imagensemoldes.com.br Open in urlscan Pro
2606:4700:3032::ac43:9f91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imagensemoldes.com.br/
Effective URL:
https://imagensemoldes.com.br/
Submission: On March 09 via manual (March 9th 2023, 1:31:32 pm UTC) from BR — Scanned from DE

Summary HTTP 202 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 28 domains to perform 202 HTTP transactions. The main IP is 2606:4700:3032::ac43:9f91, located in United States and belongs to CLOUDFLARENET, US. The main domain is imagensemoldes.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time imagensemoldes.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:3939	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3032::ac43:9f91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.7.52 108.138.7.52	16509 (AMAZON-02) (AMAZON-02)
14	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
24	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
4	23.203.124.21 23.203.124.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80c::2008	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	34.160.55.127 34.160.55.127	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
4 7	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:400d:806::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	141.101.90.97 141.101.90.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.64.52.128 23.64.52.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:6177:59f2:51df:8cf8	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
202	45

1 2606:4700:3037::6815:3939 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imagensemoldes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3032::ac43:9f91 (United States)

ASN13335 (CLOUDFLARENET, US)

imagensemoldes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-52.fra56.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.203.124.21 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb-logs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.55.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.55.160.34.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2004 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.97 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:6177:59f2:51df:8cf8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	491 KB
32	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	326 KB
18	imagensemoldes.com.br 1 redirects imagensemoldes.com.br	572 KB
16	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	271 KB
16	wp.com c0.wp.com — Cisco Umbrella Rank: 6813 stats.wp.com — Cisco Umbrella Rank: 2681 pixel.wp.com — Cisco Umbrella Rank: 2515	84 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 442 eus.rubiconproject.com — Cisco Umbrella Rank: 523 pixel.rubiconproject.com — Cisco Umbrella Rank: 316 token.rubiconproject.com — Cisco Umbrella Rank: 529	14 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 277	356 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2724	3 KB
8	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4223 adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	media.net warp.media.net — Cisco Umbrella Rank: 2330 navvy.media.net — Cisco Umbrella Rank: 24877 hbx.media.net — Cisco Umbrella Rank: 1313 hblg.media.net — Cisco Umbrella Rank: 1841 prebid.media.net — Cisco Umbrella Rank: 1222 pb-logs.media.net — Cisco Umbrella Rank: 13197 contextual.media.net — Cisco Umbrella Rank: 587	180 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 270 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940	4 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	270 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6027 adservice.google.de — Cisco Umbrella Rank: 8682	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	3 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3710	315 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2361	99 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	151 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 421	618 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 317	647 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 51120	607 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3476	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	468 B
1	4dex.io mp.4dex.io — Cisco Umbrella Rank: 1983	272 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	1 KB
1	alright.network tagmanager.alright.network — Cisco Umbrella Rank: 567179	23 KB
202	28

	Domain	Requested by
31	pagead2.googlesyndication.com	imagensemoldes.com.br pagead2.googlesyndication.com www.gstatic.com 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com imagensemoldes.com.br
18	imagensemoldes.com.br	1 redirects imagensemoldes.com.br c0.wp.com
14	c0.wp.com	imagensemoldes.com.br
9	s0.2mdn.net	imagensemoldes.com.br s0.2mdn.net
9	www.gstatic.com	googleads.g.doubleclick.net
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com imagensemoldes.com.br
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	www.google.com	3 redirects tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	mug.criteo.com	imagensemoldes.com.br
4	gum.criteo.com	2 redirects
4	securepubads.g.doubleclick.net	tagmanager.alright.network securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	eus.rubiconproject.com	warp.media.net eus.rubiconproject.com
2	googleads4.g.doubleclick.net	imagensemoldes.com.br
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	prebid.media.net	warp.media.net
2	www.googletagmanager.com	tagmanager.alright.network www.googletagmanager.com
1	match.adsrvr.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	contextual.media.net	warp.media.net
1	portal.o2online.de	imagensemoldes.com.br
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	pb-logs.media.net	imagensemoldes.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fastlane.rubiconproject.com	warp.media.net
1	mp.4dex.io	warp.media.net
1	hblg.media.net	imagensemoldes.com.br
1	hbx.media.net	warp.media.net
1	cdn.jsdelivr.net	warp.media.net
1	navvy.media.net	warp.media.net
1	www.google.de	imagensemoldes.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel.wp.com	imagensemoldes.com.br
1	warp.media.net	imagensemoldes.com.br
1	stats.wp.com	imagensemoldes.com.br
1	tagmanager.alright.network	imagensemoldes.com.br
202	54

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.alright.network Amazon RSA 2048 M01	`2023-02-22` - `2023-07-26`	5 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://imagensemoldes.com.br/
Frame ID: B0EAA15A78C60EF79873D0936A5C6A6A
Requests: 71 HTTP requests in this frame

Frame: https://imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200
Frame ID: F8FFB10A2315D4270CECD78E07004DC7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: A8AA0E6703E662DF128C7F875C71D44A
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1
Frame ID: E2902BC360B75EFD3B4B4B266C122E3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&adk=1812271804&adf=3025194257&lmt=1678368683&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fimagensemoldes.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682855&bpp=8&bdt=837&idt=332&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4903258028065&frm=20&pv=2&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=370
Frame ID: 209289C70334D3E216A2396E0F6812B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=182&slotname=8643826482&adk=2825986415&adf=1362443009&pi=t.ma~as.8643826482&w=725&fwrn=4&lmt=1678368683&rafmt=11&format=725x182&url=https%3A%2F%2Fimagensemoldes.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682863&bpp=3&bdt=845&idt=366&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pnX9owugz2&p=https%3A//imagensemoldes.com.br&dtd=375
Frame ID: 5A55EDA696B304CB93D4AD4F4F8CEF0D
Requests: 24 HTTP requests in this frame

Frame: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3F7FD1C5BB9CFADE4E90F73A2B87CC3
Requests: 1 HTTP requests in this frame

Frame: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 912942EE9D448090BB34BCFD34692E47
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjH8_zbATAB&v=APEucNW-2sjNILYFklL5MXqPI2aRVCIwl9hkNk25LPbqjZvgHJOWE2s_zieyRYRQDNxADcA7Ye0_5C0IyHcnC5a_KAZPJ-AdzOK-MweA354fXKFPvyRJMGTDjWyi_oRlvi39S5LlC1gSdiT956vxaZ9rxFkKVBt_oDq-wI5hK6CE_Wy_RBXcMQ0
Frame ID: 46F2802C7A267D48B888C3919C94E082
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=240&adk=2434494938&adf=984588136&pi=t.aa~a.2718867513~rp.2&w=195&fwrn=4&fwrnh=100&lmt=1678368684&rafmt=1&to=qs&pwprc=6650700683&format=195x240&url=https%3A%2F%2Fimagensemoldes.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368684592&bpp=3&bdt=2574&idt=3&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da6b5704a8f17085a-22a6cf054add00ae%3AT%3D1678368683%3AS%3DALNI_MYkahUdeVRZMLU2vwdtmKKV7ZliEA&gpic=UID%3D000009d69003cf9e%3AT%3D1678368683%3ART%3D1678368683%3AS%3DALNI_MacC4lknbcoBFeQ7HyWHRtzF8R_fw&prev_fmts=0x0%2C725x182&nras=2&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=DYVuR6DANp&p=https%3A//imagensemoldes.com.br&dtd=26
Frame ID: 060E2863A20BBEF23435D6108C8ECEF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: AE3B4424091982914447F72A9F723D58
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5CC7248A3998405BE48FE4FDC69EA3CC
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: EFB5FCEC3D24630D6E0EEAB8BA4869D7
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 51645852836169E3375C7E515800AB03
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EFC986BA99A06C362DA416916882AAA7
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
Frame ID: 8E928DEDDA97D3BF4C9F8EC5D8BBDFF2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0B06DD9D666D146A9E669D6D6EAD25C7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C3CD128C5504ACB45DE43048AEDFBA09
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41D8EAD3F57BDA60FCBDCD9E4E7D51D7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E2E4873A0497A7BB133162BD5CFA192
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: BF3F254373254278F01D20668B84815B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 2FAE6B4C78F671CFDB1C695BB2F469AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4EA445098CB51BCE946E835CE5216ADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 025419ACBED6E8A4D19251AFAFA4A628
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E0D808C3C302CA8E151DEC396E3F1C00
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8Y84F0&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C459%2C77%2C38%2C2022%2C182%2C2064%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=MANAGED_PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: C0780788DEF6387178B88B24851C4793
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Início -

Page URL History Show full URLs

http://imagensemoldes.com.br/ HTTP 301
https://imagensemoldes.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

202
Requests

94 %
HTTPS

57 %
IPv6

28
Domains

54
Subdomains

45
IPs

7
Countries

2753 kB
Transfer

7413 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imagensemoldes.com.br/ HTTP 301
https://imagensemoldes.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=7Y8Kn3xzNHUvb0dYeEdqZnpUMmhzaGtDL0YzNTNXZTJsMUVyeTdkNHowTVp2UkJGV21TdXRHaVJlN2JBZGFiN05EMXpqd3doTkwvVlFGeE50MnRFRngrTE40S3lqcVZwN1c5QXROR0xjUWJwdGpiTnZyQUtIUEo5NkU4U2xyTk54WTNhejk4Q0doOUNHZ2JQbk1aTTFOdDBobTlxbjRrTXJ0Z1d6d2ZvcFdUS0Y5RjFuRWg5TUhNZ2MxOUxsa1h2cTVoMzNoMkFCSmFkMnFOSlFnUXZFc2NMc3dWOTFFb2hCa2wwcml6QlphR2huMXhlenErVU9vb3drNEZYd0s2WUJZd3RHfA&cppv=2

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAnfrQY4.xfyK8yCDZZMbgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1&google_hm=2

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPvrmsi_Pr2EjIQykNmOLzk&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTQwOTE2NjY1NTM4MDU4OA%3D%3D

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 186

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=IwLMGXxUQ0tNMHNUWWd0Nm1SNExEN09vaWNKSFdRVnQ4RkdxSm5qUHZzdHNmUkI2VndvcVRlMmMxd0o0ZXh2VHZyOEFGVW1hcGpSTWlCWFFrVnFXNzNST2JKRzgzM2pHTE1GRC9VcjYyWVF0TUR6R0ozTG5pRDNXRzJ4QnFCZEZXNmxHRHQvc1BvckhtM3RkZHNtYmoxa3prR1hDcTRtWmlzSzEyS2FmcUNBTlA3UU9PSzNFZHZNeEcvQzZhdDV1ZnNZdXdqVHE2d2RsQVdQMXAxRFk3bFRVOXBSbkJnR0VVZk1HVDdrV21jbGpBelR1YzgzOWVTUXVqR1lqM0Q1bnptVHlYfA&cppv=2

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK2-Mc2dDcSqFxPcdi01qQs&google_cver=1

Request Chain 197

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDUxZGJiMWFkYzkyMTY4YzY4MmQxMjUyNTQwMTI1MDFkY2VjNGRlMA

Request Chain 198

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF15DOGF-20-KAYR

Request Chain 199

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BPbjn3cEQIKXmX_x4AFA6g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BPbjn3cEQIKXmX_x4AFA6g

Request Chain 200

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/B5p7I9QtwRSQu1Fm2FJfosn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Do0O.KpE2oI9ghJ8JxiDcVI6ewnRqK_TWzM4Sg--~A

Request Chain 201

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYxNURPR0YtMjAtS0FZUg==

Request Chain 202

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=anF1GXNwQDSvoZzqL3uo1Q&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=anF1GXNwQDSvoZzqL3uo1Q

202 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imagensemoldes.com.br/
Redirect Chain

http://imagensemoldes.com.br/
https://imagensemoldes.com.br/

119 KB
39 KB

649ms
319ms

Document
text/html

2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc9529992853473b405c81ce87191f30332e569faca93e663c92de6f206da87c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, proxy-revalidate, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 7a53ad83e90b9191-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 13:31:21 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://imagensemoldes.com.br/wp-json/>; rel="https://api.w.org/" <https://imagensemoldes.com.br/wp-json/wp/v2/pages/134650>; rel="alternate"; type="application/json" <https://imagensemoldes.com.br/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpvnFiP%2BzSHsRr4UrS%2FIn58oEkck9V6y1zNpLhJS3UoEDSzVeP0%2BRY7IrQlnEmOl%2FUOLH97vgjtUQ38j23gOaJuezgJe0qIg4ZPrxqEbaQaArKJsrkKJyRV0IA1urOfzPGQi3EoncIoOX1ZOqdOGiDd9GXk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ua-compatible: IE=edge

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a53ad7fac742ba6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 13:31:21 GMT
Expires: Thu, 09 Mar 2023 14:31:21 GMT
Location: https://imagensemoldes.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IipCoKbff%2FXGlFm7lYcYxx3xdcDm5jnv3Sc8X%2BP%2FymyPbYfmiQrxudhTPSiyU90rVw9zIFfqr5%2BWRffb40zcI4xNqmTBCPr01zfX9sdjjIDciOnbY9433C1zIq7SyX5%2BRbKhI6TvSH9QfmhgJ5ve5YqHon8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Redirect-By: WordPress
X-UA-Compatible: IE=edge
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 container_SvoBs34Y.js Show response
tagmanager.alright.network/manager/js/ 80 KB
23 KB 130ms
11ms Script
application/javascript 108.138.7.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_SvoBs34Y.js
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ab56b26b6c2a562fca0131b38adae977b40bb845984e37d20a5d2524d7ba151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 23:14:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 802
x-amz-server-side-encryption: AES256
etag: W/"742eee1b2c324b44ed1cd2888474d6c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sN90rWOnsem1624zudX9AMCgZ3yc6xbmrdAyUTT5mUYV1wbVVjDPeg==

GET
H2 200 style.min.css
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/ 93 KB
11 KB 77ms
15ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 11 KB
3 KB 77ms
15ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 4 KB
1 KB 77ms
15ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 classic-themes.min.css
c0.wp.com/c/6.1.1/wp-includes/css/ 217 B
280 B 77ms
16ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 217
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 unsemantic-grid.min.css
imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/ 12 KB
2 KB 81ms
76ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.2.4
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Dec 2022 04:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639bf062-3107"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWrIvjNsoB6CCvIB2SQvfno5NKuojwSzXcJyXqVEwj6u9%2BTiYPQahr1Xle3FwlHMEDbWR3exfRPftY%2FQloIrYUltHW9JFvAKOuKSVkHXN%2ByQ3vMuZMRTpoW4DnE%2FPBrB9qqYOOq2nWIQ6LoaxT%2Bmp%2BjgIAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac959191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/ 21 KB
5 KB 75ms
70ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.2.4
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Dec 2022 04:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639bf062-55ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ5jv%2BpELh5mOr%2B%2BIm9h%2FxVkYUQyglOeG6vvQwUt2eVA2omWkZzsTkjcyAknLgBOvKBZmN7vJRWY%2FvK6CB8DxGWir5G3fqRKmhOtczKKlToDAelexKG7mEwqheqNryYFol8%2FtRzVdl5OxORnTPOSibIG0mQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac969191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mobile.min.css
imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/ 4 KB
1 KB 84ms
79ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.2.4
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Dec 2022 04:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639bf062-ec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMOHYYxCr3w0LTyyAG7g%2FVOe7dLfIBkn%2B8bsO3whgq3jCftzoRUfU9pxYb3Th0EPXHGtLjVa%2BLKd18ZsPtJBYbAu5QvaKW8CLb5MaWbwrneXVtll4pM%2BGwbUBFPHHpyfW6dGwKGVmPvEmWKQgyVJKRQnKI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac979191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-icons.min.css
imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 83ms
79ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.2.4
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Dec 2022 04:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639bf062-b94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNM8uo7T4QPJGUEq58No3BBD6wcCSns2zeuEPg5oEj9nuZDJKqZYXd2NQJhXOPAVnpTVdy5VHqmgJHrN7OBg6MMUeR5jAbZs4VNRYSKrFDG98AeFpYgat%2BUpa7SJnqNwdIDACUOp1NkIFEOAh2J0rEENcm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac989191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/components/ 30 KB
7 KB 72ms
68ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/themes/generatepress/assets/css/components/font-awesome.min.css?ver=4.7
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Dec 2022 04:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639bf062-7855"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYnI0JFTTudtem2LBZeBW87R8OuC1ROFk0NRVxRkEvbdSbbkLucIs8P11FL%2BpEjzRm%2FlBD51YHxk4vhBdgR9q7R0kz1alQUhR2%2BcMcBdeVprpNFMNdJRPE813zFD2WsWACFysecPkJ1roYzagLZwy8viyts%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac999191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 default.min.css
imagensemoldes.com.br/wp-content/plugins/optimizePressPlugin/lib/assets/ 397 KB
58 KB 79ms
74ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/plugins/optimizePressPlugin/lib/assets/default.min.css?ver=2.5.26
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8e4657255e798fffe3237564dbe11db135cabdb291c1d282c2326046977dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 28 Dec 2022 11:54:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ac2e93-635a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDzinTju2h0SXxhwFhtxyiXDWEppYEFf89%2BEY9z6RAMumia9lIR123YT3dHhWi0fBpiGnQyZJ1oCVUiKOuQGX%2FrM9V3yom9ea9ugR1Va0tc%2F8OkSiX3CNto%2FGkgFE29HKPDt1AJ%2B51V7clOSVzVPU9uphRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a53ad86ac9a9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.8.4/css/ 87 KB
16 KB 77ms
16ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.8.4/css/jetpack.css

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

088674fc15eef135403ab29abc6c7fc277dc83932073c9e418199bbba5ee3f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 15 Feb 2023 21:41:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 optimizeMember-o.php
imagensemoldes.com.br/wp-content/plugins/optimizeMember/ 21 KB
4 KB 253ms
249ms Stylesheet
text/css 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/plugins/optimizeMember/optimizeMember-o.php?ws_plugin__optimizemember_css=1&qcABC=1&ver=1.2.12-1.2.12-2693462581
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66574a52a8d3c18d195ff4540d1940132ecbbc7484c0f2a374e87fc241d40d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 13:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XdFfc1JpgGHupS%2FoteQfoWirSO3k%2FGzMVuAVoVHeUbPATSmW0F%2FxzKxpdkQgYuDGOFlJCQhR0ttdND22%2BRAM37cuMXd884h3LqLAtQnP2QxH7EmNOFD%2BrqMEHRDji8GTKn%2Bh1d7jHqdGfLF%2Ftt7X8zqnF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800
cf-ray: 7a53ad86ac9c9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Mar 2023 13:31:22 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 88 KB
30 KB 77ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 11 KB
4 KB 93ms
33ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 op-jquery-base-all.min.js Show response
imagensemoldes.com.br/wp-content/plugins/optimizePressPlugin/lib/js/ 55 KB
18 KB 72ms
69ms Script
application/javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/plugins/optimizePressPlugin/lib/js/op-jquery-base-all.min.js?ver=2.5.26
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088f0fb76428d8d80fbdfe4c32d29189761c3ec415269bf0cc8111f2f00b269f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 28 Dec 2022 11:55:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ac2e95-dc31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkGwMhZYp%2Blh0wUcqGry5DGYSEmckuESgzcbIqQosaaEn3iLNSzIYq4JMqaodUM%2F98JdnptImXqpbPGqByfgMn1Xh2cmaufbb4Rmbl8yq%2Fjzz1CUBHb0Ywv%2B41fjScleAGuDnHzDWMKF95P%2FZAbk0eBHHCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7a53ad86ac9e9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 zxcvbn-async.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/ 351 B
410 B 92ms
33ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/zxcvbn-async.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 23 Feb 2021 16:45:19 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 351
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/ 6 KB
2 KB 91ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/ 17 KB
6 KB 91ms
31ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 5 KB
2 KB 91ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 10 KB
4 KB 76ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 password-strength-meter.min.js Show response
c0.wp.com/c/6.1.1/wp-admin/js/ 1 KB
613 B 90ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-admin/js/password-strength-meter.min.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 22 Jan 2021 12:32:03 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 optimizeMember-o.php Show response
imagensemoldes.com.br/wp-content/plugins/optimizeMember/ 54 KB
10 KB 256ms
254ms Script
application/x-javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-content/plugins/optimizeMember/optimizeMember-o.php?ws_plugin__optimizemember_js_w_globals=1&qcABC=1&ver=1.2.12-1.2.12-2693462581
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 106490eba2f3bd60ded542f8353c78729f7169acc781ffb31ef5e9e8768b7db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 13:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHHtCJ6IDZ7VAD2gFTsouK1rXiDAas4%2BTVWM044qcE4Va%2BSosOoIGd%2BLgN7axE6GdAs5lnKVp2bvGVdFHi5SA%2FLq6MED%2B5z3WRcXrqYDOhiBizwZjMD5aCfatcIS4fp0gPmbNeg1yNKS%2BOMsje137wMDLkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 7a53ad86ac9f9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Mar 2023 13:31:22 GMT

GET
H3 200 Imagens-e-moldes-artesanato-lembrancinhas-personalizadas-1-e1462560738570.jpg
imagensemoldes.com.br/wp-content/uploads/2016/05/ 16 KB
17 KB 75ms
74ms Image
image/jpeg 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagensemoldes.com.br/wp-content/uploads/2016/05/Imagens-e-moldes-artesanato-lembrancinhas-personalizadas-1-e1462560738570.jpg
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14074af762388535ef964139330ab32efd439c8dd5f076ac5cb5a90ca5aa50a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 May 2016 18:52:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "572ce7e2-3ff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SueYQdnSgn5HftRtem5oA09ZN3%2B8fwFqV2Q8WSs0Lml7cckE1VeY9YhTEBZ7E65Tz97tUSh13v7PNktuJmgyWu3jVSchH%2Bx9KObGbht05VL7VGjSvD5FZij8TyvHHVG9s2EBLf6%2B00pdy40auGDc%2BrzY5XM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7a53ad886ce6908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16375

GET
H2 200 form-styles.js Show response
c0.wp.com/p/jetpack/11.8.4/modules/contact-form/js/ 3 KB
942 B 12ms
12ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.8.4/modules/contact-form/js/form-styles.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dbdce2a427cc45f01c27c5b968fb54a771a11b8ec9687104530d0c8077b1ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 15 Feb 2023 21:41:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:31:22 GMT

GET
H2 200 e-202310.js Show response
stats.wp.com/ 9 KB
3 KB 55ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202310.js
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 03 Mar 2024 23:27:06 GMT

GET
H3 200 wp-emoji-release.min.js Show response
imagensemoldes.com.br/wp-includes/js/ 18 KB
5 KB 81ms
80ms Script
application/javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Jun 2022 10:12:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62973b70-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7VRRZut3kvLD%2Fng3AsF0odkqfU8MZO5tAbIyjsrDpGvZrkJzsFfvwBWqWJGBBEVy3P06LGwk0G4orpP5CMoJwhPR61Aqp2jshIaqX5SJfqJgb8kTAJ8ZYy66CjLf6s5hKbeGGuY57Qfjtk5GSldOMYxpPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7a53ad887ceb908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 254ms
78ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_SvoBs34Y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9575453d56b60a04d94e8dd63615a8e7dab1b835025be5e2b26a3364c55b2584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27461
x-xss-protection: 0
server: sffe
etag: "1505 / 207 of 1000 / last-modified: 1678363809"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 13:31:22 GMT

GET
H2 200 clientag.js Show response
warp.media.net/js/tags/ 511 KB
162 KB 252ms
111ms Script
text/javascript 23.203.124.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.21 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c10eb17716cc956128ca5cd608b1e293caa282c737ee5a0f5dc124f5069351a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Thu, 09 Mar 2023 13:31:22 GMT
server: Apache
etag: 588026319594098396
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 09 Mar 2023 14:01:22 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 27ms
11ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=166511142&post=134650&tz=-3&srv=imagensemoldes.com.br&j=1%3A11.8.4&host=imagensemoldes.com.br&ref=&fcp=1524&rand=0.30060249743989575
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 13:31:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 119ms
49ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-744CV3E27J

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_SvoBs34Y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

136e5a489546a6a57ee9dae8f30ba99c10e1460e15d56d2923ae4fe9842cbeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 13:31:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 171 KB
51 KB 136ms
69ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7536383250901359

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae1ef19f30f7bd72d938634d2de2ee3dc91082e846ead7e5a93568138986cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Origin: https://imagensemoldes.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51549
x-xss-protection: 0
server: cafe
etag: 14834655007611217034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:22 GMT

GET
H3 200 invisible.js Show response
imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame F8FF 25 KB
11 KB 17ms
16ms Script
application/javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ec5ef95f439d7d6c3d55d8876ff16d87f9803f225ffffcffcd036aa2154e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKcblahjOa4u2hmhGU%2FldBfImrA2WCwqY7xa4yGWKm8N1SWBvKzfqoxuNe2er5EqKMUCkDzHQrTLgMKKvcEjt%2FadxtJcwyJBsRHYNdl06DRs8dqmWMmff3KK1fDigvBfUBdTjeY7xT5w%2B9bFMZytfqm6djQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a53ad890d71908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ajax-loader.gif
imagensemoldes.com.br/wp-content/plugins/optimizeMember/images/ 1 KB
2 KB 73ms
73ms Image
image/gif 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagensemoldes.com.br/wp-content/plugins/optimizeMember/images/ajax-loader.gif
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b5c37c80ccd103c8075d88ed542ac53ac2ad2f84ad000626d8ea8c6094f063a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 25 May 2020 21:53:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ecc3e70-5b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMF3%2FfgSUIeIwyrqnJOyz6%2BJITABthfkWy74BUt3o2R5yhi8iqcCSQoI3NnBCvpVj6%2FJeCoj%2BrjCY7E5l%2F%2Fak6Brn%2BeRskHITsZPKjYychhl%2BdklJ3rNBGUts6uSCZlBPyUgxZX%2F3aSoz7GSlju3O2rLuwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 7a53ad892d91908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1456

GET
H3 200 pica.js
imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/ Frame F8FF 7 KB
4 KB 17ms
16ms Other
application/javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88dfa486d81755b5073594e36a5d5ffb33acff67a1eac7a47091269e9dcb0d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEp4mH362YjcXAaw6XvsLmlqz7or1todKgarOijTLNnfBOvUfwjqRbNkd8QE3z1%2BANOazRzT%2BAgNMAxFPxAmBAtvekrlvCJjtAJifaRV0zfjDvzlQhOn7qd1k5TRfcxATkw9lKAhgS%2Bkdv4SBBraEf%2FZMt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a53ad894dc1908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7a53ad83e90b9191 Show response
imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F8FF 2 B
670 B 37ms
36ms XHR
text/plain 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/cv/result/7a53ad83e90b9191
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKLT5btbWu%2BvGEC4HGgcCBEhy3A7AVLugIFYUI6v0D%2FvbYqeSonRLL5X5N%2B1NhR27eZ4Loq7Fj870YuOFvlUqpbztpWlM5YjtUMZHmVfwPw49T%2FaczSaDnQU3mdS9seWGvAoK7YhcCX2Ts9khoUtECounkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a53ad8b8f38908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 394 KB
133 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136160
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Mar 2024 09:28:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1003 B
440 B 106ms
53ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=imagensemoldes.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b4570c965d3230d9fd550cfebe647ffbf5ff1a79d2993993ade589ecc42fb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
expires: Thu, 09 Mar 2023 13:31:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/ 361 KB
119 KB 134ms
81ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7536383250901359&plah=imagensemoldes.com.br&bust=31072926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7536383250901359

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb09a4e13e668c690ae0961d43307f9cfa35a4cdc5f3315068b4e2855f8d5ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121637
x-xss-protection: 0
server: cafe
etag: 10849050117130812859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame A8AA 10 KB
5 KB 27ms
21ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7536383250901359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 09:47:35 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 09:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 49ms
48ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SNH2SC3JGN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-744CV3E27J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a8dfeb975951fd6f5edd0d3a81d0bd8e0d3c833cf23ce3bf81f6c32f823ae4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 13:31:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 38ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-744CV3E27J&gtm=45je3360&_p=786890414&_gaz=1&cid=870451030.1678368683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678368682&sct=1&seg=0&dl=https%3A%2F%2Fimagensemoldes.com.br%2F&dt=In%C3%ADcio%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-744CV3E27J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 48ms
17ms Ping
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-744CV3E27J&cid=870451030.1678368683&gtm=45je3360&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-744CV3E27J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 120ms
55ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-744CV3E27J&cid=870451030.1678368683&gtm=45je3360&aip=1&z=1083712699

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log
navvy.media.net/ 35 B
281 B 174ms
115ms Ping
image/gif 34.160.55.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.55.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 127.55.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Wed, 08 Mar 2023 06:11:14 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 52ms
7ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230309

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 13:31:23 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 34232
x-jsd-version: 1.0.1640
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 900
x-served-by: cache-fra-eddf8230103-FRA, cache-hhn-etou8220064-HHN
x-jsd-version-type: version
etag: W/"63d-PeDyOB4Gqgq4huu4pMQX1CxVy2k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame E290 22 KB
8 KB 118ms
70ms Document
text/html 23.203.124.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.21 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad6f0ad8e43b8519cd6c06668a9a71a32291f04af609f2bedaa3615e6e437563

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8082
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 13:31:23 GMT
expires: Sat, 11 Mar 2023 13:31:23 GMT
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://imagensemoldes.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 13:31:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 534042
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=7Y8Kn3xzNHUvb0dYeEdqZnpUMmhzaGtDL0YzNTNXZTJsMUVyeTdkNHowTVp2UkJGV21TdXRHaVJlN2JBZGFiN05EMXpqd3doTkwvVlFGeE50MnRFRngrTE40S3lqcVZwN1c5QXROR0xjUWJwdGpiTnZyQUtIUEo5NkU4U2...

378 B
680 B

50ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7Y8Kn3xzNHUvb0dYeEdqZnpUMmhzaGtDL0YzNTNXZTJsMUVyeTdkNHowTVp2UkJGV21TdXRHaVJlN2JBZGFiN05EMXpqd3doTkwvVlFGeE50MnRFRngrTE40S3lqcVZwN1c5QXROR0xjUWJwdGpiTnZyQUtIUEo5NkU4U2xyTk54WTNhejk4Q0doOUNHZ2JQbk1aTTFOdDBobTlxbjRrTXJ0Z1d6d2ZvcFdUS0Y5RjFuRWg5TUhNZ2MxOUxsa1h2cTVoMzNoMkFCSmFkMnFOSlFnUXZFc2NMc3dWOTFFb2hCa2wwcml6QlphR2huMXhlenErVU9vb3drNEZYd0s2WUJZd3RHfA&cppv=2

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

51cc3f0be094d1055966a0f0abf30c3d85c73be54141926deed6dc1911148763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1325411
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=7Y8Kn3xzNHUvb0dYeEdqZnpUMmhzaGtDL0YzNTNXZTJsMUVyeTdkNHowTVp2UkJGV21TdXRHaVJlN2JBZGFiN05EMXpqd3doTkwvVlFGeE50MnRFRngrTE40S3lqcVZwN1c5QXROR0xjUWJwdGpiTnZyQUtIUEo5NkU4U2xyTk54WTNhejk4Q0doOUNHZ2JQbk1aTTFOdDBobTlxbjRrTXJ0Z1d6d2ZvcFdUS0Y5RjFuRWg5TUhNZ2MxOUxsa1h2cTVoMzNoMkFCSmFkMnFOSlFnUXZFc2NMc3dWOTFFb2hCa2wwcml6QlphR2huMXhlenErVU9vb3drNEZYd0s2WUJZd3RHfA&cppv=2
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 681632
content-length: 0
expires: 0

GET
H2 200 log
hblg.media.net/ 35 B
200 B 64ms
31ms Image
image/gif 23.203.124.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=belog&cid=8CU8Y84F0&itype=MANAGED_PREBID&dn=imagensemoldes.com.br&svr=030610_539&cpr=1678368682969&requrl=https%3A%2F%2Fimagensemoldes.com.br%2F&name=MP_LOADED_GET&crid=&stack=

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.21 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 09 Mar 2023 13:31:23 GMT

GET
H2 200 config Show response
prebid.media.net/rtb/prebid/analytics/ 46 B
275 B 445ms
16ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU8Y84F0&dn=imagensemoldes.com.br
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6315555798a42d3034cbdf67f826e982eddac7707bcd85e856e01f37b62bac31

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: max-age=900, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 09 Mar 2023 13:46:23 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ 0
272 B 427ms
30ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7a53ad900e12925c-FRA
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
996 B 627ms
238ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU8Y84F0
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8cb2083a4cb2b2775bcb066bee79dab8792ff7e37d0cd9533d15e75573fb4ad5

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 09 Mar 2023 13:31:23 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 665 B
1 KB 642ms
256ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=182980&zone_id=891446&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fimagensemoldes.com.br%2F&tg_i.page=https%3A%2F%2Fimagensemoldes.com.br%2F&tg_i.domain=imagensemoldes.com.br&tg_i.adUnitCode=%2F21830119956%2C21855491423%2Fimagens_e_moldes%2FWIDESCREEN_ENGAGE_DESK&tg_i.divId=supertag-ad-d7e0yuic8&tg_i.adUnitPath=%2F21830119956%2C21855491423%2Fimagens_e_moldes%2FWIDESCREEN_ENGAGE_DESK&tg_i.tref=0&tg_i.mnrf=0&tg_i.mnrfc=0&tg_i.src=mnjs&tg_i.pbadslot=%2F21830119956%2C21855491423%2Fimagens_e_moldes%2FWIDESCREEN_ENGAGE_DESK&tk_flint=pbjs_lite_v7.28.0&x_source.tid=05316795-fd6c-4872-adb7-df9b15476b9f&l_pb_bid_id=6e70f5c6ba3bb2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21830119956%2C21855491423%2Fimagens_e_moldes%2FWIDESCREEN_ENGAGE_DESK&slots=1&rand=0.47526887480932634
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9726b20db498daf21bdb1282c0f6e3fcc196e3f7be1c23a3ef2fa5b5bcd53aba

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://imagensemoldes.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SNH2SC3JGN&gtm=45je3360&_p=786890414&cid=870451030.1678368683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678368683&sct=1&seg=0&dl=https%3A%2F%2Fimagensemoldes.com.br%2F&dt=In%C3%ADcio%20-&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNH2SC3JGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 366ms
20ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 13:31:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 619705
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
468 B 43ms
42ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=imagensemoldes.com.br&callback=_gfp_s_&client=ca-pub-7536383250901359

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7536383250901359&plah=imagensemoldes.com.br&bust=31072926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b62512ae94ea5d52f27c2a86ab0c9c72dc1c02ed1d3f98b8e1d1bd4577bc36c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 356ms
42ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 357ms
43ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2092 399 KB
66 KB 904ms
903ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&adk=1812271804&adf=3025194257&lmt=1678368683&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fimagensemoldes.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682855&bpp=8&bdt=837&idt=332&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4903258028065&frm=20&pv=2&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=370

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5307441a6bf6e3716c9e6821886b776cc92587d4290208d0916b4fb2c225404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:24 GMT
expires: Thu, 09 Mar 2023 13:31:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A55 117 KB
36 KB 672ms
671ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=182&slotname=8643826482&adk=2825986415&adf=1362443009&pi=t.ma~as.8643826482&w=725&fwrn=4&lmt=1678368683&rafmt=11&format=725x182&url=https%3A%2F%2Fimagensemoldes.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682863&bpp=3&bdt=845&idt=366&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pnX9owugz2&p=https%3A//imagensemoldes.com.br&dtd=375

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e67b3698fec49e0dc5755b73b14378f49019d2354f4eeed77c338e5964a12e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:24 GMT
expires: Thu, 09 Mar 2023 13:31:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 45ms
43ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 355ms
354ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1332967202970593&correlator=3538758573512948&eid=31072029%2C31072894%2C31072917%2C44785064&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fifs&iu_parts=21830119956%3A21855491423%2Cimagens_e_moldes%2CWIDESCREEN_ENGAGE_DESK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=3&adks=1685193562&didk=1978432887&sfv=1-0-40&prev_scp=siteurl%3Dimagensemoldes%26sitestructure%3DRON%26pageposition%3Dabovefold%26adposition%3Dwidescreen%26hb_prebidmanage%3D1%26hb_abt%3Dmp&eri=1&sc=1&cookie=ID%3Da6b5704a8f17085a-22a6cf054add00ae%3AT%3D1678368683%3ART%3D1678368683%3AS%3DALNI_MYkahUdeVRZMLU2vwdtmKKV7ZliEA&gpic=UID%3D000009d69003cf9e%3AT%3D1678368683%3ART%3D1678368683%3AS%3DALNI_MacC4lknbcoBFeQ7HyWHRtzF8R_fw&abxe=1&dt=1678368683810&lmt=1678368683&dlt=1678368682018&idt=1047&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimagensemoldes.com.br%2F&frm=20&vis=1&psz=728x-1&msz=0x-1&fws=640&ohw=0&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48ab8eeac38fdbcc1e77cf9fb54f0e6a118166845026cc500bfc148c34e7a9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6905
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3F7 6 KB
3 KB 207ms
53ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:24 GMT
expires: Fri, 08 Mar 2024 13:31:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 log
pb-logs.media.net/ 35 B
173 B 265ms
42ms Image
image/gif 23.203.124.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fimagensemoldes.com.br%2F&dn=imagensemoldes.com.br&ref=&screen=1600x1200&cid=8CU8Y84F0&lper=1&plper=&gdpr=0&ajx=1&pbv=v7.28.0&pbav=1.0.0&flt=1&supcrid=%2F21830119956%2C21855491423%2Fimagens_e_moldes%2FWIDESCREEN_ENGAGE_DESK&og_supcrid=supertag-ad-d7e0yuic8&tmax=2000&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522178248880%2522%252C%2522dfpDiv%2522%253A%2522supertag-ad-d7e0yuic8%2522%252C%2522dfpAdPath%2522%253A%2522%252F21830119956%252C21855491423%252Fimagens_e_moldes%252FWIDESCREEN_ENGAGE_DESK%2522%252C%2522svr%2522%253A%2522030610_539_0612_301_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=2a880d9c-cdb3-43af-99aa-5a21f830e156&pbsLogs=%7B%7D&sts=0&ets=664&tts=768&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&targ=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=649&cs=&params=&advurl=&bidId=-1&ogReqId=&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=534&cs=&params=&advurl=&bidId=286ec73daa4d59&ogReqId=&adid=&pvnm=adagio&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=761&cs=&params=&advurl=&bidId=40574fb5bad8dd&ogReqId=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=286268779&pubcrid=286268779&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=759&cs=&params=&advurl=&bidId=6e70f5c6ba3bb2&ogReqId=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.124.21 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-21.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 09 Mar 2023 13:31:24 GMT
content-length: 35
content-type: image/gif

GET
H2 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame 5A55 10 KB
4 KB 89ms
23ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=182&slotname=8643826482&adk=2825986415&adf=1362443009&pi=t.ma~as.8643826482&w=725&fwrn=4&lmt=1678368683&rafmt=11&format=725x182&url=https%3A%2F%2Fimagensemoldes.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682863&bpp=3&bdt=845&idt=366&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pnX9owugz2&p=https%3A//imagensemoldes.com.br&dtd=375

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 03:52:29 GMT

GET
H2 200 e45c0de176f05d0248951c6e560bc486.js Show response
www.gstatic.com/mysidia/ Frame 5A55 19 KB
8 KB 87ms
20ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64466ba68466bfb5d967c7b2bb77304b6b77aca524614d247f086a2ab8c86de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7808
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 23:49:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A55 2 KB
944 B 108ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 13:27:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 13:31:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5A55 2 KB
846 B 65ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:00:53 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 5A55 6 KB
2 KB 90ms
24ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 09:59:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 5A55 22 KB
9 KB 163ms
21ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5A55 3 KB
1 KB 65ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5A55 20 KB
8 KB 164ms
23ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A55 158 KB
49 KB 213ms
132ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:24 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 5A55 34 KB
14 KB 31ms
20ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 160ms
8ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:05:34 GMT
via: 1.1 google
age: 1550
x-guploader-uploadid: ADPycds8QdTaRR6DEKUo9acpoU-q_L68iV3u6pa403eVBNAQIxvokjs_GrpPdd4SKs51WFXBPJoKuxAHwkyQOlPDYFQRYmzq6zfn
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Thu, 09 Mar 2023 14:05:34 GMT

GET
H2 200 container.html Show response
264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9129 6 KB
3 KB 172ms
58ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:24 GMT
expires: Fri, 08 Mar 2024 13:31:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5A55 22 KB
22 KB 138ms
23ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQhB_TKaAyDv-sC3aIkyI9W8hWzf3ZiLplDfrqF4D9dY5lL0Knqsy2OXV_3kxw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5c21fc1c1cbfe628d8026b2e290bceb198286c1ae4f7bd335175d5133f62b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:26:35 GMT
x-content-type-options: nosniff
age: 569089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22387
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 01:43:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Mar 2024 23:26:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 5A55 18 KB
18 KB 137ms
23ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRK7cLw0ylGiRW85jxQrU8MM9w4kH4OSJ-hxXwQ92_Fzl5307iJHFVfSsfAhDw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b92bb04925973f7b610e03bf5f8a7622e19fba98998b01f28d325ba50780a20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 04:41:35 GMT
x-content-type-options: nosniff
age: 118189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18072
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:29:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 04:41:35 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5A55 44 KB
45 KB 157ms
25ms Image
image/jpeg 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQY7g0VPg1lgQKd7-G8pdbApG_gb_0iuILHHis40nWh8UCf3wU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5518feab50f6d237f17730ecf963cf42619f4eec7f24be4aa5ea773f25b9227f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:35:48 GMT
x-content-type-options: nosniff
age: 136536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45038
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 06 Mar 2024 23:35:48 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5A55 20 KB
20 KB 180ms
48ms Image
image/jpeg 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRxvAFfnNUCf2fLPXyjrCAUekBdhyzaxA83v8155g_Y6xf7eetnAg_6RHPG4g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5045426b2f131ff916dfacc87708a4629cd36e8e12b0d614a0216b8bce13552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 04:41:34 GMT
x-content-type-options: nosniff
age: 118190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20512
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 15:30:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 04:41:34 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 5A55 59 KB
59 KB 149ms
35ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSCB_McUJXsWiZ89jsqEY1Biu-aW3qBeTD-WqC32v7jrFd_ZCiQT1Ov_b6wfWc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d11c97f8796f3ef37343325dffd4925803c7bc2750bb4e7e75333b25f7c8004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 10:26:25 GMT
x-content-type-options: nosniff
age: 443099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60456
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:09:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Mar 2024 10:26:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5A55 14 KB
14 KB 205ms
74ms Image
image/png 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSng1Kj6ZzGlXRHr4xv55DcnMBbUHGUS2E2U5BienWspvDCwjej&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbdf026f0e3ad6909f663b18a4636e25d12927f278563bdd2ee387a55677d87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:36:24 GMT
x-content-type-options: nosniff
age: 539700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 06:46:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 02 Mar 2024 07:36:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A55 0
0 84ms
77ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNtk_q98JZL2SIYP03gOHn5roD72D_bRvrZux6sYQjr6w0pQ3EAEg_9buY2CV4pCCoAegAbOG6-EoyAEJqQIoVrcsqrWxPqgDAcgDywSqBPMBT9DFCO6L23LHJvNOmcz6BfNxfBaa65NNrERa5xLur2kz3VHz7Sr9uNaSCYwGaZo0NwNRdQHZSNVHeFn462Q_aXK9CLYra2YcvlfcAEDWHEN9ZwkefoIACyKI63Zb6xTPIXZ7Ju99NP2ntA9vg6A3qecr2iG1WIU1NzNN-WOSl-Jrdi6BfmWcrWIN873peiR8PIINnNRT5n1c2sAat666KgYQBBxOUx7aTxIIRWKSnOHkWwX90a3kPsOq0ao5bgAQaOxCXJMwxEJnIcV8I_vOxNwUc8XOuFrLL23IXmyBPcAsfUdGszvHfK0j8_uJxIxAzFVJwASQk-CnmASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHo52KvwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQyNgH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNzUzNjM4MzI1MDkwMTM1ORgA&sigh=TLSY0mXSEpk&uach_m=[UACH]&cid=CAQSGwDUE5ymX2qUShChWskRK6aeucY7ts1YOLtnzBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=182&slotname=8643826482&adk=2825986415&adf=1362443009&pi=t.ma~as.8643826482&w=725&fwrn=4&lmt=1678368683&rafmt=11&format=725x182&url=https%3A%2F%2Fimagensemoldes.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368682863&bpp=3&bdt=845&idt=366&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pnX9owugz2&p=https%3A//imagensemoldes.com.br&dtd=375
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 13:31:24 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/ 150 KB
51 KB 108ms
98ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/reactive_library_fy2021.js?bust=31072926

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b993fc180c7778070a1cbfeb62a40227e057c89db70874f920be4c5c63f7a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52392
x-xss-protection: 0
server: cafe
etag: 6444926927036484476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A55 0
20 B 78ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCiwIBCoobXlzaWRpYV9hbmFseXRpY3MsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNECshAAAAAAAAKkAwBAoNEAMhAACAZmbwkUAwBAoNEAohAAAAAAAAJ0AwBAoNEA0hAAAAAAAAAAAwBAoNEB4qBzcyNXgxODIwBAoNEBkqBzcyNXgxODIwBAoNEA4hAAAAAJiZ2T8wBAoNEAQhAACAZmYmkkAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAPEAwBAoNEAUhAACAzMwokkAwBBIaQ1AyVHZjbjZ6djBDRlFPNmR3b2RoNDhHX1EiHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
67ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1757&su=imagensemoldes.com.br&d=5000&pvc=1332967202970593&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 46F2 624 B
242 B 94ms
56ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjH8_zbATAB&v=APEucNW-2sjNILYFklL5MXqPI2aRVCIwl9hkNk25LPbqjZvgHJOWE2s_zieyRYRQDNxADcA7Ye0_5C0IyHcnC5a_KAZPJ-AdzOK-MweA354fXKFPvyRJMGTDjWyi_oRlvi39S5LlC1gSdiT956vxaZ9rxFkKVBt_oDq-wI5hK6CE_Wy_RBXcMQ0

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9129 78 KB
27 KB 126ms
95ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9129 42 B
63 B 90ms
59ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJYzvBKGnxj_SVYM7JnK7LhWoDCwkD-ZxBJz-T62zKYvp_W_w2gqwzAkLtkcbcOhLFsnCOB6jneMtl9Bc7WZ8LaQ28DdvKEsAMUhfOFYwBZpuCGZ8

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9129 0
20 B 90ms
52ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9769427823209844933&x=1&ct=76

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9129 3 KB
1 KB 62ms
21ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9129 20 KB
8 KB 58ms
18ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9129 158 KB
49 KB 154ms
114ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:24 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 23ms
22ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 02ecc07b4f6e2559be876db2075853bd78cca2f09223157b5f7b4c66f1a3473f

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6a662dfb925c7be48a41b1bf6eaa27cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 145ms
38ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://imagensemoldes.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://imagensemoldes.com.br
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 13:31:24 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 1e3f1e99b3e83a9e80273e117738f1aa

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
49ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
49ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imagensemoldes.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 060E 436 B
233 B 837ms
836ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536383250901359&output=html&h=240&adk=2434494938&adf=984588136&pi=t.aa~a.2718867513~rp.2&w=195&fwrn=4&fwrnh=100&lmt=1678368684&rafmt=1&to=qs&pwprc=6650700683&format=195x240&url=https%3A%2F%2Fimagensemoldes.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678368684592&bpp=3&bdt=2574&idt=3&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da6b5704a8f17085a-22a6cf054add00ae%3AT%3D1678368683%3AS%3DALNI_MYkahUdeVRZMLU2vwdtmKKV7ZliEA&gpic=UID%3D000009d69003cf9e%3AT%3D1678368683%3ART%3D1678368683%3AS%3DALNI_MacC4lknbcoBFeQ7HyWHRtzF8R_fw&prev_fmts=0x0%2C725x182&nras=2&correlator=4903258028065&frm=20&pv=1&ga_vid=870451030.1678368683&ga_sid=1678368683&ga_hid=786890414&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926&oid=2&pvsid=1332967202970593&tmod=312078576&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=DYVuR6DANp&p=https%3A//imagensemoldes.com.br&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76ab142d5f82ae772458681f87e8291fa1d6cd84faa40195313a2d49e24abbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5A55 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3889f04391f069d597482cdd313def75cddc61db05768b59afe1d1c71fe77433

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5A55 20 KB
21 KB 349ms
21ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:14:41 GMT
x-content-type-options: nosniff
age: 587804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 18:14:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 46F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjH8_zbATAB&v=APEucNW-2sjNILYFklL5MXqPI2aRVCIwl9hkNk25LPbqjZvgHJOWE2s_zieyRYRQDNxADcA7Ye0_5C0IyHcnC5a_KAZPJ-AdzOK-MweA354fXKFPvyRJMGTDjWyi_oRlvi39S5LlC1gSdiT956vxaZ9rxFkKVBt_oDq-wI5hK6CE_Wy_RBXcMQ0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 13:31:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 46F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAnfrQY4.xfyK8yCDZZMbgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1&google_hm=2

43 B
766 B

16ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjH8_zbATAB&v=APEucNW-2sjNILYFklL5MXqPI2aRVCIwl9hkNk25LPbqjZvgHJOWE2s_zieyRYRQDNxADcA7Ye0_5C0IyHcnC5a_KAZPJ-AdzOK-MweA354fXKFPvyRJMGTDjWyi_oRlvi39S5LlC1gSdiT956vxaZ9rxFkKVBt_oDq-wI5hK6CE_Wy_RBXcMQ0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 13:31:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfGTPt-lX4ZzwDMG37ZIow&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 46F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPvrmsi_Pr2EjIQykNmOLzk&google_cver=1

43 B
1 KB

16ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPvrmsi_Pr2EjIQykNmOLzk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjH8_zbATAB&v=APEucNW-2sjNILYFklL5MXqPI2aRVCIwl9hkNk25LPbqjZvgHJOWE2s_zieyRYRQDNxADcA7Ye0_5C0IyHcnC5a_KAZPJ-AdzOK-MweA354fXKFPvyRJMGTDjWyi_oRlvi39S5LlC1gSdiT956vxaZ9rxFkKVBt_oDq-wI5hK6CE_Wy_RBXcMQ0

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 13:31:25 GMT
AN-X-Request-Uuid: ab391058-b7a9-4870-a4d6-0403ff76b075
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPvrmsi_Pr2EjIQykNmOLzk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46F2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTQwOTE2NjY1NTM4MDU4OA%3D%3D

170 B
188 B

49ms
47ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTQwOTE2NjY1NTM4MDU4OA%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 13:31:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3bf3dce2-2ce8-4059-ba13-48f4e376e08e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTQwOTE2NjY1NTM4MDU4OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9129 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9966117040495&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9129 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9966117040495&version=m202301230201&ct=76&x=1&cor=9769427823209845000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9129 89 KB
36 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BntVjgXs5oPd21zXVO9qLQtrqpXHRwWZbmvjhEDoUDxBSEgY6h4dFBvghVo-FreI9mULOFarLp8AjLtv2BrrWN4Q9hj4LbwHmIVKstokKAyhFXTFg&cry=1&dbm_d=AKAmf-AgF-mPK-mA_N5wm6d134yBAFgyIlXKiJJ7ME2VT8QX5R5dtu1qYiRhZvQfXUjM3xlilrNkNEg8K5jfyqy2MLB8NtzkgSX8TRiibZiW-nIrCrn98DSoLZeoOH-bq93rCM01Lng2n38rbLGvTQwfsAxAjD0-r4PvgGaArvJMdjKAdqQX3Ldtjp-yK8uz4Xew6QzGAQ_brt9zzpwVHauSvetpebikVtvDY8rHXXCVuYGNrySPOWjkrMhkLsTT5XNOeMA9qgGXNhwSmPisKemMgTZdcnM2BzobhkEd8zvf5-89eDQMvwIZkZ4PZLT3APu-jNs5XMqVWukAU9EP3x7XbfT1Owh8mPSoAXNHZGDRFrjZou5NonnSf7M-u-jBJ_FX-Xtq4CNUVQMMk2op4PD6zuHW7g_AhH9zrcy-gyCEaq0e7j3-DdhBxsMIDAcmOHaLeo7ddG1syc0nwgf5pxDB-uddaahMNa1Y1q41ttpkuvmYSrP-1RA1yFFrNsUOHkrbQrq39sEo3eE-eGTN7XGw2A82n6vevh7L9Yfegr-SDWXyohiL877_aSdKyY2lLvsbYAEWHERAfOEBPbx1kYF-IicYtVw2IJSn_4S0dwHnNmEP1OP1qSSiSY4mkQp_6A3k4e2K-sW9qqSLDZCLeyV1pVCr9uIXbtJOGMNc7vaoE3eMmndXIH2mYY3NfyfW3TPPsl_0gOAvvMbzGNsg7ddTn7wsS93-glYcL80G9oTmn5TFLp22nCEn6PMlmWaHskNvIBmxNq5SOg4UHVdsZsV2YdNC-Qv6CQcMBdEmDz_mk3NHS75EHbvnLe4qMDzUmSwd8kswZ2qyvyn98z5SPYGVvYgJEwrgJ40pgetN9hIr92C-5y90pxmq1hAnjAy5wDoBLenRciY7L-ZRkZ-BMuvXvT3MqbFq3PGF8GEA2UVW3TXXwC_6u8ulfSRolbrda8sxV2lIu-FGCGIYKwwHfPk0L4H1JkD7VmTc0LKE8uaxoCAL8PCA8WUa1TQ1wkIzNBANOGmh_eKqsiqHQgEcIixoSyoCu9te5cR4waCaJS5qYhQjHqe5-IwfaoqV-wun-m4LJQWXy1wC5wySzMWHOxowlBeT_BLOJitg-0DHjy8weIngwRDb_2k3O_brci-Nbup0_la96cYeIB-9xgzKFgxChOAG1rZ0YMXwfL4axNW4bXOCJyX9vK45FvIUKGPqMj0xBxWRqXASHKPWmP3jEiIvAOgLkMpCx_uP1yHCc7hlmZiPPMwR7szHKRbaE5xeb7CBHDZf4mFRz34_wDfPE3DHou3u2PnUEKfQeS_-bfdr5SfxCXhuDHNCHzH9Rds_8m0mkl9B0w3kW4qyIcwCeln9xSUQskWB63kKvaX23c9J9tKZbMh3B3a7mm23Q4nIPvZRfAGUpbhXdOEp9ioDW1iTTePUx7e42D4-k4ZiuUr7M8S6vXaIUdkjy0VlkP4sKcQGKmCo_FKik4xl_m1nWHOmHtcnk30L7NdTRwiL1ICyVtvMQgytlUw-eA4aTW4ZZkqtNbPVG1JlIsrhekw8MfkVh7lkm19MBwry7sSDTDAFXYn7GqIJeZaXsqGmQF7te9qjQcPyUfernjItPY8whV5VaZuRSUPqEpGcP4BGgSzpkBFeqR6nYRjfVCaLXevVV6ewX-krmt5xa7habBswScTa-9tZ-5qgz6XpoIrWIgRwrCEOUhk5VBTDrGrmfbCXzt8PVc_20Gb71TQOBck5RgjHolFK9Dc8XuzVQC7jAOPETdLfm4u-ov5h_bxrai_dPUVZ41zxT3jwN_eVtOC7mZz3IVeAJheZnQQDx7Zlywnn3IW8gYO6NPDD5XRd0oJO1TbboZJBnkQsTVs5_q0EOoWW04K5wdlLE8NdEesBw7hLU7gTAQYt_ilgoJTHEpVQfYxI7LhjSEV4tlULO72oAPrNrXd0rId__kN4RK10mIrs5rmsPWdbo_Hf0KUXG2qL_8sINc8KLVoafX_2EooVYQZlpx3ILp1Vnl4-Z-f_ebGhkiiqFR7CDmercKFB98n9K6Q7gsPi2ra_VrZ69v0OQfRp9h9PrIWf3-D74Y42twGX9dHXSWlh8PiiD7FkBcBfMsYlLiZRKnOWFM7zUaYpCgLVime3aexsn_pXAp5_m6_NYfJjEjNNgNdiyyF_KqExTjnJjmpLqXt4CUdIKdZTk5osxXiRkSxA9luCf8sItSvtqpfITdP1moMhb9riyN8YPfFRrWhu2GR5Pq-_h478y5gEg-BfxLgtwv_WuJ9fOW0fkIU9187Hcf-e6ZeiKeu1NRaO3NAX57KoALL-lMaDgvm8-lngRAbG51veeJmYIv8Cewv_7MNt04HO-jgkjJLCvi8lHLoeCdcmtyISPA54_413e6YKbrGrgV54jHTe0LxqDM7kOQ-M32mscolPDJvpoEQYIo8FH6HY2uOqLaltTuc_1yyPLmxgWAoGEaS6vscBexq1ZnUde32rNUh27LoCH3ps7O3tHnvTWUdN-6xAiNd4iMjNWst2cOYPJI543Sd67RH1hjXJvM53IJmBkgbRo3WsYbVY5Joi45HRpJgyC_Vgcr1ZA6ve02VrCpL-DXkcRKAwocpDHxrJDKe6kes3nDkWK01zUI_Usd8hBWvWxwZCZKa6MO-l7vlMALlJGIEmDGa5pMLl0JCZzKIkoSCDzpvD-a4bPb0yJMyYUuVztY2QOPhjz5nsqPsTmwk-GVhOVXv4fkvCObixigKiIozVAv8l5TmF7ynLaIi8tboD4BsQGDUvC_AYtDtvtgLIqDr-k21MT9_aqv4bSlmKsFPPG8hFvecMj9I0WsVh81hIVwEQEHQUcjXINgxupli2Bi7ANBAMekrgUs-qOXO4bak1D4GlPaKlPRZKSH9QmENoyys8YOIkr23g9VZWq-v-mXekFlWOeu9J0-Ub0o2MklFWclihkmHb1N86To1-8rFACmPlBCoav5FyPxEtuLlU5FocdgGdv2bdrzMmB0KetPfAdg5D7Ir4WdpgGIv-KFkYyofY0LqYD1-tYtspIUnZi3723X35YpQskqlMKimYIW7CP6yC2QKf1t4PjHhpwCgRqOBnPTxkGgq0NtKUOi3pzMWX5v9tn7T4V7OzpgTw93WZyfnLna6TZ5dVXX4tYSkhuEkUQd8O_gBaB8QZC3Z4t-2_lrftIXaRvk-RHcv0Kj_xaWrWDiE9pSE7dbKrSg5QlGtd8kmxzyEJzqRfrH1f9jWNOx4l0Wz7QpHAUl1k9G92C28OdB5rII2hundEB0D9bCk6tMuiFzMXffZ9aiubB6vtGMlYxhAGiSko9qtIWbwyF21Evxl0enzPDE7eoHl0kpDWZo1oERIP2n-KnVDo2_xE8m-3wwaqcXjf_dvPVnFaHKtuD-4hxPxZm7uDCJXG7orxjU-D-EC1OzOWbG1_tZ_aG40ZUPhPpuUgzNuZHV9Kqg36Aye4l0GPYm1heBnnTQ01HsSDSFawn3HB0oExfx-Y4KfOzR1rmZorrjycfZFrcRhvwRyFKgqSyXEDY5EqyePte7-I88wE7W8TMLgdZXtbDd2pglTz2ZM&cid=CAQSTADUE5ymSYbS0PecIo11kzkPgC3SSart_W1K80cPnKxpjwHUBHclbK9oGhbDEpJRre-_xPL4oOvcQV_ZtjLFSOww48TFS1YG0xwD0s8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fimagensemoldes.com.br%2F&ds=l&xdt=1&iif=1&cor=9769427823209845000&adk=3047537735&idt=136&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd04516e29263e4961c2fffaa91ca6bedf925662a7206505461ab112a6767fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame AE3B 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 5CC7 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame EFB5 10 KB
4 KB 27ms
25ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A55 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9129 170 KB
59 KB 137ms
21ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
Origin: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 18:18:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 9129 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BntVjgXs5oPd21zXVO9qLQtrqpXHRwWZbmvjhEDoUDxBSEgY6h4dFBvghVo-FreI9mULOFarLp8AjLtv2BrrWN4Q9hj4LbwHmIVKstokKAyhFXTFg&cry=1&dbm_d=AKAmf-AgF-mPK-mA_N5wm6d134yBAFgyIlXKiJJ7ME2VT8QX5R5dtu1qYiRhZvQfXUjM3xlilrNkNEg8K5jfyqy2MLB8NtzkgSX8TRiibZiW-nIrCrn98DSoLZeoOH-bq93rCM01Lng2n38rbLGvTQwfsAxAjD0-r4PvgGaArvJMdjKAdqQX3Ldtjp-yK8uz4Xew6QzGAQ_brt9zzpwVHauSvetpebikVtvDY8rHXXCVuYGNrySPOWjkrMhkLsTT5XNOeMA9qgGXNhwSmPisKemMgTZdcnM2BzobhkEd8zvf5-89eDQMvwIZkZ4PZLT3APu-jNs5XMqVWukAU9EP3x7XbfT1Owh8mPSoAXNHZGDRFrjZou5NonnSf7M-u-jBJ_FX-Xtq4CNUVQMMk2op4PD6zuHW7g_AhH9zrcy-gyCEaq0e7j3-DdhBxsMIDAcmOHaLeo7ddG1syc0nwgf5pxDB-uddaahMNa1Y1q41ttpkuvmYSrP-1RA1yFFrNsUOHkrbQrq39sEo3eE-eGTN7XGw2A82n6vevh7L9Yfegr-SDWXyohiL877_aSdKyY2lLvsbYAEWHERAfOEBPbx1kYF-IicYtVw2IJSn_4S0dwHnNmEP1OP1qSSiSY4mkQp_6A3k4e2K-sW9qqSLDZCLeyV1pVCr9uIXbtJOGMNc7vaoE3eMmndXIH2mYY3NfyfW3TPPsl_0gOAvvMbzGNsg7ddTn7wsS93-glYcL80G9oTmn5TFLp22nCEn6PMlmWaHskNvIBmxNq5SOg4UHVdsZsV2YdNC-Qv6CQcMBdEmDz_mk3NHS75EHbvnLe4qMDzUmSwd8kswZ2qyvyn98z5SPYGVvYgJEwrgJ40pgetN9hIr92C-5y90pxmq1hAnjAy5wDoBLenRciY7L-ZRkZ-BMuvXvT3MqbFq3PGF8GEA2UVW3TXXwC_6u8ulfSRolbrda8sxV2lIu-FGCGIYKwwHfPk0L4H1JkD7VmTc0LKE8uaxoCAL8PCA8WUa1TQ1wkIzNBANOGmh_eKqsiqHQgEcIixoSyoCu9te5cR4waCaJS5qYhQjHqe5-IwfaoqV-wun-m4LJQWXy1wC5wySzMWHOxowlBeT_BLOJitg-0DHjy8weIngwRDb_2k3O_brci-Nbup0_la96cYeIB-9xgzKFgxChOAG1rZ0YMXwfL4axNW4bXOCJyX9vK45FvIUKGPqMj0xBxWRqXASHKPWmP3jEiIvAOgLkMpCx_uP1yHCc7hlmZiPPMwR7szHKRbaE5xeb7CBHDZf4mFRz34_wDfPE3DHou3u2PnUEKfQeS_-bfdr5SfxCXhuDHNCHzH9Rds_8m0mkl9B0w3kW4qyIcwCeln9xSUQskWB63kKvaX23c9J9tKZbMh3B3a7mm23Q4nIPvZRfAGUpbhXdOEp9ioDW1iTTePUx7e42D4-k4ZiuUr7M8S6vXaIUdkjy0VlkP4sKcQGKmCo_FKik4xl_m1nWHOmHtcnk30L7NdTRwiL1ICyVtvMQgytlUw-eA4aTW4ZZkqtNbPVG1JlIsrhekw8MfkVh7lkm19MBwry7sSDTDAFXYn7GqIJeZaXsqGmQF7te9qjQcPyUfernjItPY8whV5VaZuRSUPqEpGcP4BGgSzpkBFeqR6nYRjfVCaLXevVV6ewX-krmt5xa7habBswScTa-9tZ-5qgz6XpoIrWIgRwrCEOUhk5VBTDrGrmfbCXzt8PVc_20Gb71TQOBck5RgjHolFK9Dc8XuzVQC7jAOPETdLfm4u-ov5h_bxrai_dPUVZ41zxT3jwN_eVtOC7mZz3IVeAJheZnQQDx7Zlywnn3IW8gYO6NPDD5XRd0oJO1TbboZJBnkQsTVs5_q0EOoWW04K5wdlLE8NdEesBw7hLU7gTAQYt_ilgoJTHEpVQfYxI7LhjSEV4tlULO72oAPrNrXd0rId__kN4RK10mIrs5rmsPWdbo_Hf0KUXG2qL_8sINc8KLVoafX_2EooVYQZlpx3ILp1Vnl4-Z-f_ebGhkiiqFR7CDmercKFB98n9K6Q7gsPi2ra_VrZ69v0OQfRp9h9PrIWf3-D74Y42twGX9dHXSWlh8PiiD7FkBcBfMsYlLiZRKnOWFM7zUaYpCgLVime3aexsn_pXAp5_m6_NYfJjEjNNgNdiyyF_KqExTjnJjmpLqXt4CUdIKdZTk5osxXiRkSxA9luCf8sItSvtqpfITdP1moMhb9riyN8YPfFRrWhu2GR5Pq-_h478y5gEg-BfxLgtwv_WuJ9fOW0fkIU9187Hcf-e6ZeiKeu1NRaO3NAX57KoALL-lMaDgvm8-lngRAbG51veeJmYIv8Cewv_7MNt04HO-jgkjJLCvi8lHLoeCdcmtyISPA54_413e6YKbrGrgV54jHTe0LxqDM7kOQ-M32mscolPDJvpoEQYIo8FH6HY2uOqLaltTuc_1yyPLmxgWAoGEaS6vscBexq1ZnUde32rNUh27LoCH3ps7O3tHnvTWUdN-6xAiNd4iMjNWst2cOYPJI543Sd67RH1hjXJvM53IJmBkgbRo3WsYbVY5Joi45HRpJgyC_Vgcr1ZA6ve02VrCpL-DXkcRKAwocpDHxrJDKe6kes3nDkWK01zUI_Usd8hBWvWxwZCZKa6MO-l7vlMALlJGIEmDGa5pMLl0JCZzKIkoSCDzpvD-a4bPb0yJMyYUuVztY2QOPhjz5nsqPsTmwk-GVhOVXv4fkvCObixigKiIozVAv8l5TmF7ynLaIi8tboD4BsQGDUvC_AYtDtvtgLIqDr-k21MT9_aqv4bSlmKsFPPG8hFvecMj9I0WsVh81hIVwEQEHQUcjXINgxupli2Bi7ANBAMekrgUs-qOXO4bak1D4GlPaKlPRZKSH9QmENoyys8YOIkr23g9VZWq-v-mXekFlWOeu9J0-Ub0o2MklFWclihkmHb1N86To1-8rFACmPlBCoav5FyPxEtuLlU5FocdgGdv2bdrzMmB0KetPfAdg5D7Ir4WdpgGIv-KFkYyofY0LqYD1-tYtspIUnZi3723X35YpQskqlMKimYIW7CP6yC2QKf1t4PjHhpwCgRqOBnPTxkGgq0NtKUOi3pzMWX5v9tn7T4V7OzpgTw93WZyfnLna6TZ5dVXX4tYSkhuEkUQd8O_gBaB8QZC3Z4t-2_lrftIXaRvk-RHcv0Kj_xaWrWDiE9pSE7dbKrSg5QlGtd8kmxzyEJzqRfrH1f9jWNOx4l0Wz7QpHAUl1k9G92C28OdB5rII2hundEB0D9bCk6tMuiFzMXffZ9aiubB6vtGMlYxhAGiSko9qtIWbwyF21Evxl0enzPDE7eoHl0kpDWZo1oERIP2n-KnVDo2_xE8m-3wwaqcXjf_dvPVnFaHKtuD-4hxPxZm7uDCJXG7orxjU-D-EC1OzOWbG1_tZ_aG40ZUPhPpuUgzNuZHV9Kqg36Aye4l0GPYm1heBnnTQ01HsSDSFawn3HB0oExfx-Y4KfOzR1rmZorrjycfZFrcRhvwRyFKgqSyXEDY5EqyePte7-I88wE7W8TMLgdZXtbDd2pglTz2ZM&cid=CAQSTADUE5ymSYbS0PecIo11kzkPgC3SSart_W1K80cPnKxpjwHUBHclbK9oGhbDEpJRre-_xPL4oOvcQV_ZtjLFSOww48TFS1YG0xwD0s8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fimagensemoldes.com.br%2F&ds=l&xdt=1&iif=1&cor=9769427823209845000&adk=3047537735&idt=136&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:17:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 9129 28 KB
11 KB 27ms
20ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:46:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame AE3B 4 KB
732 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 13:11:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE3B 205 B
229 B 20ms
20ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:33:58 GMT
x-content-type-options: nosniff
age: 14247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 09:33:58 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE3B 604 B
628 B 22ms
22ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:16:07 GMT
x-content-type-options: nosniff
age: 918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 13:16:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame AE3B 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 05:10:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5CC7 8 KB
967 B 46ms
45ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 13:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5CC7 2 KB
765 B 24ms
24ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:00:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 5CC7 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5CC7 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 5CC7 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CC7 158 KB
49 KB 87ms
84ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 5CC7 34 KB
14 KB 33ms
30ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFB5 8 KB
894 B 47ms
46ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 13:19:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFB5 2 KB
765 B 26ms
24ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:00:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame EFB5 22 KB
9 KB 38ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFB5 3 KB
1 KB 37ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFB5 20 KB
8 KB 38ms
21ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFB5 158 KB
49 KB 99ms
82ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame EFB5 34 KB
14 KB 38ms
21ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5164 36 KB
14 KB 38ms
22ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 76ms
65ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e27f893b0d37f44d21def1e42a48d5877144499b35e32d323895e427cc2420b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27448
x-xss-protection: 0
server: sffe
etag: "1505 / 943 of 1000 / last-modified: 1678363713"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9129 41 KB
15 KB 24ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
URL: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:28:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A55 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCiwIBCoobXlzaWRpYV9hbmFseXRpY3MsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBQhAAAAALCN8UAwBAoNEBUhAAAAAAAAMUAwBAoNEBYhAAAAAAAAJEAwBAoNEBghAAAAMzMJnkAwBAoNEDIhAAAAZmYecUAwBAoNEDMhAAAAZmYecUAwBAoNEDQhAAAAZmYecUAwBAoNEDUhAAAAZmYecUAwBAoNEDYhAAAAZmYecUAwBAoNEDchAAAAZmYecUAwBAoNEDghAAAAZmZGcUAwBAoNEDkhAAAAzcycjUAwBAoNEDohAAAAZmYijkAwBAoNEDshAAAAMzNll0AwBAoNEDwhAAAAMzNll0AwBAoNED0hAACAZmZ6l0AwBAoNED4hAAAAMzPLnUAwBAoNED8hAAAAMzPLnUAwBAoNEEAhAACAzMwsnkAwBBIaQ1AyVHZjbjZ6djBDRlFPNmR3b2RoNDhHX1EiHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFC9 8 KB
895 B 43ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 13:24:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFC9 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:00:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame EFC9 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFC9 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EFC9 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFC9 158 KB
49 KB 64ms
63ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame EFC9 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/10596822557170597888/ Frame 8E92 47 KB
12 KB 101ms
55ms Document
text/html 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
expires: Fri, 08 Mar 2024 13:31:25 GMT
last-modified: Wed, 15 Feb 2023 15:46:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9129 0
0 182ms
64ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug2va9EqYDLkv7oZLYrKBILRToy11eMAX9cxsc7Xelqr6vRcTgt0I4-3_QiFnxoJ_-JeaHwy3KSkfCmVAKLH-s9v8gGfPQ6IJW3IhEQudT1WiP-fDSPOiFZhdVksfIq0vkyWOwhgv-FskQNrL9Fq0pvismM_ukuqX6QW64xNQPuj4qaDauUeVaOKtV2iqnnYGc043KIRHEqmFgUTmEpfL8xyLVv7dGOAc4yok1pX4NfiWXLcQzx-ceyDgATEL6IMmg0wCvdGybWjtwZ1PU2VavDihtxOl0N4s-vjLZvRHtyGzdiM5jVuy-DMxYOxBLmk4QEEISXNt-geGa8ZVCXZzPYUF45u2mZsFrCxOQ7OKQhVloY1EEMS8uWIXH0vT6VXh8jyFbQqaZXass24VpWSf-otVbxXiXHRIvKcMdiiOfld7hPNsCrzcaMbTn5QiE79cFtTXSYtDnvTjq74Y6eeiwoIv_-SzWYwnaY9EhB-8DC1gfacNEpu1WigSDQJ2pd6uVuVhS7L36wAK7hd6eVRCgjrtLBQXxETWEPdqGVXu5JOXsCiOPWUe6Cgjph8iaM9CuPnkJPEF8gd8H1YSb2HM_JcpAiPjWn1yl73nZqOAShBziL9j_otbLt_Vrvd4UQ9bm4OOlDc7nyuiqiC7UIBXnSW-EFjIePXeCNCn9Fu7cJwwKuvwtCmPLRnBW_PnlqObctJTGLcdW9hz1pLhYAsZoBR3e_NEeorXhPMXHiD-GVphgCg42L12jYdQ6tCmAW6iE62afKQcKTyi2byH2bDlfltA7Ca3JHDvdn1K4UHbSb0X-4A-P6S-HvyJzssityko7TsvrPlNOQ2K3OqkfPxK67o3gcH5-gcE0dfSmu74l_SjtFhULBMLDHCDfNEaKNonNDlFu1YZ5eigM4kl4IPO7bnIMhbH4suuCM7zG29rgjvNyQAUjOtjUX54CndhExgnLxy3w3xMGgu4sed_6z6Z921b7ecFsNtrs-V9IyJ3s58mYNPaSDWgxL2RiSXLj70GdbbEooCoklsLlqRSsMSGMvNuRmSGVSBqBkVrK-9xZe9GXrau1Kw7l-Lp5xGhSkpr1hsIUlbusA2HXfn9GsFPplC33ad4vanpDbDO0Q07NKXZ_TxZHLq5EQOa-RctAm3f10EUD79g_6yk2LIZWlIyKYKeg8O1iF36v9WEhSG8gp4EAX2O6wPCTUTjahqq93Tr98sgIdr_uLdpkwnftJduHesp-StLAiRCOOnKmhC79O7g1cN9Lbg4AyX3m5ZbmxZlJuAuz0G8y3dLizHRtXi7hPfFjxv4Um9UQ3UzWlyOGAQmTLcsSNavz9ctKsNfOgT5QQQf3SdTk72m4QLlShznyOh4hwqWtGsnUBALlAZXgHbJO7lT_VmTomSEAkUskRYIhVIftWTv2_aVt&sai=AMfl-YS76nscfJCPqE4twwzrJz2Mp8hhKgHvZ3npSJNclQFif-hvjZDLzg3CAwsdK0zndgsjeidx1DMIGlmI-lY_vsRgaar4TIGEnTsoFDx9pS115FPy790JNNYxQstaYzyoTB1QFda-iaX3cXjyBBHykJJ0rAXd_en1RcciKVir6hfP28uYFoJKVqAYGsI2grfYQLt-T71DybWPUYH4GaIi-SB_7d6KuFaVbBvILu2t_Y2hKB1oJ2RKQ6SotLkrriypbL4r1WxXFBlClSjXnS026VdTCP5mNTlJwQUV&sig=Cg0ArKJSzJWNKKEE9z2rEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=258&cbvp=1&cstd=248&cisv=r20230306.74872&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B06 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3CD 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 41D8 22 KB
8 KB 22ms
20ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 09:28:07 GMT
expires: Fri, 08 Mar 2024 09:28:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8E92 118 KB
40 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 18:18:30 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E92 63 KB
25 KB 65ms
64ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E2E 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5CC7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5CC7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a1bd8c1f9e549ee262dc51af2b57af48daff702e18c24d3f5cb760d645e56a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EFB5 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFB5 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06f9dd021a296550cfd9d80683bd58233da9dae35dcca9dec047e91fefdfb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0B06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
41ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
expires: Thu, 09 Mar 2023 13:31:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
48ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
expires: Thu, 09 Mar 2023 13:31:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CC7 0
18 B 73ms
73ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEPx7q98JZI-_KbuvvcAP3tSdmAqS6tCTb564gdH9EMmYn-ucDhABIP_W7mNgleKQgqAHoAG7wK-CA8gBAakC18xznEbcsT6oAwGqBIgCT9DFXx1jSZrWxSdGeVfKsuUodCJArxcla6uGFLPuE3yMMFH17K4hnOPJkcCvkfNYeFuInwn7KvFEynKrQmqpYeKH5qqiS67R0maMgHRg45dAzNJW5j1H-GoEACRmB4MB9Zb00Sr9U-qtx7LCV2PGbPfUJBjF_Up4vcvFv0NhV5wNLLY_G2_QMo2_sba6dyjHQ09Pmlgv-aG8DMvSGHbrZWKpxPBC8qjGjQhQ08QJ61Uk1UwtZXs9MCtERnr-FDYK9WipPEGwlD4e9tjKrTfROSLxxnO_FsYV56RFJliTQwanbRK6Ye6sAqOW0JNHBrmcxopHga4PJtqmOEKSQSOif3GvWDGa0TvSwASXjLT0mwSSBQQIBBgBkgUECAUYBIAHrb_QfagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJSFAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTc1MzYzODMyNTA5MDEzNTkYAA&sigh=qWlHNVgewLM&uach_m=[UACH]&cid=CAQSGwDUE5ymuNQUDPnhhaxVA4XhOo9jCZbLQwFntRgB&template_id=5020&vis=1

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFB5 0
18 B 72ms
72ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnKgnq98JZJC_KbuvvcAP3tSdmAqS6tCTb662gdH9EMmYn-ucDhABIP_W7mNgleKQgqAHoAG7wK-CA8gBAakC18xznEbcsT6oAwGqBIgCT9AtqNbvddUg3uKZbbArU3FYjElz9rmSKVhl4psKXMkcSufsX16OHLT_nmLASzu65nABk7qHxanaS_zuYTKSWlbf4armkLV69xd10H1QTy5PQfeoidZOibJ4Wb-XK3bc2hcqb3IX4mIZMexc5sm27NAC2nhSQaVdtc68_wxhgBy02X9eU65ZtmAPQCPL9F-YUkooBe5fatTsmXwXr1K9qh4qaiB9QWz-vit9qLhMsUcHe4qtyRVMDWYL8iGRHyAThiey58vsRnvTyV8NQikZoiD_nrrqoXr48W5_bWj5vMzi70qmMCUIxRfUYN29n-05oT3NiOR9vVk1PTKbRTUnNmJ9e6VwfTf3wASXjLT0mwSSBQQIBBgBkgUECAUYBIAHrb_QfagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEM1u0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzUzNjM4MzI1MDkwMTM1ORgA&sigh=X8Opno3738k&uach_m=[UACH]&cid=CAQSGwDUE5ymuNQUDPnhhaxVA4XhOo9jCZbLQwFntRgB&template_id=5020&vis=1

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFB5 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20230306&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 41D8 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9129 0
0 76ms
61ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug2va9EqYDLkv7oZLYrKBILRToy11eMAX9cxsc7Xelqr6vRcTgt0I4-3_QiFnxoJ_-JeaHwy3KSkfCmVAKLH-s9v8gGfPQ6IJW3IhEQudT1WiP-fDSPOiFZhdVksfIq0vkyWOwhgv-FskQNrL9Fq0pvismM_ukuqX6QW64xNQPuj4qaDauUeVaOKtV2iqnnYGc043KIRHEqmFgUTmEpfL8xyLVv7dGOAc4yok1pX4NfiWXLcQzx-ceyDgATEL6IMmg0wCvdGybWjtwZ1PU2VavDihtxOl0N4s-vjLZvRHtyGzdiM5jVuy-DMxYOxBLmk4QEEISXNt-geGa8ZVCXZzPYUF45u2mZsFrCxOQ7OKQhVloY1EEMS8uWIXH0vT6VXh8jyFbQqaZXass24VpWSf-otVbxXiXHRIvKcMdiiOfld7hPNsCrzcaMbTn5QiE79cFtTXSYtDnvTjq74Y6eeiwoIv_-SzWYwnaY9EhB-8DC1gfacNEpu1WigSDQJ2pd6uVuVhS7L36wAK7hd6eVRCgjrtLBQXxETWEPdqGVXu5JOXsCiOPWUe6Cgjph8iaM9CuPnkJPEF8gd8H1YSb2HM_JcpAiPjWn1yl73nZqOAShBziL9j_otbLt_Vrvd4UQ9bm4OOlDc7nyuiqiC7UIBXnSW-EFjIePXeCNCn9Fu7cJwwKuvwtCmPLRnBW_PnlqObctJTGLcdW9hz1pLhYAsZoBR3e_NEeorXhPMXHiD-GVphgCg42L12jYdQ6tCmAW6iE62afKQcKTyi2byH2bDlfltA7Ca3JHDvdn1K4UHbSb0X-4A-P6S-HvyJzssityko7TsvrPlNOQ2K3OqkfPxK67o3gcH5-gcE0dfSmu74l_SjtFhULBMLDHCDfNEaKNonNDlFu1YZ5eigM4kl4IPO7bnIMhbH4suuCM7zG29rgjvNyQAUjOtjUX54CndhExgnLxy3w3xMGgu4sed_6z6Z921b7ecFsNtrs-V9IyJ3s58mYNPaSDWgxL2RiSXLj70GdbbEooCoklsLlqRSsMSGMvNuRmSGVSBqBkVrK-9xZe9GXrau1Kw7l-Lp5xGhSkpr1hsIUlbusA2HXfn9GsFPplC33ad4vanpDbDO0Q07NKXZ_TxZHLq5EQOa-RctAm3f10EUD79g_6yk2LIZWlIyKYKeg8O1iF36v9WEhSG8gp4EAX2O6wPCTUTjahqq93Tr98sgIdr_uLdpkwnftJduHesp-StLAiRCOOnKmhC79O7g1cN9Lbg4AyX3m5ZbmxZlJuAuz0G8y3dLizHRtXi7hPfFjxv4Um9UQ3UzWlyOGAQmTLcsSNavz9ctKsNfOgT5QQQf3SdTk72m4QLlShznyOh4hwqWtGsnUBALlAZXgHbJO7lT_VmTomSEAkUskRYIhVIftWTv2_aVt&sai=AMfl-YS76nscfJCPqE4twwzrJz2Mp8hhKgHvZ3npSJNclQFif-hvjZDLzg3CAwsdK0zndgsjeidx1DMIGlmI-lY_vsRgaar4TIGEnTsoFDx9pS115FPy790JNNYxQstaYzyoTB1QFda-iaX3cXjyBBHykJJ0rAXd_en1RcciKVir6hfP28uYFoJKVqAYGsI2grfYQLt-T71DybWPUYH4GaIi-SB_7d6KuFaVbBvILu2t_Y2hKB1oJ2RKQ6SotLkrriypbL4r1WxXFBlClSjXnS026VdTCP5mNTlJwQUV&sig=Cg0ArKJSzJWNKKEE9z2rEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=740&vt=11&dtpt=482&dett=3&cstd=248&cisv=r20230306.74872&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 13:31:25 GMT

GET
DATA 200
OK truncated
/ Frame 9129 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d08d3d271203d3acfbc8b2a73f9dc5d522cb38ba0432d859337036fc275f9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

74ms
68ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
expires: Thu, 09 Mar 2023 13:31:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame BF3F 36 KB
14 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8E92 47 KB
47 KB 28ms
27ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:21:38 GMT
x-content-type-options: nosniff
age: 587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 13:36:38 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8E92 46 KB
46 KB 40ms
39ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:17:01 GMT
x-content-type-options: nosniff
age: 864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 13:32:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8E92 7 KB
6 KB 69ms
64ms XHR
application/json 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6d6e96a679284a0a81ccfef42ce8f1c2ddb99c9a3e8bdf6c1bb3a047c18edf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5681
x-xss-protection: 0

GET
H3 200 60005582_20221027010405607_SAM_Galaxy-S21-FE_Tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8E92 70 KB
70 KB 41ms
39ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221027010405607_SAM_Galaxy-S21-FE_Tab.png

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

135ca543fd0e32ae8c856655a61ba4f461a096e1cbc107b8f85021440970a0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:16:23 GMT
x-content-type-options: nosniff
age: 902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72014
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:04:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 13:16:23 GMT

GET
H3 200 60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8E92 30 KB
30 KB 54ms
52ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:00:20 GMT
x-content-type-options: nosniff
age: 34265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30980
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 04:00:20 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 8E92 43 B
607 B 127ms
20ms Image
image/gif 141.101.90.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354470172_170181287_PO0203A20230118&ref=29072291_4307561_354470172_170181287_PO0203A20230118
Requested by: Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 13:31:26 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 839163
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 72761312
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7a53ad9f7f469118-FRA
Expires: Fri, 08 Mar 2024 13:31:26 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 8E92 26 KB
26 KB 50ms
48ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: imagensemoldes.com.br
URL: https://imagensemoldes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=yP9foNkcqc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:18:57 GMT
x-content-type-options: nosniff
age: 748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 13:33:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E92 17 KB
6 KB 72ms
71ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 13:31:26 GMT

GET
H3 200 zxcvbn.min.js Show response
imagensemoldes.com.br/wp-includes/js/ 803 KB
387 KB 80ms
79ms Script
application/javascript 2606:4700:3032::ac43:9f91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imagensemoldes.com.br/wp-includes/js/zxcvbn.min.js
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/6.1.1/wp-includes/js/zxcvbn-async.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 12 Apr 2020 11:25:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e92fa94-c8bdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiWK6TeHEXQf7ZdgmLWTja2yrCNkbLHKs3%2F1og9G1njTcWJnRbo495wpXOE7uD8I5R4DP180fUUvaJjxrFQaluSYGbpwPnAwBmjyQdlgbcUUbOyz44kQlwsc%2FpdXVBfb1zgNznb9NEObDMkVDm7ZudK2qrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7a53ada06eea908e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 67ms
66ms XHR
application/json 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dcd5408480db2ca000f8956c6ada981cb44e096c2f62a4dd0ade757f97a26e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11244
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FAE 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A55 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssHSOoTQhA_SFpYH1HrAZmvfm_O5CjzKBUEvbcWOXXGNIJRazVV_5mnlbXYFlnSn0pyHd0mHasq33SumiI8rz0L_ANERBliiQ2q1Q-7kB-MB7wADMAXz6n6giHwZZ4ziNprNgtpQ&sai=AMfl-YQTRpO5YGJoFxGOHntInX3kGq1LORv8b32qeaHQU9TiuMJhJOggHhV67JXsujaO1NJdWaxfEIQPilyu&sig=Cg0ArKJSzHPJLZW0h5RBEAE&cid=CAQSGwDUE5ymX2qUShChWskRK6aeucY7ts1YOLtnzBgB&id=lidar2&mcvt=1017&p=0,0,182,725&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2825986415&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678368683240&rpt=1923&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 13:31:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EA4 13 KB
5 KB 25ms
20ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 09:28:07 GMT
expires: Fri, 08 Mar 2024 09:28:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0254 783 B
968 B 53ms
48ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8c592984fe58453c410a590ac2e9e1bbf0b9887d5ff5c60c106959c94db4608

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-un-F7MAcyoMU-HobvQ5ELA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-un-F7MAcyoMU-HobvQ5ELA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 13:31:26 GMT
expires: Thu, 09 Mar 2023 13:31:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41D8 0
20 B 64ms
63ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw97jrN8JZJqYM87W7_UP8baX-AsAAAAAOAHgBAI&bg=!-fql-q7NAAbv3-2Ez987ADkAdvg8WneWV4VXx3kkz3GE_gMqBKEQJxV5lkrPeeK4GjgBa6tg5uJwrHqDrXU5ggA-b8hYiF01MV4CAAAB8FIAAAAEaAEHCgCdbWs72hj8scXi8MwRz98GaoChgsVlnnEjit4upwgJCA5DjBnueXBlKAhjhzBc4jAEdDTiSl_ZtL30b733ml0-L_B2JsgCJ5OxbnRtG7hNU8CGoTtgzroVyUyrHiwce9Zs-YCODqjRCMAPBwkfYQri7S6USK-hbdR2yHcqiX7eH5Z0Lc-QsY5XXnjhGpv7z3CELJPtnmdaFTaOWtF_fJkC6B2uiA5H1iNeXzvE9QD7F0nEEE2EZj7jOH9ma48t12B60Xico1TyayPK20brn5io6p-L3zo8SKh5xXZVmKjUI8DFyVS_FNU12s0g18sxO11R0qqJKXQXi4jkWSQMJ4WBuou5fun1_aNKeiwH4XrS_xh_tNOjW7r5OzNq00ceQR3X86FpGiSz-aGJuToXcZQPBX9V1yYnYu435Gom5cAbyOCuqBRbOG2Gyd46NkgQVPIKsfLfTNoYjnmPShCD4MFXIJsu57uFXNNsOdVgF5OeGcSBRuAAisrxNKhyDrpH271zBBrDdqFpPqzCjjQnHzp1QxAtrQog1rTJHfs35uxSsNvVv2QiCTOqHF2R91kmSAAp6TQ9QOxkYxYksxpIoie9W_pbScDzAdEpCgS7Tsl4U-8fA1nFek_TTrUB0ZG0dTsbF56VbJnLVJXIgyFL1_a1U56s0y9cCr4Z5sWGHqR6sJikXsJJoMiX2fnOQvlJ__ZA7BnLWnrWvjTV9_hppKiAhY00ChTtfglrxMymrzZhY0AUWAh5ToRayBkiaSTc_IufnjK8bKdOreaDopRajhmefgJHNVtTxObZ5EzA46W2Pm2joCXHOQokHcpxVGXJZaG0xZDKStBSY3hLw2DExBsLuDLhPVmRhHYZxNKgFJo7X71fUFwl5IIEvSaqiGLcQ6F7MxQzqrjNT-S26JhCh2GLOlnjlVdMmi46056jpjtCps7CGU4gz5tdvq04aoiDGN21xR3VEWQIEmw-CFle_Y-c_uv_RwP5rlVKG-yaCjIqE4-Gvi-WiVbsXYOtrVWlPJ3RMpk8qrH8wYBU0FKZRk6wfAHT-VyOtge3LQaBkxRrC6dHNjNAooVjF3kLxxDQAjlOsj1-QoksvV4IprN9V61biTxGvT1a3Yl3DCAV5UyFeut3ROYRBagwT3pu5NrPttUzphs2As53rIHijLXWO4GN5XiofGGcY0sCaqbzzIa_A9hINziqpFzMeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0254 0
0 53ms
52ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=1332967202970593&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EA4 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4EA4 0
10 B 21ms
20ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ALGX6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=IwLMGXxUQ0tNMHNUWWd0Nm1SNExEN09vaWNKSFdRVnQ4RkdxSm5qUHZzdHNmUkI2VndvcVRlMmMxd0o0ZXh2VHZyOEFGVW1hcGpSTWlCWFFrVnFXNzNST2JKRzgzM2pHTE1GRC9VcjYyWVF0TUR6R0ozTG5pRDNXRzJ4Qn...

372 B
657 B

21ms
20ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IwLMGXxUQ0tNMHNUWWd0Nm1SNExEN09vaWNKSFdRVnQ4RkdxSm5qUHZzdHNmUkI2VndvcVRlMmMxd0o0ZXh2VHZyOEFGVW1hcGpSTWlCWFFrVnFXNzNST2JKRzgzM2pHTE1GRC9VcjYyWVF0TUR6R0ozTG5pRDNXRzJ4QnFCZEZXNmxHRHQvc1BvckhtM3RkZHNtYmoxa3prR1hDcTRtWmlzSzEyS2FmcUNBTlA3UU9PSzNFZHZNeEcvQzZhdDV1ZnNZdXdqVHE2d2RsQVdQMXAxRFk3bFRVOXBSbkJnR0VVZk1HVDdrV21jbGpBelR1YzgzOWVTUXVqR1lqM0Q1bnptVHlYfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

77d7ec0e28de0674919bc6e2abc980c47b3ac580ce0950562ef29ec737571fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1499550
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=IwLMGXxUQ0tNMHNUWWd0Nm1SNExEN09vaWNKSFdRVnQ4RkdxSm5qUHZzdHNmUkI2VndvcVRlMmMxd0o0ZXh2VHZyOEFGVW1hcGpSTWlCWFFrVnFXNzNST2JKRzgzM2pHTE1GRC9VcjYyWVF0TUR6R0ozTG5pRDNXRzJ4QnFCZEZXNmxHRHQvc1BvckhtM3RkZHNtYmoxa3prR1hDcTRtWmlzSzEyS2FmcUNBTlA3UU9PSzNFZHZNeEcvQzZhdDV1ZnNZdXdqVHE2d2RsQVdQMXAxRFk3bFRVOXBSbkJnR0VVZk1HVDdrV21jbGpBelR1YzgzOWVTUXVqR1lqM0Q1bnptVHlYfA&cppv=2
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 578338
content-length: 0
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E0D8 281 B
554 B 119ms
18ms Document
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 13:31:27 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C078 23 KB
8 KB 221ms
86ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8Y84F0&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C459%2C77%2C38%2C2022%2C182%2C2064%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=MANAGED_PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=imagensemoldes.com.br&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b0395dcf11e9430246a46a9c69f74a7127b71976707c8bb3e99842485b23c84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imagensemoldes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8258
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 13:31:27 GMT
expires: Sat, 11 Mar 2023 13:31:27 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CC7 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-ImuEq8qLNX20yX-uC6LYeJnAStZb_g1jybRQl0Fh9NiSKCjUhR3GdOOGsd7d1blV5qY4Cz2FOGlYm9bo_gqeDoeNEqZuL7bZyRGmNWCWht4Tnx99c3rEtKmrBO26JEq4uzoTFA&sai=AMfl-YRt6csLh3vPMNNSDCZh2zv4Ou6A0pJsRRhGIrmKrvSAEiPbyWk1BHuO99fAbezyzLuVAM2a_YqoJY0h&sig=Cg0ArKJSzI-y3pXOZEJeEAE&cid=CAQSGwDUE5ymuNQUDPnhhaxVA4XhOo9jCZbLQwFntRgB&id=lidar2&mcvt=1001&p=0,0,500,180&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678368684837&rpt=855&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFB5 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_ifA07AOLwz6eMEYcAnAK25bNnXyaI256MGF2bI2lMk6oXjfHSLia_Ynzi40HgYQE7cB1xwE3S7Dh-cNvGjZbxO8Cej03FXlwSq5yVLnD3o-HZ7B7DOMapkTTy1CBSRYFblVceA&sai=AMfl-YQm2H4LidtQNxRbjImKl3k18RW9fCot1yuy5CAZr2e2zM6DRo5DkN8hBzRvyj7NuR87s7yniluPMr-0&sig=Cg0ArKJSzIYHOiVEOGz0EAE&cid=CAQSGwDUE5ymuNQUDPnhhaxVA4XhOo9jCZbLQwFntRgB&id=lidar2&mcvt=1003&p=0,0,500,180&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678368684842&rpt=870&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9129 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9966117040495&version=m202301230201&ct=76&x=1&cor=9769427823209845000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9129 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZvFWBCtKgxI4ppvGeLHsG3iDcI_9KmAVP15GKX3fcDcb0z312SNoj-WwJlNxRdjI5JT6Be8AbBvzPcB14VGtkA9rDnX-4Rc0VSGQNX8554RWNOhkhH9sFCiBy9HY_vWPy0C86ow&sai=AMfl-YTlH_Feo0u8keeE6zAQ-wFJeeJwZuksHvhU8YFL6_GS-tY73IjWUuyyUnPOXqOxaRHKakZHeplYr8wylKhc2fIQwRWjNvJm75V1oojSbHXEem64qG3Q7JDV3dIdIHkyTFrpuOOyfOk8Uh9k5A&sig=Cg0ArKJSzMbUT0ker7doEAE&cid=CAQSTADUE5ymSYbS0PecIo11kzkPgC3SSart_W1K80cPnKxpjwHUBHclbK9oGhbDEpJRre-_xPL4oOvcQV_ZtjLFSOww48TFS1YG0xwD0s8YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1685193562&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678368684304&rpt=960&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
21ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimagensemoldes.com.br%2F&domain=imagensemoldes.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://imagensemoldes.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 13:31:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 609239
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 17ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 13:31:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 531974
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E0D8 33 KB
10 KB 47ms
47ms Script
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 41f18ae2ab5bcfbe209bf3c0da4925685c189a2889a1a4721f1c2cba3e8084b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 13:31:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 02:05:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45199
Connection: keep-alive
Content-Length: 9996
Expires: Fri, 10 Mar 2023 02:04:46 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E0D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK2-Mc2dDcSqFxPcdi01qQs&google_cver=1

0
239 B

60ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK2-Mc2dDcSqFxPcdi01qQs&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK2-Mc2dDcSqFxPcdi01qQs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDUxZGJiMWFkYzkyMTY4YzY4MmQxMjUyNTQwMTI1MDFkY2VjNGRlMA

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDUxZGJiMWFkYzkyMTY4YzY4MmQxMjUyNTQwMTI1MDFkY2VjNGRlMA

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDUxZGJiMWFkYzkyMTY4YzY4MmQxMjUyNTQwMTI1MDFkY2VjNGRlMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF15DOGF-20-KAYR

0
647 B

208ms
189ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF15DOGF-20-KAYR
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:31:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7DD09DC5F1DA47B2857430702DD24CB5 Ref B: FRAEDGE1220 Ref C: 2023-03-09T13:31:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2d6lqJQM7XeonJ1LIeQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF15DOGF-20-KAYR
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E0D8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BPbjn3cEQIKXmX_x4AFA6g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BPbjn3cEQIKXmX_x4AFA6g

43 B
479 B

109ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BPbjn3cEQIKXmX_x4AFA6g

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 13:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YQGQVBK9NXMGJDRF9543
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BPbjn3cEQIKXmX_x4AFA6g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/B5p7I9QtwRSQu1Fm2FJfosn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Do0O.KpE2oI9ghJ8JxiDcVI6ewnRqK_TWzM4Sg--~A

0
239 B

10ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Do0O.KpE2oI9ghJ8JxiDcVI6ewnRqK_TWzM4Sg--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 09 Mar 2023 13:31:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Do0O.KpE2oI9ghJ8JxiDcVI6ewnRqK_TWzM4Sg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYxNURPR0YtMjAtS0FZUg==

170 B
188 B

44ms
43ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYxNURPR0YtMjAtS0FZUg==

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYxNURPR0YtMjAtS0FZUg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E0D8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=anF1GXNwQDSvoZzqL3uo1Q&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=anF1GXNwQDSvoZzqL3uo1Q

43 B
479 B

35ms
35ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=anF1GXNwQDSvoZzqL3uo1Q

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 13:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KJ27VY81SD2P2VR2YMG3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=anF1GXNwQDSvoZzqL3uo1Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E0D8 70 B
265 B 138ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 13:31:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=1332967202970593&bg=!JSalJnLNAAbv3-2Ez987ADkAdvg8WmDuM9d-weqSBVIz1XEPu94WtHV9dRR32ilgUkxqnWRaTEv2bCSvEUq-X94El3HNNhZr3EUCAAAAyVIAAAAGaAEHCgC7boAdnXwbl42kDFT029rTqnvyFOJmhHJfNyVV05zIVZkJawpA_rR5HAh8Xo989pZgF1EKkhj14h5RQ3NASh9bWmxnPp627A_SxdNh1JbEY6zU2J2ZBvgBVuW0Wx0Kpq8J4mxlt5268kSSqFl2FR1V44PsC7RgI8M8lC05Fl0SuL8l5F81sSRIioYbJhNiGzwtXbvEVEqVPndA6xTAxjl74PM0oBjI20ZBDZWXvBz3f2BYZ4QhamdIewn6pZkCpcpa8QgqhEe0Ztvb5U8nfQXyFNPuuXTAJWaXmNPjrvL8OTrB6TQNG_1s5BJUrD55Ty_2Yv8kobW_rLhC3ZUGeKrn155SH0cLnwnbVm8NMhGQOPxHJ7YMc8s9tMgXIRdUR6SizRzf1r6uAII3n0YX9gyuBkmbzwIAyVVSmqJJ61KWpW9ltfd0zoLGPMMy6O74l-ZGO3l45MdfzTDgmlIFcX6WBOMKOELLPe7BqfonfHueF0sjeAq-JOoJSCi-O-DTMFVrC37r4wYds39iBGjR5n5SRdsNfUW7GG339jZHdHq_OXQgPsyyxlprIqUjlmOgQpThlqrqmOaovrBGcV66uSxFoP5g4UGxK9C9brEhNwUBjjo5zbjmY8AkGZiY-FfM3kX6DCBDFJ1zzREaktMSKs5i9O32lUjfg9a2Sb-zNpXfTaQY2rN47ODY_0ohn9CS0Z20Z8SklXwk3UEsGhkeOAzkmbU_8vFNW9_WH4tnyza1HittDcXotvIys_Wxk3XP6JkGLpUUfty1v0XwJqcZ-GC5nfqgF4d8lIpbOwEXaU7iz2SCrfvsT22ooYkda3AItnHzZiS2-wmVE_Ebpi3lRPv5r_hJUhgpJ2iNSCN7At1T6XZdvlxq9BEY_OUWyuZ1wkK0UvEHSw82vXC2eR3Ygjt7q_JEApWVt260s_34cUB6wQlcE4IljMJ7NcTaDrwUczrC6ypXQOhF_7TaP3PlBbc4zRbPpIJ_uRUBQsnSdBjGZCBdx8E-0GCFrfq9kIDHblsr71QoEPlwjvcbcYM_XUBXxwB_weTaBSjxI5nOxyLJZCZcgMEGc13v6cEgvgHf0GZxoYNysAWurnyQvoQRDos3MQpFYALRefw8k-B-FtDVoUKwI6AZQp727nMBmcP_IyTmLBb9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SNH2SC3JGN&gtm=45je3360&_p=786890414&cid=870451030.1678368683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1678368683&sct=1&seg=0&dl=https%3A%2F%2Fimagensemoldes.com.br%2F&dt=In%C3%ADcio%20-&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNH2SC3JGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imagensemoldes.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imagensemoldes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=1777&su=imagensemoldes.com.br&d=5000&pvc=1332967202970593&eid=44759876%2C44759927%2C44777877%2C44759842%2C42531706%2C31071869%2C31071756%2C31072792%2C31072926

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagensemoldes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 13:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imagensemoldes.com.br/	1970-01-20 10:12:50	Name: __cf_bm Value: 1DhQkIEXscTFaLpaq.hWvJm2N2qQ0Z.JOD_UyH4BUrs-1678368682-0-Ad4unGc6byh1wp8zRxQQqVpV+WD8ny6WY5dxcnd+dq8OKlHD2vKk6z8W4Y7m6r2shGCqIkSJfFXDhTDQLXeXTEsBHy3OA9UPr50M4DR63TWKLRgJaoKz9NoItgTS8pwSCA==
.imagensemoldes.com.br/	1970-01-20 19:48:48	Name: _ga_744CV3E27J Value: GS1.1.1678368682.1.0.1678368682.60.0.0
.imagensemoldes.com.br/	1970-01-20 19:48:48	Name: _ga Value: GA1.1.870451030.1678368683
imagensemoldes.com.br/	1970-01-20 10:56:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
.imagensemoldes.com.br/	1970-01-20 19:34:24	Name: __gpi Value: UID=000009d69003cf9e:T=1678368683:RT=1678368683:S=ALNI_MacC4lknbcoBFeQ7HyWHRtzF8R_fw
.rubiconproject.com/	1970-01-20 18:58:24	Name: khaos Value: LF15DOGF-20-KAYR
.rubiconproject.com/	1970-01-20 18:58:24	Name: audit Value: 1\|naVuGyos1qrRfSgfUamKig/5onLiA/RiY1TdhAkPVQA8smCg+0jowMmGVJryvI/nvtaTLq5p1C5p0C639txpUVww/adD15Bg+b+TdbrWZVDm483AcCYUhA==
.imagensemoldes.com.br/	1970-01-20 19:34:24	Name: __gads Value: ID=a6b5704a8f17085a-22a6cf054add00ae:T=1678368683:S=ALNI_MYkahUdeVRZMLU2vwdtmKKV7ZliEA
.doubleclick.net/	1970-01-20 19:34:24	Name: IDE Value: AHWqTUmGZ_iO2NlSPcF_HwJZL6K8Wjzo14XmP0qzr5Pszqr_G39Z9J77wq7-h_PC9ks
.casalemedia.com/	1970-01-20 18:58:24	Name: CMID Value: ZAnfrQY4.xfyK8yCDZZMbgAA
.casalemedia.com/	1970-01-20 12:22:24	Name: CMPS Value: 2151
.casalemedia.com/	1970-01-20 12:22:24	Name: CMPRO Value: 2151
.adnxs.com/	1970-01-20 12:22:24	Name: uuid2 Value: 7971409166655380588
.adnxs.com/	1970-01-20 12:22:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?hmrnmS!]tbPl1M>e)ZlrFUfJ+tGXvWBAb))ZEuhp.Sdc:vCyLhV^1rg7`dYZvg<:FW3If)y3KL9D3I?-6fZ[Z4
.imagensemoldes.com.br/	1970-01-20 19:48:48	Name: _ga_SNH2SC3JGN Value: GS1.1.1678368683.1.0.1678368685.0.0.0
.doubleclick.net/	1970-01-20 10:12:52	Name: DSID Value: NO_DATA
.imagensemoldes.com.br/	1970-01-20 19:34:24	Name: cto_bundle Value: VzrHe19ORmYxc2t6Tnd1MDdBeFlpRks2Skh4N09DdmdyV2owd3JzdDFiZHVBS2tlSmtaQzlUbU10cXA0MXJyYVJ0bm9mT0xQeFYxbXdPUXcydWRzNVZTJTJGWjVkckRCWmFFSkVGWW5vY2RHWWliYzJZQ213cHJTalpxc3pUTHR1aWN6R1Jt
.imagensemoldes.com.br/	1970-01-20 19:34:24	Name: cto_bidid Value: rwnOLF9PQVMySjJGTjZNWnI3QmFtQVFFd3RoMUFzRDFkMXBMVWRXbGNJbVBZSTg0WG5xZ1BReHoyUG5hRGJRUzVITHBTRmpTWDNPZVlCWUdzJTJCcDlYeU1hemNKMEVZRHZaeGQxWlBFU1ViR2VuUTJNJTNE
.yahoo.com/	1970-01-20 18:58:46	Name: A3 Value: d=AQABBK_fCWQCEFuTjP22cXaZtnchGHrnYhYFEgEBAQExC2QTZAAAAAAA_eMAAA&S=AQAAAsHfm1rR18lqnVOlXK7MK14
.linkedin.com/	1970-01-20 18:58:24	Name: bcookie Value: "v=2&7c4a2d23-ba40-4969-88d5-be7dbc8e891a"
.linkedin.com/	1970-01-20 14:32:00	Name: li_gc Value: MTswOzE2NzgzNjg2ODc7MjswMjHjypB6a9wOKLYN4FI109MHiUgo+E278Xbc5oq8tiLqyA==
.linkedin.com/	1970-01-20 10:14:15	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2493:u=1:x=1:i=1678368687:t=1678455087:v=2:sig=AQHKkq19zNUEIq3tjmb_LF12at631Qwt"
.amazon-adsystem.com/	1970-01-20 19:48:48	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 15:09:27	Name: ad-id Value: A8QOBmD9_UHWsmJMwk-G-nE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-7536383250901359&fa=4&ifi=6&uci=a!6&btvi=2&xpc=E6pDKK0WeZ&p=https%3A//imagensemoldes.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271803&client=ca-pub-7536383250901359&fa=3&ifi=7&uci=a!7&btvi=3&xpc=pP9H5Nxds2&p=https%3A//imagensemoldes.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

264ba0028e3d994a7238f92035c2e7e3.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
c0.wp.com
cdn.jsdelivr.net
cm.g.doubleclick.net
contextual.media.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbx.media.net
ib.adnxs.com
imagensemoldes.com.br
invstatic101.creativecdn.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pb-logs.media.net
pixel.rubiconproject.com
pixel.wp.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
tagmanager.alright.network
token.rubiconproject.com
tpc.googlesyndication.com
warp.media.net
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.138.7.52
141.101.90.97
142.250.180.194
142.250.180.226
15.197.193.217
178.250.0.157
185.80.39.216
185.89.210.90
192.0.76.3
192.0.77.37
2001:4860:4802:34::36
23.203.124.21
23.64.52.128
2602:803:c003:200::41
2606:4700:3032::ac43:9f91
2606:4700:3037::6815:3939
2606:4700::6812:372
2620:1ec:21::14
2a00:1450:400d:802::2003
2a00:1450:400d:802::200e
2a00:1450:400d:803::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2006
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2004
2a00:1450:400d:80c::2008
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2002
2a00:1450:4025:402::9d
2a02:2638::1c
2a04:4e42:200::485
2a05:d018:d29:3601:6177:59f2:51df:8cf8
34.107.148.139
34.160.55.127
34.96.70.87
35.190.39.111
52.46.155.104
52.95.115.255
69.173.144.138
92.123.38.97
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ecc07b4f6e2559be876db2075853bd78cca2f09223157b5f7b4c66f1a3473f
088674fc15eef135403ab29abc6c7fc277dc83932073c9e418199bbba5ee3f77
088f0fb76428d8d80fbdfe4c32d29189761c3ec415269bf0cc8111f2f00b269f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
106490eba2f3bd60ded542f8353c78729f7169acc781ffb31ef5e9e8768b7db2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135ca543fd0e32ae8c856655a61ba4f461a096e1cbc107b8f85021440970a0bd
136e5a489546a6a57ee9dae8f30ba99c10e1460e15d56d2923ae4fe9842cbeed
14074af762388535ef964139330ab32efd439c8dd5f076ac5cb5a90ca5aa50a4
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1e67b3698fec49e0dc5755b73b14378f49019d2354f4eeed77c338e5964a12e5
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a8dfeb975951fd6f5edd0d3a81d0bd8e0d3c833cf23ce3bf81f6c32f823ae4a
2ae1ef19f30f7bd72d938634d2de2ee3dc91082e846ead7e5a93568138986cb6
2cd04516e29263e4961c2fffaa91ca6bedf925662a7206505461ab112a6767fd
2d08d3d271203d3acfbc8b2a73f9dc5d522cb38ba0432d859337036fc275f9ae
2dcd5408480db2ca000f8956c6ada981cb44e096c2f62a4dd0ade757f97a26e6
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63
3889f04391f069d597482cdd313def75cddc61db05768b59afe1d1c71fe77433
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3e27f893b0d37f44d21def1e42a48d5877144499b35e32d323895e427cc2420b
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
41f18ae2ab5bcfbe209bf3c0da4925685c189a2889a1a4721f1c2cba3e8084b6
424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ab8eeac38fdbcc1e77cf9fb54f0e6a118166845026cc500bfc148c34e7a9f6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b993fc180c7778070a1cbfeb62a40227e057c89db70874f920be4c5c63f7a8c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cc3f0be094d1055966a0f0abf30c3d85c73be54141926deed6dc1911148763
5518feab50f6d237f17730ecf963cf42619f4eec7f24be4aa5ea773f25b9227f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ab56b26b6c2a562fca0131b38adae977b40bb845984e37d20a5d2524d7ba151
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6315555798a42d3034cbdf67f826e982eddac7707bcd85e856e01f37b62bac31
64466ba68466bfb5d967c7b2bb77304b6b77aca524614d247f086a2ab8c86de6
66574a52a8d3c18d195ff4540d1940132ecbbc7484c0f2a374e87fc241d40d3c
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
76ab142d5f82ae772458681f87e8291fa1d6cd84faa40195313a2d49e24abbba
77d7ec0e28de0674919bc6e2abc980c47b3ac580ce0950562ef29ec737571fe7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ec5ef95f439d7d6c3d55d8876ff16d87f9803f225ffffcffcd036aa2154e75
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
88dfa486d81755b5073594e36a5d5ffb33acff67a1eac7a47091269e9dcb0d2b
8b4570c965d3230d9fd550cfebe647ffbf5ff1a79d2993993ade589ecc42fb2b
8cb2083a4cb2b2775bcb066bee79dab8792ff7e37d0cd9533d15e75573fb4ad5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2
9575453d56b60a04d94e8dd63615a8e7dab1b835025be5e2b26a3364c55b2584
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9726b20db498daf21bdb1282c0f6e3fcc196e3f7be1c23a3ef2fa5b5bcd53aba
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9b5c37c80ccd103c8075d88ed542ac53ac2ad2f84ad000626d8ea8c6094f063a
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d11c97f8796f3ef37343325dffd4925803c7bc2750bb4e7e75333b25f7c8004
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8c592984fe58453c410a590ac2e9e1bbf0b9887d5ff5c60c106959c94db4608
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6f0ad8e43b8519cd6c06668a9a71a32291f04af609f2bedaa3615e6e437563
b0395dcf11e9430246a46a9c69f74a7127b71976707c8bb3e99842485b23c84a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b62512ae94ea5d52f27c2a86ab0c9c72dc1c02ed1d3f98b8e1d1bd4577bc36c3
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13
b92bb04925973f7b610e03bf5f8a7622e19fba98998b01f28d325ba50780a20b
c06f9dd021a296550cfd9d80683bd58233da9dae35dcca9dec047e91fefdfb9d
c10eb17716cc956128ca5cd608b1e293caa282c737ee5a0f5dc124f5069351a3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c6a1bd8c1f9e549ee262dc51af2b57af48daff702e18c24d3f5cb760d645e56a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb09a4e13e668c690ae0961d43307f9cfa35a4cdc5f3315068b4e2855f8d5ec3
cbdf026f0e3ad6909f663b18a4636e25d12927f278563bdd2ee387a55677d87c
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc9529992853473b405c81ce87191f30332e569faca93e663c92de6f206da87c
d6d6e96a679284a0a81ccfef42ce8f1c2ddb99c9a3e8bdf6c1bb3a047c18edf4
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b
dbdce2a427cc45f01c27c5b968fb54a771a11b8ec9687104530d0c8077b1ebb5
de8e4657255e798fffe3237564dbe11db135cabdb291c1d282c2326046977dd1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5045426b2f131ff916dfacc87708a4629cd36e8e12b0d614a0216b8bce13552
e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5307441a6bf6e3716c9e6821886b776cc92587d4290208d0916b4fb2c225404
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac
ff5c21fc1c1cbfe628d8026b2e290bceb198286c1ae4f7bd335175d5133f62b7

imagensemoldes.com.br Open in urlscan Pro 2606:4700:3032::ac43:9f91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

94 %HTTPS

57 %IPv6

28 Domains

54 Subdomains

45 IPs

7 Countries

2753 kBTransfer

7413 kBSize

24 Cookies

1 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imagensemoldes.com.br Open in urlscan Pro
2606:4700:3032::ac43:9f91 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

94 %
HTTPS

57 %
IPv6

28
Domains

54
Subdomains

45
IPs

7
Countries

2753 kB
Transfer

7413 kB
Size

24
Cookies

202 HTTP transactions
6 data transactions