2B85GuTYgw
.agkn.com/	1970-01-20 07:51:07	Name: u Value: C\|0EAApOa9OKTmvTgAAAAAAAQAHAAAAAAF4oo___x4AAAAAAD79HwAAAAAReqQXAAAAAAiddlMAAAAAHP-RXwA
.casalemedia.com/	1970-01-20 07:51:07	Name: CMRUM3 Value: 2d61a6f2ce2760CAESED4nHvyYDPfoGRKSVmVHZ8s
.doubleclick.net/	1970-01-20 08:27:07	Name: IDE Value: AHWqTUnXskqTGk4CT1szauAsWfNrsYM0Vui5izDtnKtBjoqqBx5QXt_vBnVLmi7Bn9M
.diarioceleste.com.br/	1970-01-20 08:27:07	Name: __gads Value: ID=9782054fdfde6429:T=1638331084:S=ALNI_Mb7McIkuzefAaXsEUYPfkLKsosxuQ
www.diarioceleste.com.br/	1969-12-31 23:59:59	Name: wp-ps-session Value: ne3d58d33utgf7ktve3m35i3pf
.adfarm1.adition.com/	1970-01-20 01:15:07	Name: UserID1 Value: 7036578434397829259
.pubmatic.com/	1970-01-20 01:15:07	Name: KADUSERCOOKIE Value: DF76A8B7-E559-47FF-B629-21A3FA94937C
.targeting.unrulymedia.com/	1970-01-20 07:51:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003%22%7D
.simpli.fi/	1970-01-20 07:52:33	Name: suid Value: 00B497BEA5EA430B947EF2E8CB3A7D42
.quantserve.com/	1970-01-20 01:15:07	Name: d Value: EIkBCwHtJPijAA
.quantserve.com/	1970-01-20 08:35:45	Name: mc Value: 61a6f2ce-d2a96-09513-5ad85
.mathtag.com/	1970-01-20 08:31:26	Name: uuid Value: 46d061a6-f2ce-4200-949c-585e6ba19a78
.adform.net/	1970-01-19 23:50:09	Name: C Value: 1
.3lift.com/	1970-01-20 01:15:07	Name: tluid Value: 9306495078164827876
.de17a.com/	1970-01-20 07:43:55	Name: guid2 Value: 1.5871054209374493530
.adform.net/	1970-01-20 00:31:55	Name: uid Value: 4414064395881013374
.adsrvr.org/	1970-01-20 07:51:07	Name: TDID Value: 81f4bbe6-2392-4623-a7c6-9b065981d726
.scoota.co/	1970-01-20 16:36:43	Name: tuuid Value: 062c16a1-40af-4d96-bd50-977c0b30715d
.scoota.co/	1970-01-20 16:36:43	Name: c Value: 1638331086
.scoota.co/	1970-01-20 16:36:43	Name: tuuid_lu Value: 1638331086
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_80 Value: 22987-CAESEGXiVPPWRNVWv1lnoJmOMUI&KRTB&16514-CAESEGXiVPPWRNVWv1lnoJmOMUI&KRTB&23025-CAESEGXiVPPWRNVWv1lnoJmOMUI
.pubmatic.com/	1970-01-20 01:15:07	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_153 Value: 1923-8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK&KRTB&19420-8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK&KRTB&22979-8njs86J77qDpLb-k_X-g9f18vPbpfOyh_HzHyzAK
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_57 Value: 22776-2797749063738055443
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_27 Value: 16735-uid:46d061a6-f2ce-4200-949c-585e6ba19a78&KRTB&16736-uid:46d061a6-f2ce-4200-949c-585e6ba19a78&KRTB&23019-uid:46d061a6-f2ce-4200-949c-585e6ba19a78&KRTB&23114-uid:46d061a6-f2ce-4200-949c-585e6ba19a78
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_336 Value: 5844-5871054209374493530
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_391 Value: 22924-4414064395881013374&KRTB&23263-4414064395881013374
.rfihub.com/	1970-01-20 08:27:07	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tDQ3MjYzMLO0NBDiM9RNywlOswz2NclwtciU4jU0M7YwNjY0sDCztDAHAEL6kfU0AAAA
.rfihub.com/	1970-01-20 08:27:07	Name: eud Value: H4sIAAAAAAAAAFvFwmtoZmxhbGxoYGFmaWEOAESoAlMQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tDQ3MjYzMLO0NBDiM9RNywlOswz2NclwtcgEADCx6AglAAAA
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_377 Value: 6810-81f4bbe6-2392-4623-a7c6-9b065981d726&KRTB&22918-81f4bbe6-2392-4623-a7c6-9b065981d726&KRTB&23031-81f4bbe6-2392-4623-a7c6-9b065981d726
.doubleclick.net/	1970-01-19 23:05:34	Name: DSID Value: NO_DATA
.onaudience.com/	1970-01-20 07:51:07	Name: cookie Value: af30960d670da51c
.onaudience.com/	1970-01-19 23:06:57	Name: done_redirects147 Value: 1
.pubmatic.com/	1970-01-20 01:15:07	Name: pp Value: 156498
.pubmatic.com/	1970-01-19 23:06:57	Name: PMDTSHR Value: cat:
.onaudience.com/	1970-01-19 23:06:57	Name: done_redirects161 Value: 1
.analytics.yahoo.com/	1970-01-20 07:52:33	Name: IDSYNC Value: "18yl~21u3:1762~21u3:18yx~21u3:18z8~21u3"
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_1101 Value: 23040-7036578434397829259
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_22 Value: 14911-9166458971282832915
.pubmatic.com/	1970-01-19 23:48:43	Name: SPugT Value: 1638331086
.zeotap.com/	1970-01-20 07:51:07	Name: zc Value: 1fe517c1-0cd2-401f-401c-0042354b6015
.fiftyt.com/	1970-01-20 07:51:07	Name: fifid Value: d0254064-4303-45f4-5ec5-95f2c7d4c3a7
.fiftyt.com/	1970-01-20 07:51:07	Name: cs Value: MTYzODMzMTA4OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fANE4-hkZ1NSLu-ID5d7xZkSNQGuKRFDm67Mr9U8aPA3
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.fiftyt.com/	1970-01-19 23:15:35	Name: fppm Value: 20211201035808
.semasio.net/	1970-01-20 07:51:07	Name: SEUNCY Value: 906AEC73526DD364
.everesttech.net/	1970-01-20 07:51:07	Name: everest_g_v2 Value: g_surferid~Yaby0AAIlrEttQBR
.creative-serving.com/	1970-01-20 08:27:07	Name: tuuid Value: a031bb8c-1d07-414a-ba46-b3920170b40b
.creative-serving.com/	1970-01-20 08:27:07	Name: c Value: 1638331088
.creative-serving.com/	1970-01-20 08:27:07	Name: tuuid_lu Value: 1638331088
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_218 Value: 4056-Yaby0AAIlrEttQBR&KRTB&22978-Yaby0AAIlrEttQBR&KRTB&23194-Yaby0AAIlrEttQBR&KRTB&23209-Yaby0AAIlrEttQBR
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_466 Value: 16530-020d0411-e776-4501-826e-0048af0a4f8b
.audrte.com/	1970-01-19 23:27:07	Name: arcki2 Value: 350WW7ZAJHwS6eldi5q1kNS-w!20210804!1638331088431
.pubmatic.com/	1970-01-20 01:15:07	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 01:15:07	Name: DPSync3 Value: 1638403200%3A174%7C1639526400%3A221_235_197_241_219_226_227_201
.pubmatic.com/	1970-01-20 01:15:07	Name: SyncRTB3 Value: 1639526400%3A222_55_7_165_13_230_204_189_54_161_3_21_8_56_220_88_176_234_81_238_99_22_166_71%7C1639612800%3A35%7C1639180800%3A63%7C1638921600%3A2_15_223%7C1640908800%3A203
.1rx.io/	1970-01-20 07:51:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/	1970-01-19 23:15:35	Name: __kuid Value: ee2ac840-1afb-479d-9c2b-ea91ae3da3e3.407545089
.taboola.com/	1970-01-20 07:51:07	Name: t_gid Value: 8e5d3411-9198-4f47-b6f4-23e1823f1b84-tuct8a07851
ads.playground.xyz/	1970-01-19 23:15:20	Name: connect.sid Value: s%3AVU3_UPzhfQa0U27jJ68AapvZ7TdONtkP.QnsyhvhXpwzpnXxlE7ptVz%2BdHGD%2FqOJIb6sZJpY5lp4
.weborama.fr/	1970-01-20 08:37:11	Name: AFFICHE_W Value: iZUt5T8HXY6J50
.erne.co/	1970-01-20 07:51:07	Name: u Value: ka4watdtAeutogcHaBXnX6Du
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_594 Value: 17107-RX-b5ea5773-6e69-4f1a-94e9-3fbdcf66c06d-003
.pubmatic.com/	1970-01-19 23:48:43	Name: KRTBCOOKIE_409 Value: 22966-ka4watdtAeutogcHaBXnX6Du
.pubmatic.com/	1970-01-19 23:48:43	Name: PugT Value: 1638331089
.tribalfusion.com/	1970-01-20 01:15:07	Name: ANON_ID Value: aRnseFPME7fQmKvCiHhhxReT3Zb2roXHZdbgTanwMFfF54BWPwk3SoqhrJiTLC4EIfM5PmQN0Rb0RgZbkSmtHZak
ads.stickyadstv.com/	1970-01-19 23:25:40	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
.fwmrm.net/	1970-01-20 03:24:43	Name: _uid Value: "l21ce_7036578451570069572"
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-36033 Value: l21ce_7036578451570069572
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: MRM_UID Value: l21ce_7036578451570069572
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-159 Value: CAESEBTHYB8CuZ7k2sPQSL-ot1s
.adsrvr.org/	1970-01-20 07:51:07	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiW4_2JmqKaOhAFGAEgASgCMgsI3JfE1bCimjoQBTgBWglzdGlja3lhZHNgAg..
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-892 Value: 81f4bbe6-2392-4623-a7c6-9b065981d726
ads.stickyadstv.com/	1970-01-19 23:48:43	Name: uid-bp-717 Value: y-r.fl_rdE2oPEV8llBZUsLZNdAi_eWm4tMr_2gzOI~A
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-951 Value: 2797749063738055443
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-529 Value: 46d061a6-f2ce-4200-949c-585e6ba19a78
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-617 Value: 4414064395881013374
.w55c.net/	1970-01-20 08:35:45	Name: wfivefivec Value: Pr8n91Tq1MSgL05
.w55c.net/	1970-01-19 23:48:43	Name: matchfreewheel Value: 5
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-23329 Value: Pr8n91Tq1MSgL05
.bidr.io/	1970-01-20 08:34:01	Name: bitoIsSecure Value: ok
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-45 Value: Yaby0AAIlrEttQBR
ads.stickyadstv.com/	1970-01-19 23:48:43	Name: uid-bp-171 Value: 9166458971282832915
.adotmob.com/	1970-01-20 08:34:19	Name: uid Value: 0703220402daad39f896e851
.adotmob.com/	1970-01-20 08:34:19	Name: uuid Value: 0703220402daad39f896e851
.adotmob.com/	1970-01-20 08:34:19	Name: partners Value: STI%3A1638331091124
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-1501 Value: 0703220402daad39f896e851
.bidr.io/	1970-01-20 08:34:01	Name: bito Value: ACeeME7DTeYAACqk6DCPLQ
ads.stickyadstv.com/	1970-01-19 23:48:43	Name: uid-bp-26913 Value: ACeeME7DTeYAACqk6DCPLQ
ads.stickyadstv.com/	1970-01-20 00:31:55	Name: uid-bp-25522 Value: no-consent

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.atdmt.com/i/t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250071;a.a=486510943;cache=1831671044; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11360513469383436707/lyxor_climate_336x280/lyxor_climate_336x280.html".
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YabyzJZszJ5A9JK4MIFgDQAABHIAAAIB&google_push=AYg5qPIVi8dvbMv3J8rHpHfaaErtkZvx_iO1CrFBKZENHEcbrPMFBsR1XFJzJpIqLGXngmGoXcuAb1-uM5nJ_4kjoxjJATO_ww&google_gid=CAESEOXJBJb2U8H7azOR_zt9kc8&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6914951&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
9c562daf9a696c98ad05001fe15baea7.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
ad.atdmt.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
aud.pubmatic.com
c0.wp.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.contentspread.net
cdn.doubleverify.com
cdn.onesignal.com
cdn.stickyadstv.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
cs.lkqd.net
csm.eu.criteo.net
csync.loopme.me
d.adtriba.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
diarioceleste.com.br
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal900011.redintelligence.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.onesignal.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.wp.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r.scoota.co
rtb.gumgum.com
rtb.nl.eu.criteo.com
rtb.openx.net
rtb0.doubleverify.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
scripts.cleverwebserver.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sender.clevernt.com
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
static.criteo.net
stats.wp.com
stg.vidoomy.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
t.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tps20230.doubleverify.com
tps20237.doubleverify.com
tps20519.doubleverify.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
v2-ui.cleverwebserver.com
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vop.sundaysky.com
vpaid.pubmatic.com
vpaid.springserve.com
www.diarioceleste.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.atdmt.com
ads.stickyadstv.com
cm.g.doubleclick.net
loada.exelator.com
match.prod.bidr.io
pixel-sync.sitescout.com
sync.ipredictive.com
sync.srv.stackadapt.com
t.lkqd.net
vop.sundaysky.com
104.111.242.245
13.248.245.213
138.201.64.38
138.201.84.244
142.250.181.226
142.250.186.66
142.250.186.70
142.250.186.98
146.20.128.101
146.20.128.158
146.20.132.145
148.69.64.76
15.197.193.217
151.101.130.49
151.101.65.44
151.139.128.11
169.197.150.7
169.50.137.184
173.231.180.197
178.250.0.139
178.250.0.160
178.250.0.162
178.250.2.151
178.62.202.251
18.185.171.80
18.194.154.127
18.194.4.47
185.29.132.241
185.33.220.243
185.33.220.244
185.64.189.110
185.64.189.111
185.64.189.229
185.64.190.80
185.94.180.123
185.94.180.126
192.0.76.3
192.0.77.37
193.0.160.129
195.5.165.20
198.47.127.19
198.47.127.20
2.18.232.7
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::11
209.54.180.3
213.155.156.167
213.19.147.45
213.254.244.13
23.88.75.187
2600:9000:206f:b200:15:6f6c:b180:93a1
2606:4700:10::ac43:2825
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700:3031::6815:11c9
2606:4700:3031::ac43:b242
2606:4700::6812:c05
2606:4700::6812:e234
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7001
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a02:26f0:6c00:19c::26e5
2a02:26f0:6c00:2b2::4469
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:d29:3602:e219:12f7:637c:c071
3.120.83.159
3.126.56.137
3.128.15.210
3.129.250.65
3.227.93.166
34.102.253.54
34.206.28.97
35.156.157.11
35.201.81.244
35.201.96.126
35.227.208.19
35.227.252.103
35.244.159.8
37.157.6.251
38.27.122.158
51.75.147.170
52.214.119.250
52.28.186.152
52.57.134.242
52.57.42.190
52.58.32.98
54.77.47.243
54.93.162.63
66.155.71.25
75.2.29.42
77.243.60.138
82.113.101.132
85.114.159.118
94.23.171.206
016b73ae1e1f2b62155e05413c8954a8970cdbd9fe9892c9408dbf4836902526
01df389d0d31829ffbf55b7b9b261bea835cdddb4da2824137e05c2e5593228f
02dd6ae8af35d5ba1e75836ce6abc2b50ff6aa34b128c6be222aeb13ed1ef17a
0491344ed95e539b258774152adfb84b8f318437faab0858edf67ac69c2e7099
0503eb589c02a668162ea686de146f2cb56bb4278a4ebed33d76377d62e17f17
06e1efddd1a67b2b304c78ae1f25705c0b4510f26b269b51265cd0119d6bafc0
06e36f22fa12049247ba1b17ad5b1573fb1b031ffb7ee78b0e62a8a95462ef80
07e8ba4c4488d1971d8f620076c5879fbdd41716173ba0261857c65609f12b4c
0834d35104b29ccbbde798bd7aeadc082b4dd54e839637d6c1bc18312ef38154
08be67910e475f4e44bc9809a8b8765ce9b8f17e1d566a22dff92e0e17a5e958
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a76157c3a2b72cb175a5029b332dfbc0239f484b075465b29ffda96435ad729
0aab1878c7638611910cf289234895d55dae2d89977cc4ae0e5d96c5534f0fcf
0b034a034f563858396d02c401f20287676d1d43dad6c7379d9b4c1bb76bf231
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd864a431fb1bc016f717b4fc74b9dfdb4d8dca2d10bca7a97e03cab38ff3d3
0cd2c0abfefe3d61600cbcd5ee18856508c6498fabdf7d6f8f1e2b420f437ba8
0da081aebcda8fe07044ee583eb254eebbb00016012a2c4697a103e2f327f2a2
0e264f87064204f7fc6293fa99f06349ec225aa0b889d04a7d94b999ae16fb35
0e6ff15f9bf076311dafa6ab2223e2dded103b6924a462b05c44e7f16a8ab191
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115e6b5dc9d38bc61444ea742ed56610be8c69c6d04d41f49eb3c550f54cc87f
11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459
1270970aeaa9f6843dab63421c1328d05124083084c17dcfb9ffc2d954d4e285
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13152042c082d4bc64251f28f7eb1cc3b7a296492bcd9e7505764befe8cf50c4
13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac
14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145
14f09e693617089e72638ad17063d8128f3308a445ddb2115350644ab0d47b9c
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
155f95be0b0f873f2ae665f6c24b3b3056a68fe740079ad358c33f740429bf5a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1ab036cf75194b898db37a4a267d4a03e85df402ee5a30ea59ec030f18a5d355
1b09cc71e3e37c0e76d0a798105231991c1ce1a8fa1015b7eb0a9fd904fad0a1
1b7c986e925be26a11b25dc3cb1892ba51118ec0a2c95576ecdb553e1cff614e
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1e500e895349a0dd1359c3e9abe2b65033329c9eec7aa858c16818a89ad92392
1e8d5bf17b662b28e16ea3ad102f602ecbd6268f304fdd22cd3e9d1d978ca6bc
200aa794f5419498ebd3f0fc5ec6156c6ac91840309e9f56f72a8a18d7f37926
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
20736f297cc96191469ee02ba7d5fdd73881279cac19e8a8a25af4d54feb9047
21002c0b475650f8871ca35b2430fbd9f01a7d62be3b943378044a28d38f908b
2277774dd9a2cdd038a54679a1cde3e25480b66cd44a17fcd86b6319f510e133
22b0a2bd3484b0139eaa8510a90ce62fc7d0b61ee2973ef1e4b199895cb3601f
2454e659567ca1f715e850a86e4a6bf630b59df3b3bc92468ed55092184514f1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
2871c1b16a70375a71c00ca0cd044225535cf5d45d5550e28b2cd1c71ca44d5d
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b8c1d6e272519fc3c3c51af5fbfbe125dc26bc413cb7840b5a8a9dfa3107caa
2c278dd7b444df867e6e53829d3b394380ecc5e555f8a292cecf111153c39e93
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fa14fba5f16e260f786b66816b62666006715acd1f44ae459a31eaeb92b9a75
305f88cf3f53f8c43f0c1d19cc5e4214732f8e1a65d89024cfb17d7afb819922
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
32613ddf2bda8d21eb9b0cc39a9d8ebeb1a016e66827e09e139d34999ffa6804
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
340ac1e11d1d0914370c0cebc355151257668cc492887577b087a77da82bf98d
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35427bee7326b9125939440515fc52b3ec2228de0280561c62a1f3e1e29e93d3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36c25b5f96862af83f5f15eedf7e69a0e736f5417ff3e692c3a4a12ecec175e2
36d1d20b8fc9b02c2fb48a8823db3272b272666fb42eacaaa92d9565f7d762b3
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
373ff49c2adbe1aa2ad17a2aa39bcd532b1d5fdb84de5ca39352de6a671bae06
3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4
38bfabb47e430c0854077c9ddbf0d875785339b37d1b0c666383ef932ff46a43
38d41515afecef8a085491155875b146864a33c91775e3a002244b6cfbb48fe6
396218338cea69d1500be3f22f99ec0daf4c57d6325b77b5837b5092095aa6cd
3968422bb4156ee11a62520675778378ff1b8cf93bd5e75e372aa539b5ee5749
399315007643f3f04f2871640688247185f4a2c0e1140701c5620971c79412fd
3a6748fc67ecd0a99c12a290cf706fc9c68e90a313d43ea0ff7f392d68e30857
3c609f8f7819028f762fe27174c582eefd962575a444804f97db9ea7ccd96e72
3ca258226d6e22d7d4d719eb4d43a3d8452fe1353bef796649237a6d01154c62
3ca83f6c91fc96a55e97300e35938c6b1ece61edb0c5c170009622fbe8bff2ac
3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96
3e650abaecbfe86b6ced4592cdbff20ce1fbc47e8b4a954dfc880863cca3494c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40a9850c036aceb7a250b00ce36407a49aa35ee93a0c50e844b3ca9244c18348
40ab039ddf421b282235661a8567992ee23ce45239fdf4047e27ba58fb397767
40c0b66e9609f81249a372521027e9da67e95dd965160c5dff78c16a6364fc25
41a19d96fde3b62300f9f41f049f8881fcb4180a422f06f1ef6eeeb615995eff
43de706623f90168be59ba091b084a6e66f66b2475379921b06f76d1e5998bac
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4805df4268f9d8dd7aabd5a9a9ff7c1f83f2fd2bbd03908538ec1decf2bd4fe9
4835b16c14de5cbba60f4b8401bcac4e282f26b20c0cfddff228fe6267e7ec67
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497b184923b30f6b560e8b637aee6d385b9dd495b83138c282d7d820b8d376de
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cfddec0a200816e689bbea5b7f4fab75166b768f382d5684bd3c9895941cd8b
4df7b0488db29e9313c056aa8372a79225be86a40cab4b074f7ce6d0e943aa03
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8684d7c52d32980263f516fd9eb038737895a11b39fa06c240e82338484de5
4f0a278929dfeaded74d8079fb2040d71e3bffcc743d431165521f4725b4ca70
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b2fc826bdb666b68400237c4b2371ea1e2120b602eb891e8023e171a2d2627
52f860ef3888357ea9158a8737de73be6d18b0cb2ab45e29966079e0b2e0213a
5478512dd2764169210c0adfe8a8ba218777ce2cb473b3499e96d931f20039d7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5503e07f331c4088e46f04538d4e572602b4d3fb0253dc02ff06b6e4ce0b0804
556af9da72772cdfa260b1243e71d6dd38223a45ed142b76e359c9bc2207af35
55bd9424eb278cc12ea7f2bc088b174527296e2cbb1194a196cc510cb0b85224
5757a2a2c9650560c0ebb82f8dcad638b4678422f7a147dbe4b871066b1e87c9
581d4972ff6f84fb25896c051f479350e69620421f0cf25a130b21f255f15bf7
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58d00065664af3b1c28ba9f9227afef21b6313df30eb620fa2cf3c09ff0ad1d6
59634d2853fa1300f9d99b9d1550fcfd09366ba7ae58776b291af9e67dedaa7f
5a25dffef78e80498a09be54f9a1e116e3e437ff64fd3b9c05c0b43784bc52bd
5b6c8f5ba5a33a30b418ca65d91f2e8631c855f1348e8e3d3b66e0b1b9579a93
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e31e059e5e3b16b713bba0f1a6d3bcefe9492c5c9de3a1c92d62f99e1320125
5fa18eb01e1ff1a76a7b800524848871bc676549929d684e4881ac86c0767805
5fc6553100e45782a335f5b45d0b3340e04f3ec233f5ec39606836ff09fbe873
600cf8cd4ec43c200646898230f3bffef1fa0a72d178144aee1e3cdf8279aca7
61f7ebc1dd945b73ea2089bce54cb69c929e2cd753e93a7cbef591bede7b6037
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b
6285d29393de6c7efd139687e3966ad2699067aa49b5ff1316e3665f209f1ba1
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63156795da94712f8b63e8c136a8ec52e2d8397b1e83e5268adadce62176c763
631b18072a9a88ab189253b9e92d2cafcb280b64c598ba00f9fdb0cd5a16baff
641b419b9bc6758430c18af52a1d4af274a7f2122ea3853fd97953a413f32c0a
6487f4df928088ff6ddb502da4ea46cb0a2670d211d803f036308cfdc91c1cd9
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
65e5305403b1c801926e39441f4414dae67fa36b1a4e09a0531f8f20a4a0cef4
6635fb6229f1035bccbc6175921888e265d04ab64afb0c7f027732d1d185acf6
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
66b49bbd40bd678fa9fd0359d82041423d8ce27ca10cf797125ea6c6a341020d
67faa4ae3b67493c323a6571fffce4ca47c1c5e544a5517664136cebfb142cee
68a06cc5579ffd368f1ca5f2a1d3091fd837444dd7b3178045b34b9548f4a346
68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af244a45c6c4475b2530c021aa935a32b57eab6d12677d91c726cfed2be798c
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b3522ab9a4e387ddbe563ef28fa8dc5d75948133b72cf4ab37db53a26c17a44
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6da3d61e77122f8cec6eb8b1f42b9d8736b1672f4eec2098a99a670f62a93e45
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
7026837a6c956af7fd629e927242c994f48d3211667802fb4b1d2694a19faa59
70417d885beba08dd0d5ad1cacd561cb4fbecbf69e81cca8b6ae36d8e4301fdb
71d86ba42aff88f249b7eb43e9e7758ccf273457f537ebb11d07b17af5b1a4e0
739cef2e2541380f02906f6b85b492897200f26091445ffa9fbf9b66d25819f8
74149f4a87707f05e08fb7795ae70d562a96ef884223db9e613b4299e7708a5c
75f34b00de0af755057fe4057154c6e4fb1f4cbafbbb8383fc48ad452472d0c4
76be53246679b9e9b17455e1518403e2013531de497ffbf1869a0e628993f8be
76c2616a81cd8e00250d97e1e0177367f81fbab487f3bf6508e507a995b67ef7
77bad9f642945d2bc04c6254dadc3cbdd77eb697cec017f6c506adc43b97e4b5
77e773643d244128c52ab5535c162c467b2378bef47a784567d2de56fdd4a9e1
77eed2c6afa5de766a8f37dace0298efb76681dbb2a0aaed3e6f54ef20c4ec43
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
78f838c60f411473a2a3b122a65cf586f34af556a943e8e1d4cf9daf2ce91abc
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7c2224a56ccfd59020e130240719ce53d0512acfdad13b6cd8b7d319c5b7af31
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e50592ce1fd0a38af8214f04030411a2b5059e5766ecd323c4b6a272c2a2790
7fe3f21c5c0bfc97a38add5d7a15f79ea0f79e5f56da46d2080990813d0cdb55
81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261
81e7fc5e066da9722af5a7819784e8b30a7f665cd5673e7634381f3fd563ce44
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832a966494f6980391c74a9d8a92769b5616c1959912f22afd7319c126d91b8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835daade5b8a4ea2d16c65460dc18a3f282fd0ed2782d7180d810b6c588893e2
8472cca6f1af5645dcc26142e27b1623ba57af3dd7cc48a318cf2f26d7cab336
85160a9664fcf8bbfe3868416eb491e740b55dde3136dbfd011d3b70fc31c71c
85321f61748bf075a29764c0ab70072d2f86f18636225e6909f252fb5b1e8fde
86239f99362497f20c1eb9694a7b26a34f5e6c31d1b6acda0bc565ceeb8a69b4
86297c2f055f491d40c32be608db8f179c45806bb49b05750919852629e1ef9b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b1ab05895807cd29fa182b40bb22f0a2c9c4f3c6dd70bb4ac688b208a888b12
8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58
8c1470a0414fc28bde187abf7cbd64d6046589d3147e50bd6e913c283a9a7916
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8d33a5168ed0f2cc66fde8550aac207fde970b43ae64468eeff6d90bb2521155
8d58307e227d262afcf84484cc627616d942fc8551c6f48050b97998a5dfe2c4
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
8d91d6727627a6b0c5540c941852e963f30c79ffd9f6779fbb3456036679e152
8de7375ecf339d5e86dca8528ecbdc70dea37912954cbca38a26f587315acdd2
8e484e106698e6582471fbbcf24086fc4ca1b8b9b8703fd112b952fb9c2c8ce5
8ea99adea4a43fccfd001f1fe90570cc33cfeb6fcc219d81ed7fad2f61ba161d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ecb2ec826c1bdac97d97a7dd5ff405d0a4e4c0ee282c1fe6f724bda851c6d9a
8ededfed626c94c1806869a1fb13df87954cb864b0e0044d8854290a61578287
8f0b063b5bf6a79f12d2ba7dd2ab0daa100b5f0389d9108ac387572a8a3e81fb
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fcf9ee582654b68a5a992a028794edf054f099e65fbd74ab4a09447354b8c40
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5
9139b98991a1871ca6d61175d9c477c925c41ea827afb4d3af1200ebfa847ab9
915d01c9b364a22bef6b472a639cd4613b6207f846a9570c5aaa71b8570a1e4a
919fb6b0d17ea28df608fbdfd98aaff119b3d0ddeffa5093abb31a8379c487cf
91b95c3523c4d392bb3dcaa5456f637ed209e3e01b3b880a94b583cd6b6a89c7
9265b0be6fc386998ffc511173c64515af3d42022f299c4a9f9da0db98760654
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
92e713f61f5f0a290d72ac700af3ce73c7baf8b9db8d40e82cfd9762a17b7937
942b6757fcee126e043999470c953af3fcb67d0a17249bb08914d3a86a47bd7a
9436a862c370b6f85a3d716eabb2f3dd4d5b146d107ee68c7dc20ac10d8898b4
94e620b69282c26c52017aebc0f03ebe9452ec5cbd5900a2c445f78048648d50
954bfa46d252b19670e7ce30f070e15c11515259a41220be260833bc9d9ad30d
9654573587a0c1e922d798fe0975a11f783d182412025e87dd06b1914c870b82
96aacc6205c84b303c8c2e6d2ff36003c9e6a9d5bf2e0098a12159eca7098055
989b20a9c6018d3f2de9377f94034ab0959c1299fc892768caa0af4a13644cbf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98b9746e8ffcccfb52c63d9cc4967fb78dd43b664cdafdf8ef395948d310e0f9
98f38e7a7ab34085d381299020a6cfdd196cfc31e995ee842a690961d7853464
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa7513aa8098b717a0761605a349ddc2e24d2598d069df389b8a88d7d1f0147
9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11
9c921d8452252fe95fa53bc8105491ff3443afe78ad997bd45fd76934d53031f
9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc
9d898df46fe53442b66d134fff1b4ce024bfb780646cf25ea50aebffcb87ae61
9da19a7346f0674bfcdbc1161079cb16b92b5ab527847a47ed1fbba95924bc9f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dfb035a70d758a792b7a71ed0bd67c5017c9ad3c67e6d81e6599357443e7aca
9e4ece42b03c3da15c51aadcc8e9366c98d85121fab08fb2e8580e906b3a1771
9e69a3f584cf3dbebd5223463e3100b650513c101a5cf6a34d073916bb1c2d84
9ee67a97d3b531bffdd313aba208e0c1e812648929d41e3b100bebdc83b41d39
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a089e15ed323f589e0d965e5a2655555bc1bc9e35ac28f66aba03687b9cd1618
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a308fef9f6a770396440ba49e21d8fc8b2c263f770f44c83eb35da1545e0756f
a36cd2358d33d2289faf0430857a15235e545c1d480055ab09307d2ed14d4536
a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2
a43f1770b29491ce75b2b31fc89160be563726e06117498693299e2e1334b489
a45e91edd48c917ed3a28e199a57c678fe360fc3bd54a84979d9228769baa9a1
a47caa37c71fe025e8ed27e72583582bb442489673c79d32708f4a894cde2a49
a4865f5d2fac4ab43fd6b3a5c191a0554db3fde6c01b28b3ec878a00b5f9d4ca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d64310cb2c94b174385c7c059739131f57da72a5066090a9486f8153e5d01c
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
a547aa81c967d51853c726b8236696b6df6cb314c4a075255fa77568b4c8cb2f
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
a59bdfbe2d7603d0fc66a490c8362f95b13e26ff839612dd613d430b6d94bf7c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6739b1a10b796fb80cd15a852343fb3e0c3082f8f510dc5e2a76fabb1034922
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a831bd552658fce147a8f0702958c345e321220689a7a51463aeb7ac31188582
a9c9e54ba1faa955b7f3602b4d8f4ad0cc888e422690683ac160901c7847fb67
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa751c03c47b3bc3ef8fae4deed4850800745c3154e875470a08daa77e43c339
aac11b0ca41478aa5a57581122353560e05fbf2cd31845fb666cca22a3445957
ab334c0eb81464ee8990501ce28c09a99048e65be89c184c72af1d760b041720
abba549d9e97c6e5cd45d6578a22666708d593ef3b19f593a8ec3fd001b75526
ac13cf1e5316b7b485102106a7d360417d9e1975be4d84dedcc6a84ac20d0b6a
acb75c9125fc85e4f42e5a54d3de1990eb8429a49e693ae40798a3b7168d00c8
acd2301e84fbcd01b27f249c83c662c0806783c9857d9a3b7bd4e560f691d131
ad47eaa223ed133c81c6f6491ba1758418c5cb03e451fc124e2fa4f6446a683c
ad4e92c60d99539743ecd428f0cfa1a5d08e38c9c2c585e6dcd32a776467618f
ad8f45059e11d52f1802c1e01220448cb580d98acfa1ac2c5d94b2888a2d6a08
adc1d84cde973fc7ac766f9d378c88f73428d3e6c4ec45e9b9dd6e27171ab1b5
add66370d247957fa5d25381285685b12e998f05c5cfc32ac5377dcc08f663df
ae1b47cdae67376267dbd2ee5d87d17aa94c977dd355db86f52aa1f015830c9e
ae32776aae5fbba5f5e09afbc3f01e948cb97a1434924ebfbf25e8f2661d1625
af3cfba90aafbe5de6ae1f7321168f5f1d8f90d44c8e694a4561256d2fca5eb2
afe2837be8a31112dcc7becad310d2be26afd712c1ac94a54cf2b97cfe1781a0
b055cfebf68c6da2d0f11badfd902275092d406eace198dea05849ef65f640ce
b0592fa62b9132e3bc2c24d6d29d3f2cea400db035c075b4a6501655d60cf3a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1eb047759883d34168d1da99d0dde396a2e7757c9d45a30b1848ac397d96d7a
b65e2f19a61ad94f357c5f7e28ade339976bdff01c3408242d7edbe741c8eba1
b684aef220bd97e4fbb9c80de3ae948607cc969ec7840be0d32a1f0c7b331e03
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b8bf41500c04a458823d97b45a4597b9efab2899aac92f3e0a5998ded272baba
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd4fbf8e342a1cdf1ecbbe9414c39b60fce43216e8e906c0722f59b6377e1276
bd600249286710c8aecbbd2c35d1823f904e2ef632f9b6d9b075df7897a8a322
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
be5d1dd49a274ac499e8e5c70b11900182bac269fa13aec275734202c78c529e
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
c0fec1765005f1b382dab221f83a1ad761d29f811155db354c59712f127d319c
c197a663ec13044324f94b3f125ec022a44d2f63bd65ac16df350918731e5dc7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c3eab4546e9b089e07465361af34154e294296f1379ed47c34d8d6d5e5e7a0
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c4f14ed14dd9abbfaad48acd17db70e943f736894002505f4bbb96f61af4c390
c5baf9e71880979fc2a85745026f18dab9568972ec64b1423e5509da41879d95
c606177a3fda760fe20ef711c1dd18edfca6bc46e97f9d16a183bb4096684cbc
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6b87a260f6b9c823149e0ec7b44440d5c096ca057b16fc949a1894402873d13
c7353f59c80267b53f0279a88b5cd10f38df89ee70e8e2d0764c8e4cd04bf643
c844108b1cc91df3645ab0943f9d2a83714328931753786f2416ba3b84686085
c865e2e5b767da1aaad2f67b8b4532d403c34526c788a9b8b9183d3aa6021710
c9b03c18c132f22270aac47d634459f9be9fd8f444ebdb7718c03f356000ea3c
c9eb336660411f4788017d6889cdb83f50b8ae3eaced4a56994520677fff3085
ca018461a93470dfdaa23bd51a821ceb5974a581a00927640dc4125ab0b794a4
cc0ec9330497ea9d4fb21fec6777e04f772280940668db898aaacf92dd11beaa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
ce799e9506617aa913ebfac893d1b2c8475852696ae9e77e0882bb71218a433c
ce9c7987b4f388240ba2afbbc779eac838870389abd54507f8b4a0a8dd5719df
cecd106a0ecf2e04710f9bd05275db4c07edfcd44abcb8db181be608a99fb343
cf2da8520b0400860e1beb934968653ec32c8a15b87ff2ec095ee548032eef57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56785c4eeac1a3442a6a4b4843e41de5735fcf716ab98b2ee9781ef7d8e8e0
d093b5f5c3b3b1f0f18f31761a85538b7d2cd38be68159f0f6400c8af8778bbf
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d124c0d47f3dad95f0fcbf08e0faab2a1d5fe796b459c438661a53b879e1ed1d
d51d3132f201642d716200003782812ced682ed49bd7923be002063ee11a16e8
d570305eb702ae3327e9014156cb7c72483d8cf3c0b60f665c6d47fcda42f452
d5a456774176f31718c9ce26f8077ca182362f6d153bd0f5f5fa145d93fb48f7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d69a06b0f12875d8ca79224ccc8eb4d80f69f554781624eccf5c399d161f18e8
d8239c9bf74a7b5ef230041e68b9d9f165c096c4ae4e97f5955da5be17fa5fd6
d8e026f0ee58a2a116200b9bcee4a3b7369162163fe035b1c058276a47fa28e9
d9534a6484c8789aefe4dad13cfe36ae547de32bb167f3399db1f9bedf4edb25
daadc5659f7330604ecae080ee66fd7d2a2b4fb055e8d4be4fab019b3841da6f
db1d35651b8ec9b5fe6f9692c7ea01b6876402f4ac478b9d60b21ae7919d2420
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dba732adf2e0f0c2c7083d8d04045d7791eaee151cad656b18605e67165bb559
ddbd36cd141c78fc72cd12544076befd1cdb1afd6410eb9299794dd54e0b5944
dfa485819b12385defd0fb44fa1b8d1ba7420e058e0efdb598eca1ed26591458
e0b54f1efd94db47099b5de7b78e84ae1dfb3008709e3c11d5695f77eed8a51d
e1ffd55178ab76019f38d1c279ec19a522cda0ba463474b5d99925f25e715c42
e2492d9b7fb2ce52546069a4e07e016f49c85689570fe41b3ecd2ea4c0f5c37b
e297afc5cba2b67ad30ad316eb275e59408b57d3ed2250f2677dccce750af7b0
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3755840c8f8ed7bd9349e14381e25df71e23415d4aabf8840c595e31e6170f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fe193209e48c2cb066dbc29c4a0a2067ce13bef1c56f3fd6cfc479903ca6e3
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8d72136d296c0a225da505249e26e9f37ba4a053aba197c4092772592e63b6b
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7
ea6f59b42f7668f33fd6f36cef8ed8e2aaeb4bc302e3f09bb406ead0349ccfc8
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec8b492872931e7bd6dad45385981bb4d6098743290a225cfd6a675edb3d864f
ed8603e4a41ce33ae3e68b1bb4998bad011b3654bce031bbe5bb43b17c6dc9e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3feb1d3c9a720750b41b2fbe4dde115af9c232cb69a26aede9c49f58396deb
ef8f4c4111f0c82c400913852ba5e8c7ad55d987f2dabf356f4dc407b245da88
f020eabc282a2620fd5d377557280dc56c2115321d85960d4582d46061d6d1be
f03591d1f7c6491e2f47458007ae69ae8827c89c0aaf0dbcaed8a60d90b74b02
f03baf49179807d112055d1bda028293477083048cfc35f1b87c9e7098e9e5dd
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f2a776dd2fdb00e7f8738cd10841337b63149d867a2091928ce6c105a6b22630
f316bc8fde9a13885b352267c828cdfc1be35016a4cefd8632a6792a7ac9dc3d
f35f36f3a4874ba16dbb09d16259f3e8f40cc2daba99662e72bcfe3ba77c7fb0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3e9d5a0e959973519a493eafd7d257e56633333b25688ccc4c7c071cea858d0
f4197adb87563ca3d3115daa81275de9981a6c44a7202d1e27812da11266255f
f4a865eed527a7865f0a0c0eb90e1cef10cdc127c926043011543cb36b13c680
f4e72af079533476d9df4b500773b365829426f61c161d89d14a69e834c15504
f55aa726d03d3715f90422eeaf2a2d11f1f7b867e5267c7a03da500fb7df8654
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2
f637127a4979438c722c039a8b3178eb8d59620fbc152c209b3ac3b497fcd60c
f73867445571ebeef9ff8db2f77138d1a0c4960d11e752fbe3b5a95717031b6d
f8aefda80abcbcaff8a28a6b72a91690217da80038f6f6e0de8410de61898c4f
f8cb0ab4f61e20ca834826afc15bb444e69f531ecb856726f9ad0c0cf7a04b14
f923dd368c72055e674e4a8932e265ee51911ea42c51d885ca49aacc7e0dd016
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
facc68f18c4ea42bf22fa02c823a11f7e2aa2b084a51c877705854fd0acd6ba3
faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fc578a82050b4ddee276534ae332ba6932d8a817dd9b504fbf00be6edc25ef1a
fd128bb1bb09334b954f40d3932d4617931b7685b7eccb14ca69bbf24bf9aef4
fd1ea6ce7921bbe164d7dad7c10ec31cd809052f39fac8991b8a2d0d470859d1
febccba9f7895bb2dd56b52054baa6f80647e2abb20518ff01c3628efa369893
fef318e1c870fd934db6ff4c77a1a5483f5e21c9829b89fe9328129f13b20cec
ff1372e404f608327da016299b644fbf42bfc3c97929c029d48f348bcea2b70c

www.diarioceleste.com.br Open in urlscan Pro 2606:4700:3031::ac43:b242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

703 Requests

88 %HTTPS

30 %IPv6

82 Domains

136 Subdomains

92 IPs

12 Countries

6282 kBTransfer

17648 kBSize

120 Cookies

16 Outgoing links

Page URL History

Redirected requests

703 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.diarioceleste.com.br Open in urlscan Pro
2606:4700:3031::ac43:b242 Public Scan

Screenshot
Live screenshot

Full Image

703
Requests

88 %
HTTPS

30 %
IPv6

82
Domains

136
Subdomains

92
IPs

12
Countries

6282 kB
Transfer

17648 kB
Size

120
Cookies

703 HTTP transactions
21 data transactions