patoshoje.com.br Open in urlscan Pro
104.21.70.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://patoshoje.com.br/
Effective URL:
https://patoshoje.com.br/
Submission: On April 03 via manual (April 3rd 2022, 1:01:28 pm UTC) from BR — Scanned from DE

Summary HTTP 300 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 94 IPs in 10 countries across 90 domains to perform 300 HTTP transactions. The main IP is 104.21.70.108, located in and belongs to CLOUDFLARENET, US. The main domain is patoshoje.com.br.
TLS certificate: Issued by E1 on April 2nd 2022. Valid for: 3 months.

This is the only time patoshoje.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	104.21.70.108 104.21.70.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:ec00:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.117 108.157.4.117	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.248.72 18.66.248.72	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	184.87.212.24 184.87.212.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
6	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
3	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
10	18.192.130.236 18.192.130.236	16509 (AMAZON-02) (AMAZON-02)
3	34.192.67.210 34.192.67.210	14618 (AMAZON-AES) (AMAZON-AES)
1 3	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
5	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:3400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 7	3.120.1.163 3.120.1.163	16509 (AMAZON-02) (AMAZON-02)
1 1	157.90.167.185 157.90.167.185	24940 (HETZNER-AS) (HETZNER-AS)
5 7	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	2.20.157.2 2.20.157.2	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	63.33.77.67 63.33.77.67	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 9	2606:4700:10:... 2606:4700:10::6816:108d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.234.140.75 34.234.140.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:4acb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.0.134.127 52.0.134.127	14618 (AMAZON-AES) (AMAZON-AES)
9 19	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 7	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
3 5	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
1	172.67.23.236 172.67.23.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
3 3	3.65.142.105 3.65.142.105	16509 (AMAZON-02) (AMAZON-02)
3 5	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.196.142.162 18.196.142.162	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:659... 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a05:d018:24:... 2a05:d018:24:b001:8602:c81a:97ba:276d	16509 (AMAZON-02) (AMAZON-02)
2 2	52.212.211.89 52.212.211.89	16509 (AMAZON-02) (AMAZON-02)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	185.15.245.81 185.15.245.81	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
2	52.19.63.143 52.19.63.143	16509 (AMAZON-02) (AMAZON-02)
1	138.201.8.249 138.201.8.249	24940 (HETZNER-AS) (HETZNER-AS)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	3.211.130.57 3.211.130.57	14618 (AMAZON-AES) (AMAZON-AES)
3 5	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1 1	176.34.153.222 176.34.153.222	16509 (AMAZON-02) (AMAZON-02)
2 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	18.185.167.9 18.185.167.9	() ()
2 18	104.36.113.107 104.36.113.107	() ()
2 2	103.229.206.240 103.229.206.240	() ()
4 4	54.220.206.62 54.220.206.62	() ()
1 1	198.148.27.139 198.148.27.139	() ()
1	185.86.137.132 185.86.137.132	() ()
1	72.251.245.179 72.251.245.179	() ()
1	178.250.2.151 178.250.2.151	() ()
1	38.91.45.7 38.91.45.7	() ()
1 1	154.59.122.79 154.59.122.79	() ()
1 2	2606:4700::68... 2606:4700::6812:d05	() ()
1 2	23.55.23.233 23.55.23.233	() ()
1 1	104.45.178.220 104.45.178.220	() ()
1	38.27.122.126 38.27.122.126	() ()
1 1	3.121.94.129 3.121.94.129	() ()
1 2	52.72.71.171 52.72.71.171	() ()
3	104.36.113.24 104.36.113.24	() ()
1	169.50.137.184 169.50.137.184	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2a05:d018:d29... 2a05:d018:d29:3602:d715:9c64:5860:e3e3	() ()
1 1	34.203.25.60 34.203.25.60	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	() ()
1 1	193.0.160.129 193.0.160.129	() ()
1 2	38.67.14.233 38.67.14.233	() ()
1 1	34.102.253.54 34.102.253.54	() ()
300	94

39 104.21.70.108 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

patoshoje.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:ec00:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-117.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-72.dus51.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.192.130.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.67.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-67-210.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.15 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-11953-9.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:3400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.120.1.163 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-1-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.167.185 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.185.167.90.157.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.223.38 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.77.67 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-77-67.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:108d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4acb (United States)

ASN13335 (CLOUDFLARENET, US)

resources-rt.idx.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.134.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-134-127.compute-1.amazonaws.com

rt.idx.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.36.113.23 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.103.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.131 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.236 (United States)

ASN13335 (CLOUDFLARENET, US)

ads01.groovinads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.20.157.55 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.142.105 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-105.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.39 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.142.162 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-142-162.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:8602:c81a:97ba:276d (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.211.89 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Milan, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Rheinfelden, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.63.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-63-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.8.249 (Landshut, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.130.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-130-57.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.239.38.253 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.153.222 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-153-222.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.167.9 (None, ) 1 redirects

ASN- ()

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.36.113.107 (None, ) 2 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.240 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.220.206.62 (None, ) 4 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (None, ) 1 redirects

ASN- ()

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.23.233 (None, ) 1 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (None, )

ASN- ()

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.94.129 (None, ) 1 redirects

ASN- ()

docker.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.71.171 (None, ) 1 redirects

ASN- ()

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.113.24 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d715:9c64:5860:e3e3 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.25.60 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.67.14.233 (None, ) 1 redirects

ASN- ()

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	patoshoje.com.br 1 redirects patoshoje.com.br	2 MB
31	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	201 KB
30	pubmatic.com 5 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446 ads.pubmatic.com — Cisco Umbrella Rank: 453 image6.pubmatic.com — Cisco Umbrella Rank: 610 simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	35 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com	259 KB
16	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1690 mwzeom.zeotap.com — Cisco Umbrella Rank: 1548	5 KB
13	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 eus.rubiconproject.com — Cisco Umbrella Rank: 551 pixel.rubiconproject.com — Cisco Umbrella Rank: 348 token.rubiconproject.com — Cisco Umbrella Rank: 669	25 KB
12	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8057 c.mgid.com — Cisco Umbrella Rank: 5828 cdn.mgid.com — Cisco Umbrella Rank: 10440 servicer.mgid.com — Cisco Umbrella Rank: 8257 s-img.mgid.com — Cisco Umbrella Rank: 7239 cm.mgid.com — Cisco Umbrella Rank: 1117	107 KB
11	yahoo.com 5 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1133 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287 cms.analytics.yahoo.com — Cisco Umbrella Rank: 899 pr-bh.ybp.yahoo.com	4 KB
11	vidoomy.com vpaid.vidoomy.com — Cisco Umbrella Rank: 98977 d.vidoomy.com — Cisco Umbrella Rank: 14161 a.vidoomy.com — Cisco Umbrella Rank: 8999 a-prebid.vidoomy.com — Cisco Umbrella Rank: 16621	4 KB
10	webspectator.com wfpscripts.webspectator.com — Cisco Umbrella Rank: 121548 webservices.webspectator.com — Cisco Umbrella Rank: 103610 msgws.webspectator.com — Cisco Umbrella Rank: 173236	60 KB
9	mathtag.com 3 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1197 sync.mathtag.com	7 KB
9	retargetly.com 1 redirects api.retargetly.com — Cisco Umbrella Rank: 4744 app.retargetly.com — Cisco Umbrella Rank: 19713	9 KB
9	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 436	7 KB
8	amazon-adsystem.com 5 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1196 s.amazon-adsystem.com — Cisco Umbrella Rank: 278	6 KB
8	smartadserver.com 2 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1328 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2386 sync.smartadserver.com — Cisco Umbrella Rank: 1435 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1219 rtb-csync.smartadserver.com	3 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 46015 d.tailtarget.com — Cisco Umbrella Rank: 52980 tt-11953-9.seg.t.tailtarget.com — Cisco Umbrella Rank: 248020 b.t.tailtarget.com — Cisco Umbrella Rank: 46765 t.tailtarget.com — Cisco Umbrella Rank: 6483	24 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	3 KB
6	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 2048 c1.adform.net — Cisco Umbrella Rank: 571 dmp.adform.net — Cisco Umbrella Rank: 2549	3 KB
6	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	24 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	4 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 326	2 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1906 mp.4dex.io — Cisco Umbrella Rank: 2659	47 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
5	media.net warp.media.net — Cisco Umbrella Rank: 2233 hbx.media.net — Cisco Umbrella Rank: 898 prebid.media.net — Cisco Umbrella Rank: 1198 contextual.media.net	175 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	271 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 435	2 KB
4	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 613	764 B
4	gstatic.com fonts.gstatic.com www.gstatic.com	337 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 575	1 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 428 usermatch.krxd.net — Cisco Umbrella Rank: 1229	941 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 873	2 KB
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 806	1 KB
3	idx.lat resources-rt.idx.lat — Cisco Umbrella Rank: 23111 rt.idx.lat — Cisco Umbrella Rank: 21922	7 KB
3	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1485	391 B
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 962 pixel.quantserve.com — Cisco Umbrella Rank: 418	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	2 KB
2	mxptint.net 1 redirects pmp.mxptint.net	965 B
2	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	570 B
2	owneriq.net 1 redirects px.owneriq.net	476 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 599 idsync.rlcdn.com	44 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 37887	670 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1150	791 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 350	931 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 534	1 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	27 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	64 KB
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 645	307 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 449	529 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 654	651 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 841	1 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6033	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8069	914 B
2	alright.network tagmanager.alright.network — Cisco Umbrella Rank: 202375	132 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 280	6 KB
1	playground.xyz 1 redirects ads.playground.xyz	464 B
1	rfihub.com 1 redirects p.rfihub.com	783 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	612 B
1	creative-serving.com 1 redirects docker.creative-serving.com	475 B
1	bnmla.com match.bnmla.com	112 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	349 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	674 B
1	deepintent.com match.deepintent.com	44 B
1	criteo.com dis.criteo.com	363 B
1	adgrx.com cm.adgrx.com	408 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	324 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	923 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 183434	214 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1605	359 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 434	387 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 19073	272 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1593	596 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 141312	659 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7620	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 11724	411 B
1	groovinads.com ads01.groovinads.com — Cisco Umbrella Rank: 19360	591 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1005	162 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26104	221 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 894	429 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	648 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 43672	349 B
1	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 50199	23 KB
0	0rx.io Failed sync.0rx.io Failed
300	90

	Domain	Requested by
39	patoshoje.com.br	1 redirects patoshoje.com.br
19	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com spl.zeotap.com
13	simage2.pubmatic.com	2 redirects ads.pubmatic.com
13	mwzeom.zeotap.com	spl.zeotap.com
13	pagead2.googlesyndication.com	patoshoje.com.br pagead2.googlesyndication.com tpc.googlesyndication.com 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	pixel.mathtag.com	1 redirects api.retargetly.com pixel.mathtag.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net spl.zeotap.com
7	x.bidswitch.net	7 redirects
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	wfpscripts.webspectator.com	tagmanager.alright.network webservices.webspectator.com
5	image2.pubmatic.com	ads.pubmatic.com
5	aax-eu.amazon-adsystem.com	3 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	image6.pubmatic.com	3 redirects spl.zeotap.com ads.pubmatic.com
5	match.adsrvr.org	4 redirects
5	app.retargetly.com	api.retargetly.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com patoshoje.com.br
5	www.googletagmanager.com	patoshoje.com.br tagmanager.alright.network www.googletagmanager.com
4	match.prod.bidr.io	4 redirects
4	eus.rubiconproject.com	tagmanager.alright.network eus.rubiconproject.com warp.media.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pixel.tapad.com	2 redirects api.retargetly.com spl.zeotap.com
4	api.retargetly.com	1 redirects wfpscripts.webspectator.com api.retargetly.com
4	ups.analytics.yahoo.com	4 redirects
4	pixel-sync.sitescout.com	api.retargetly.com ads.pubmatic.com
4	a-prebid.vidoomy.com
4	cdn.mgid.com	jsc.mgid.com
4	c2shb.pubgw.yahoo.com	warp.media.net
4	script.4dex.io	tagmanager.alright.network script.4dex.io warp.media.net
4	securepubads.g.doubleclick.net	tagmanager.alright.network securepubads.g.doubleclick.net
4	www.google.com	patoshoje.com.br www.gstatic.com tpc.googlesyndication.com www.google.com
3	token.rubiconproject.com	3 redirects
3	s.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	sync-tm.everesttech.net	3 redirects
3	spl.zeotap.com	tagmanager.alright.network spl.zeotap.com
3	pm.w55c.net	3 redirects
3	bcp.crwdcntrl.net	2 redirects api.retargetly.com
3	ads.pubmatic.com	warp.media.net ads.pubmatic.com
3	rtb.openx.net	2 redirects
3	a.vidoomy.com
3	sb.scorecardresearch.com	1 redirects wfpscripts.webspectator.com
3	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
3	d.vidoomy.com	tagmanager.alright.network warp.media.net
3	fastlane.rubiconproject.com	tagmanager.alright.network warp.media.net
3	prg.smartadserver.com	tagmanager.alright.network warp.media.net
3	www.gstatic.com	www.google.com
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	beacon.lynx.cognitivlabs.com	1 redirects ads.pubmatic.com
2	px.owneriq.net	1 redirects ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	s0.2mdn.net	23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	patoshoje.com.br 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
2	23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.smartadserver.com	2 redirects
2	trc.taboola.com	api.retargetly.com spl.zeotap.com
2	secure.adnxs.com	2 redirects
2	cms.analytics.yahoo.com	1 redirects api.retargetly.com
2	tags.bluekai.com	api.retargetly.com spl.zeotap.com
2	rt.idx.lat	resources-rt.idx.lat
2	cm.mgid.com	jsc.mgid.com
2	ad.360yield.com	2 redirects
2	s-img.mgid.com
2	onetag-sys.com	warp.media.net
2	prebid.media.net	warp.media.net
2	pixel.quantserve.com	1 redirects
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-11953-9.seg.t.tailtarget.com	d.tailtarget.com
2	pbjs.e-planning.net	1 redirects
2	d.tailtarget.com	patoshoje.com.br d.tailtarget.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	tagmanager.alright.network	patoshoje.com.br tagmanager.alright.network
2	jsc.mgid.com	patoshoje.com.br jsc.mgid.com
2	cdn.jsdelivr.net	patoshoje.com.br tagmanager.alright.network
1	simage4.pubmatic.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	p.rfihub.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	docker.creative-serving.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	mweb.ck.inmobi.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	contextual.media.net	warp.media.net
1	id.rlcdn.com
1	px.ads.linkedin.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	ssbsync.smartadserver.com	23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
1	ads01.groovinads.com	api.retargetly.com
1	sync.teads.tv	api.retargetly.com
1	resources-rt.idx.lat	api.retargetly.com
1	t.tailtarget.com
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	ssbsync-global.smartadserver.com
1	cm.adform.net
1	bidswitch-eu.splicky.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	ajax.googleapis.com	webservices.webspectator.com
1	c.mgid.com	jsc.mgid.com
1	mp.4dex.io	warp.media.net
1	hbopenbid.pubmatic.com	warp.media.net
1	hbx.media.net	warp.media.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	wfpscripts.webspectator.com
1	vpaid.vidoomy.com	tagmanager.alright.network
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tags.t.tailtarget.com	patoshoje.com.br
1	warp.media.net	patoshoje.com.br
1	stg.truvidplayer.com	go.trvdp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	go.trvdp.com	patoshoje.com.br
1	fonts.googleapis.com	patoshoje.com.br
0	sync.0rx.io Failed
300	145

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.instagram.com
twitter.com
www.facebook.com
clinicamedicimagem.com.br
www.mlabspages.com
api.whatsapp.com

Subject Issuer	Validity	Valid
*.patoshoje.com.br E1	`2022-04-02` - `2022-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.alright.network Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2021-07-09` - `2022-07-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.retargetly.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-06` - `2022-12-22`	a year	crt.sh
idx.lat Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.groovinads.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-10` - `2023-03-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
dmp.theadex.com R3	`2022-03-16` - `2022-06-14`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
beacon.lynx.cognitivlabs.com Amazon	`2021-04-28` - `2022-05-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://patoshoje.com.br/
Frame ID: 6060F11D25C88F4A42BD9AD1EFA9C01D
Requests: 147 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 97B06F92759FD4DBEB0746F9A75F75AE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl&co=aHR0cHM6Ly9wYXRvc2hvamUuY29tLmJyOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=bxyo5t8au47e
Frame ID: 742740CA2A7D8647D03986DC23480376
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1234567890123456&output=html&adk=1812271804&adf=3025194257&lmt=1648990876&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpatoshoje.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648990876417&bpp=2&bdt=626&idt=381&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3075984362442&frm=20&pv=2&ga_vid=860023652.1648990877&ga_sid=1648990877&ga_hid=848292939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=6195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44761043%2C21066429%2C31066014%2C31062931&oid=2&pvsid=2944051212279048&pem=642&tmod=942271886&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=398
Frame ID: F6DBB5F4DC61AA8F02DCBC9CC0E66D33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5155950455221162&output=html&h=200&slotname=4654093518&adk=3001535480&adf=2188159854&pi=t.ma~as.4654093518&w=728&lmt=1648990876&psa=0&format=728x200&url=https%3A%2F%2Fpatoshoje.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648990876419&bpp=1&bdt=628&idt=421&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3075984362442&frm=20&pv=2&ga_vid=860023652.1648990877&ga_sid=1648990877&ga_hid=848292939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44761043%2C21066429%2C31066014%2C31062931&oid=2&pvsid=2944051212279048&pem=642&tmod=942271886&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tsU06gDUrF&p=https%3A//patoshoje.com.br&dtd=425
Frame ID: EB8EE4AEE43FC79BE8486D4C99A3D41F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94CA90CE1594C91841D5383B3526B93F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A0C3DF23987C1BE8E35547D97ECF59E8
Requests: 2 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1
Frame ID: 9F86A59EF88A1BFDB886352654CE8F55
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1648990878023573555846
Frame ID: 87774ADF07C8C9A2A296AC9448B8EE4F
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Frame ID: 41EFEAE2B492E5B4915D497A3C6B5D4A
Requests: 16 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Frame ID: 41E935EA83B59FF3B75694A286F83C5A
Requests: 5 HTTP requests in this frame

Frame: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 957D5A36D0A63415259764F6385D6D4F
Requests: 1 HTTP requests in this frame

Frame: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8502B50C80DB7B537303C3B2F7FDA9E5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGM3Z6MYBMAE&v=APEucNWNbkU9P21-u9JOIOIYOQGQqWYoeA4Ufr_qPkDxrLhrknnnFpWSvRJe8oQtrVq8gbefwUBhA9PPp7hWw1ZFMtTGIs7BQ7vQHEI0bid0hBcwgEGrMBtzk5nYhJSAh34e1k0jhNIhzm-HdT3JsmgFPk-6WknR3RUlycnnKFuzSnen-eHZ66Y
Frame ID: 064CBD031BAEB961F5E0304544C9E3FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22D1A19A046A0859383819FD4DE6241D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEC1331074A299D75E413CC5991A747A
Requests: 3 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2889&eaup=/21830119956/patoshoje.com.br/WIDESCREEN_ENGAGE_DESK&eolid=null&eci=null&ct=%7B%22siteurl%22%3A%5B%5D%2C%22sitestructure%22%3A%5B%22RON%22%5D%2C%22pageposition%22%3A%5B%22abovefold%22%5D%2C%22iabtaxonomy%22%3A%5B%22News%20and%20Politics%22%5D%2C%22adposition%22%3A%5B%22widescreen%22%5D%2C%22hb_prebidmanage%22%3A%5B%221%22%5D%2C%22hb_abt%22%3A%5B%22mp%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: E46644F42D2E23D0018E0BA1D45DF34F
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&cmp=0
Frame ID: 05B12044036773424FE1BAC41716F744
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 71B0F63768231C60D423E004D84D3559
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 22F16DC6C47F8AADC499BCF20005316F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648990877698
Frame ID: A660B35B8BE5875F56A9A80136F4A08A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8Y84F0&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C331%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C337%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=MANAGED_PREBID
Frame ID: 914FD8371B10D0C39D47C243502480FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Frame ID: 6F287B7A25AA68A118075C9AD65B14D5
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5343D3EF-1F7B-4062-9346-5F076558F7A9
Frame ID: 0944D7468A9ADC56EE7ABCA704FA240F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkmaoQAR2bamIAAy&gdpr=0&gdpr_consent=
Frame ID: 2F1AB7B9B1CBDDE5475A802D9DA251EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:db876249-9a9f-4900-8a51-d80e1cd562e8&gdpr=0&gdpr_consent=
Frame ID: 67561C2764377FFF76127A423229D6BF
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGtdE7EkzUAADYzYA49QA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 631E5A8022133C6830E11DB0914C1055
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: ACF5570E9DDAB4B602CD8657254ECB9C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 969EAA3C51CB5D41DFACE5DF210AB8F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 17B468A96BC90FF6DD4F3E644AF9F4C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=660691125109
Frame ID: 241256FDCDDAF2CFF8273A85D34BBD58
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D7D58F4875C6AEB1EAE36641065FD92F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1YRG6hok1NAZR75&gdpr=0&gdpr_consent=
Frame ID: 5E0920A98F91FF11DD67931F8F7D4438
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: EB41C31DEB444CA9214568917674B783
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d48b64b5-e866-4e54-8ffb-b20283f920c4
Frame ID: 8CD27C54C0FE475C45D3B0C1C6DF5298
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: B5DFF14C5FD335C634835E890BBCD62D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=208d9730-8e19-4657-809a-5bc806a5dd94
Frame ID: AED4F6DE0BF4293DEAEA140C3116EA39
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5343D3EF-1F7B-4062-9346-5F076558F7A9
Frame ID: 9E7B704C5E07F5E4095AA3C19D1F9E39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Patos Hoje - Notícias de Patos de Minas

Page URL History Show full URLs

http://patoshoje.com.br/ HTTP 301
https://patoshoje.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

300
Requests

79 %
HTTPS

28 %
IPv6

90
Domains

145
Subdomains

94
IPs

10
Countries

3639 kB
Transfer

7344 kB
Size

105
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/user/patoshoje1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/patoshoje/

Search URL Search Domain Scan URL

URL: https://twitter.com/patoshoje

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Patoshoje

Search URL Search Domain Scan URL

URL: https://clinicamedicimagem.com.br/

Search URL Search Domain Scan URL

URL: https://www.mlabspages.com/somos-empresarial/por-que-contratar-uma-consultoria-empresarial

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5534996692216&text=Ol%C3%A1
Title: (34) 99669-2216

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://patoshoje.com.br/ HTTP 301
https://patoshoje.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://pbjs.e-planning.net/pbjs/1/4d628/1/patoshoje.com.br/ROS?rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpatoshoje.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/patoshoje.com.br/ROS?ct=1&r=pbjs&rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpatoshoje.com.br%2F

Request Chain 90

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9=

Request Chain 137

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=vidoomy&expires=10&bsw_param=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa

Request Chain 138

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&uid=5698409636443220784

Request Chain 143

https://ups.analytics.yahoo.com/ups/58573/occ?gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/58573/occ?gdpr=&verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-AnQfsE9E2uFQ1MwIoc8fZYPaOA.l4xRdW58lMjo-~A

Request Chain 144

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=improvedigital&uid=fd0ce317-8db8-4de2-9b8f-f4ab0d10d098

Request Chain 152

https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx= HTTP 302
https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MmRjMTc2NTAtYzkyYy00YThjLTlmMTMtN2ZlZDNlZmI3Njk1&google_cm HTTP 302
https://app.retargetly.com/sync?pid=11&google_gid=CAESEFzyodNxYop89IOAHaM3EYM&google_cver=1

Request Chain 158

https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166

Request Chain 160

https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
https://api.retargetly.com/sync?pid=13&sid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f

Request Chain 163

https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
https://app.retargetly.com/sync?sid=5698409636443220784&pid=2

Request Chain 165

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID&rdf=1 HTTP 302
https://app.retargetly.com/sync?pid=14&sid=5343D3EF-1F7B-4062-9346-5F076558F7A9

Request Chain 166

https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695

Request Chain 168

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1 HTTP 302
https://app.retargetly.com/sync?sid=6574944955898817877

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&C=1

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkmaoAB.KsxwLK80NNDEAAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&google_hm=2

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKw0QqW1ktoSpLaEJNKaxc4&google_cver=1

Request Chain 189

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5ODQwOTYzNjQ0MzIyMDc4NA%3D%3D

Request Chain 198

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7Xse-1ZW_IVISRRMaA4hb6NK0KBVXj2EeY5kyr3yeIb-kheCgBLY8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7Xse-1ZW_IVISRRMaA4hb6NK0KBVXj2EeY5kyr3yeIb-kheCgBLY8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVlSRzZob2sxTkFaUjc1&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7Xse-1ZW_IVISRRMaA4hb6NK0KBVXj2EeY5kyr3yeIb-kheCgBLY8

Request Chain 200

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-qgVdrC1OTYEka57fDHn8&google_cver=1&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r_1FDZ5DZqj36Py2lrzg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB-qgVdrC1OTYEka57fDHn8&google_cver=1&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r_1FDZ5DZqj36Py2lrzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwMDAxMDYyMTM1NjUwMTYzNw&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r_1FDZ5DZqj36Py2lrzg

Request Chain 201

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENKamknmWa0FulMKux8y5Ko&google_cver=1&google_push=AYg5qPLLHvD4GvJ2V4sdrdNiCzM0tSa378C7h7zsxPcMgu245sf-ywhjHrXyVvH-pgJRuJhMqjVGvDbZEXJVpwgTI4C-UI_4IVI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLLHvD4GvJ2V4sdrdNiCzM0tSa378C7h7zsxPcMgu245sf-ywhjHrXyVvH-pgJRuJhMqjVGvDbZEXJVpwgTI4C-UI_4IVI

Request Chain 202

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHTn-zdRozmGtjtr5WvFWas&google_cver=1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1648990881082 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&google_hm=

Request Chain 204

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh&apid=UP288f3f27-b34e-11ec-a38f-0214991a90ae HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODhmM2YyNy1iMzRlLTExZWMtYTM4Zi0wMjE0OTkxYTkwYWU%3D&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh

Request Chain 217

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=efc86151-08a0-495b-bb21-357a65257cb6&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 219

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 223

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6507910e-9703-43f3-a04e-c21dbe659e39&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 224

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=adb8bac5-2590-45e2-7600-1e414633e17e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=adb8bac5-2590-45e2-7600-1e414633e17e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=28466053799357499081557241470518043606&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 226

https://bn01.er.bemail.it/zeotap.php?_bid=adb8bac5-2590-45e2-7600-1e414633e17e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022040315-22751-0.726763001648990884-47f02d422cab74e15b567c8c79385e42&zdid=533&env=mWeb

Request Chain 227

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7082361905309218965&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 229

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=adb8bac5-2590-45e2-7600-1e414633e17e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=adb8bac5-2590-45e2-7600-1e414633e17e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361&bounce=1&random=675096523 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=Wjpr07JqTS67rIgPuSXG6u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 231

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=adb8bac5-2590-45e2-7600-1e414633e17e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=cd94e7085606016511c9509e159a4e6b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 232

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-gKJDJQJE2oq4km_nNeZy5jtlN98JA.UtZg--~A&zpartnerid=570&env=mWeb

Request Chain 233

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=qmLd62khRZf%2FG%2BSUG%2Bf8tfb1T3d8zs16%2BS41iYitP1U%3D

Request Chain 236

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361&_test=YkmaoQAR2bamIAAy HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YkmaoQAR2bamIAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&_test=YkmaoQAR2bamIAAy

Request Chain 237

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=db876249-9a9f-4900-8a51-d80e1cd562e8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 238

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 239

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&dcc=t

Request Chain 241

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIKALjTorAuKWTazCtutBY&google_cver=1

Request Chain 246

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KQoo-OybSgi3KfMZ3Crw8Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KQoo-OybSgi3KfMZ3Crw8Q

Request Chain 248

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU0ODViNTIwNTQ2MDQ5MTAwMDQ5Yjg1N2YzZGU4NTc0ODc2OTBhMg

Request Chain 249

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFKQUxDSU8tMTgtS1U1WA==

Request Chain 250

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1JALCIO-18-KU5X

Request Chain 252

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Fooly9yRaS9iLErAujnNA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Fooly9yRaS9iLErAujnNA

Request Chain 258

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_9d5c6f3c-bef5-44b9-8b9e-9184f735a386&bsw_param=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&expires=10 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa

Request Chain 259

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5698409636443220784

Request Chain 261

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D&ox_sc=1 HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=ee8e4068-5efe-4015-8f80-4b092ace16b9

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkmaoQAR2bamIAAy&gdpr=0&gdpr_consent=

Request Chain 267

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:db876249-9a9f-4900-8a51-d80e1cd562e8&gdpr=0&gdpr_consent=

Request Chain 268

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHdGRFN0VrelVBQURZellBNDlRQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGtdE7EkzUAADYzYA49QA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGtdE7EkzUAADYzYA49QA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGtdE7EkzUAADYzYA49QA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 272

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=660691125109

Request Chain 273

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 274

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1YRG6hok1NAZR75&gdpr=0&gdpr_consent=

Request Chain 275

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 276

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d48b64b5-e866-4e54-8ffb-b20283f920c4

Request Chain 278

https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=208d9730-8e19-4657-809a-5bc806a5dd94

Request Chain 279

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c6742476-d740-4813-bc33-5ede72661281&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5343D3EF-1F7B-4062-9346-5F076558F7A9

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 282

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db876249-9a9f-4900-8a51-d80e1cd562e8

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTM0M0QzRUYtMUY3Qi00MDYyLTkzNDYtNUYwNzY1NThGN0E5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUaQ2aP66Tf0GcWm3MWTsc&google_cver=1

Request Chain 286

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8300646895888285295&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 287

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f

Request Chain 289

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5343D3EF-1F7B-4062-9346-5F076558F7A9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2v727TdE2uUcFhtNM.Ch6nRxCiuav5A-~A&gdpr=0&gdpr_consent=

Request Chain 290

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5698409636443220784&gdpr=0&gdpr_consent=

Request Chain 291

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2a77ae06-b34e-11ec-a023-a3a88443b67e&gdpr=0&gdpr_consent=

Request Chain 294

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4900010621356501637

Request Chain 295

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0w9JStxcRBfIWB9FhwhQFdQOGRXIXEhCgFiUcMJf

Request Chain 296

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077721058782643&expires=30&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 297

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_EDC04FC5_2E058805&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 298

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5698409636443220784

300 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
patoshoje.com.br/
Redirect Chain

http://patoshoje.com.br/
https://patoshoje.com.br/

102 KB
13 KB

1065ms
1026ms

Document
text/html

104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a91bd4ae4ea77d7c1c7a7eb1bd636d4e14177f1429d49e9eaeb502726f3b412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f61fdeb7fd87190-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 13:01:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 03 Apr 2022 13:01:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIGGaBjCGSZxhzMiEUiMOV6afwovBasArk8JYVRmvHy7UtmA8uH2up8M6JIkwIq4tJ7jkGKE%2BNQ0BbQBurn8Y4zr%2FaAhrLvna3kkp7a0YnQ1pzgyxDezFKl976KbbGBOzDG3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

CF-RAY: 6f61fdeb0b5972a0-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 03 Apr 2022 13:01:15 GMT
Expires: Sun, 03 Apr 2022 14:01:15 GMT
Location: https://patoshoje.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nG1LqAIlb%2BT4rFT627q8H%2FDan0CINtwnMF0dV4ANIpRomKULyWl9U6VLkwuGFPIhHvsVSCr%2FrOof1jBe0xSIJKrrriFzLUaRvgUIeYJHBAltr4OmWJCicsHBoFWarOl14gcy"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
972 B 191ms
65ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jost:wght@300;400;500;700;800&display=swap

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7895bff5a75fb627fa4d1fd1669492c6e04ecb11e2637bdf654f134b53fba0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 13:01:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Apr 2022 13:01:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Apr 2022 13:01:16 GMT

GET
H2 200 output.64c132e99532.css
patoshoje.com.br/static/CACHE/css/ 294 KB
53 KB 153ms
153ms Stylesheet
text/css 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c6538f799165cdc1782e352e8d8d4b264d1624f4665e096ad43ba0c0fa36f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=328974
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Aug 2021 11:19:16 GMT
server: cloudflare
etag: W/"612cbeb4-5050e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSVolCNP5%2F%2BUWvOlmJZgohCKJjVefWZzEnOI6uYbPtuoIfsmKSvSOtW11wKESMZUigqeXY%2Bu6oIonxqH6wme2B3F%2BfD5AjRuW%2Beqp39IdH3hYcx5mHEU8H36p89lBlMlqFg5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6f61fdf20cb07190-LHR
cf-bgj: minify

GET
H2 200 logo.png
patoshoje.com.br/static/img/ 18 KB
19 KB 25ms
23ms Image
image/png 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/static/img/logo.png

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a38b4165c7798a5e67133b6bcfd8575189abc2c45b295d6359c282c58f1b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3295
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18607
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: "60b3c687-48af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igN8mDcmI9lCu%2F4VkdZiDaBSjvCY6wxqc2unid%2BOfBG4Gqi2UejeTuM0scBMQUu4FB2exvariMYnq1eL%2F1v98A2mGv7bTiLJatb7dzQj7kKwqW%2F6Y1qx8cB%2FbrEVV5phhjZf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf20cb57190-LHR

GET
H2 200 festa-feijao-deks.jpg
patoshoje.com.br/media/banner/ 108 KB
108 KB 218ms
216ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/banner/festa-feijao-deks.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8750cfeab2dba1f04bd325d38ebecf3d7158b61c547b1cf9cc8506aed83a8290

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110217
last-modified: Sat, 02 Apr 2022 12:44:27 GMT
server: cloudflare
etag: "6248452b-1ae89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwBOf3btenYgMeQnRAWS4DFTYFTNXev%2BunaroCM7ttIrBUrazz5hy%2B02Mce9idTaf%2FXE1sJa9gyQnRO8NC8h2uuBjWTrj%2BVDmn4ceblrx7P2cVlqtzq65%2BSqvObJvj%2FrD65c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf20cb77190-LHR

GET
H2 200 banner-1-patos-hoje-v2.jpg
patoshoje.com.br/media/banner/ 30 KB
31 KB 167ms
165ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/banner/banner-1-patos-hoje-v2.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312fd7d22598aa806b0c1ad722a7747cfb634f3fd0b6328a35ff0d34cb6d9b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31173
last-modified: Tue, 29 Mar 2022 14:49:31 GMT
server: cloudflare
etag: "62431c7b-79c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma0s80hwnvCw7lRfUI2Lgl2NQS1Fq7P3J4119f4gp7C7f7DyAbH%2Bv2hDPdhmPM8mFtt7N%2F5R23ji5GAlu3TdaroMqL49%2FSfWmDNWpD1CTSgod5OWd98GL09aYt1OGZX%2BDE%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf20cb87190-LHR

GET
H2 200 autonivel-ph-play-1.png
patoshoje.com.br/media/banner/ 8 KB
9 KB 154ms
153ms Image
image/png 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/banner/autonivel-ph-play-1.png

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2cf75e8680813765f1157399ee8499dbafd15b627cd4512e970c59519865284

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8193
last-modified: Wed, 23 Dec 2020 19:21:41 GMT
server: cloudflare
etag: "5fe398c5-2001"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpaJa6sfpfZNRkRuB22%2BAhYGg%2FAzV7MkI%2B4LT4omBaorJe%2FCwD153QdD7dJSiAsrU1NuYukoXhyk4o3p7ODtmfeldLfkUChcz1Xt53j0O2QoTk21NhlRCG5Bn9PHqcWPwz0J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf21cbb7190-LHR

GET
H2 200 somos-dekstop.gif
patoshoje.com.br/media/banner/ 160 KB
161 KB 280ms
279ms Image
image/gif 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/banner/somos-dekstop.gif

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9997ea0e986e2be8e745ecca55ffe18023ac0795394b8d816382aaa6b95250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 163920
last-modified: Fri, 01 Apr 2022 13:47:53 GMT
server: cloudflare
etag: "62470289-28050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWmmnCqTSjKNhcfUrkN%2BA59DmeZ1%2B1Py9aI8o2DUGpKq6UwPDZAUQsSzD8WrfezdC%2FGqf7xwa9zbcTEv1kzxN1wKImpFvWWgInMjFmfyNT1ECLWepU%2Fw0tnGOEAPjf8FpKuE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf21cbe7190-LHR

GET
H2 200 5635.js Show response
go.trvdp.com/init/ 23 KB
23 KB 81ms
12ms Script
binary/octet-stream 2600:9000:2315:ec00:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5635.js?pid=4231
Requested by: Host: patoshoje.com.br
URL: https://patoshoje.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:ec00:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24cee3976a1f2d7cba9518a09b980b937e881b2a86c52047e9bcbde42beed3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 21:33:40 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 06:16:07 GMT
server: AmazonS3
age: 15521257
etag: "e049663ebf5a15427db38e3ce9d436c1"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 23348
x-amz-cf-id: aCVp37fJWYMNKVGN10wmTGz8AUoT4O6OoPNgx9gLmzkTgxbhnIzPvQ==

GET
H2 200 logoRodape.png
patoshoje.com.br/static/img/ 11 KB
11 KB 30ms
29ms Image
image/png 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/static/img/logoRodape.png

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618e4d7cde008e7d06926c2d6bf115a1077173c8e538b1b5f299d5bf563993e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10776
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: "60b3c687-2a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFDIPpSoD57YA7xqKqnU%2FBTT3qAG03ggWxH%2FUJyBFq9%2B3ds%2FbRRQVDwYXWKLnhBatTYa7%2BQtf3s0x8f9xdQiZW%2BMm773AieQOOWm1I%2BcpaneRzLbGa170g1HvYTGf2kL4XAt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf21cc27190-LHR

GET
H2 200 email-decode.min.js Show response
patoshoje.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 24ms
22ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igM67z2YSSdX0S6qNoWXINc%2F4WDCvT9tFg1mkHI8PgWKZ75haAHdwZBx3dDSziXnAgUfhKBnQJs2ugaw4RnuncsAsdqeyvzFN1b1%2B5Zj2BYrNwz4BC57yFc2BiMEGa2YD0Tp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f61fdf20cb47190-LHR
vary: Accept-Encoding
expires: Tue, 05 Apr 2022 13:01:16 GMT

GET
H2 200 rocket-loader.min.js Show response
patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
21ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIi0cZb9k4ViiiGEbtjq%2BU9hCB83tSlNT31oi6bOp8sx7tgkzZECehyRIJl3y2kMwqWH5sOQ6AXqJ3tqBn5ASNuItlV%2FZluknpOwQJca1auUq%2BBweNYUcoVCZmiHaH%2F2MiRe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f61fdf21cc47190-LHR
vary: Accept-Encoding
expires: Tue, 05 Apr 2022 13:01:16 GMT

GET
H3 200 bg-listras.png
patoshoje.com.br/static/img/ 47 KB
47 KB 143ms
143ms Image
image/png 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/static/img/bg-listras.png?1c2f966c15aa

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf0dc29e46e0aa146306ff78ec1f6dbae164c50f3c2f17e726a621fadbe1555

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47803
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: "60b3c687-babb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knPMHxBZRenx4Hb8IluknYFYMjvpk%2BZ%2Bzj7VcFb6vtM6cb98lk2Pg%2F66eGF%2FUueW2WDPlPYTK9Fg%2BHop9UYwemT7OzPJM7UPkikNF1vfPCntzQ1ujrq3fAb5TAJxbhTS%2BLAy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf34d3a7686-LHR

GET
H3 200 fa-solid-900.woff2
patoshoje.com.br/static/fonts/ 38 KB
38 KB 183ms
182ms Font
application/octet-stream 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/fonts/fa-solid-900.woff2?d66a6ee8a411

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38784
last-modified: Sun, 30 May 2021 17:08:22 GMT
server: cloudflare
etag: "60b3c686-9780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzMV2lB%2BzQAIXgP64uXgIdB%2Bi8BXCC6IEkV6sJCScVhEZLSoyQ%2BzIbmP0FnIp8PF1lbqON4VjvExHpcMrs5EtYEVCOu1iQ7%2B7Oagdj%2Baq9Jjdujo7thVKVn0qOFzba8vsr%2F8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf35d497686-LHR

GET
H3 200 fa-brands-400.woff2
patoshoje.com.br/static/fonts/ 53 KB
54 KB 186ms
185ms Font
application/octet-stream 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/fonts/fa-brands-400.woff2?d66a6ee8a411

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54420
last-modified: Sun, 30 May 2021 17:08:22 GMT
server: cloudflare
etag: "60b3c686-d494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pBu07kgCsqvNxUQUGOG1C5bG8aWXUqGCx7gIo7o4nTBzRMW9infwcnWRtZfQYwf6hMDTQUnKf8ub7NND3k%2ByhUmdYIvsFPYS%2BsVqo1GWMQy4h8hCck%2BCpWPHsBgCnqXDs7C"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf35d4d7686-LHR

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v12/ 26 KB
26 KB 181ms
57ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v12/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@300;400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:37:33 GMT
x-content-type-options: nosniff
age: 213823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26372
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:37:33 GMT

GET
H3 200 fa-regular-400.woff2
patoshoje.com.br/static/fonts/ 12 KB
12 KB 203ms
203ms Font
application/octet-stream 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/fonts/fa-regular-400.woff2?d66a6ee8a411

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36d4f83add2176a3c6243bd57a32a387a1906227e286689530ff878de1994eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/static/CACHE/css/output.64c132e99532.css
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12220
last-modified: Sun, 30 May 2021 17:08:22 GMT
server: cloudflare
etag: "60b3c686-2fbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0COsYT6dLnT5WiVR3%2BS26WmNgN2rnoH4B52z%2B8%2FrhwYf7dlnYrWwjknYaf97yAtvFg030POWPj6UTyjqpT8E4oLcdGbJw5EId6IoWUzjyQr4%2Bn3BOKPzQyOvdTKdHDmTKpbT"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf35d4f7686-LHR

GET
H3 200 3ceeeb4fc03447801123def0e7c38ca7.jpg
patoshoje.com.br/media/cache/3c/ee/ 73 KB
74 KB 162ms
161ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/3c/ee/3ceeeb4fc03447801123def0e7c38ca7.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0df8bd9b6651fd43db1c4568ff3d7b6c0c5177d048219e67666d06f922c8bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75187
last-modified: Sun, 03 Apr 2022 10:48:09 GMT
server: cloudflare
etag: "62497b69-125b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5bKA5mx9h5bKmZYeMmvf8gbAIAngKKN3hY5RCoFjNU%2Bz2QysV%2BgNKoEOLxPHYS4Y1BfVZENWDlLljJf3av5OVgTOLepR%2Fimx0ZZIMycBsz19W8Gk6U0wPXzG84YXQoI5ERD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf39db87686-LHR

GET
H3 200 f1ac5efc7d66da8254204c2e76e68274.jpg
patoshoje.com.br/media/cache/f1/ac/ 48 KB
49 KB 175ms
174ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/f1/ac/f1ac5efc7d66da8254204c2e76e68274.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b76e2e11715d0ce18589d3a21da893abca4dec31857cb3f2d6d27ede9460b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49136
last-modified: Sat, 02 Apr 2022 14:08:39 GMT
server: cloudflare
etag: "624858e7-bff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMZAPQilHOd154XqNWRTdjYBKrB7w%2FBSzPqrpC8tD0%2BcSGx4CSm%2BPNDJS%2B%2FMJFKGJbDUpiHYIxhwxOw1mCbmsJHpRhlIWqNndvxBLQJZnO%2FfspU15IxV18%2FMdGO2hxlP89Zw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf39dba7686-LHR

GET
H3 200 6e24044f04072454b3872e2259e8a49a.jpg
patoshoje.com.br/media/cache/6e/24/ 64 KB
65 KB 212ms
211ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/6e/24/6e24044f04072454b3872e2259e8a49a.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f84d85482cc6b271b7077d6978b290fa4f6a727801e91e028dace46ad64c065

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65641
last-modified: Sat, 02 Apr 2022 12:33:21 GMT
server: cloudflare
etag: "62484291-10069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1r%2Bl3FWNFlfOGRY9kTdVnC0WueERQ%2FaWtmGNaWTRqaXqTpC%2FsYfHMI5dFwnC98Mi%2FGAJc0iT1qhp3tQddDJRcZo5OfkGHMAIkTnl6Mkd5%2BBe7bI4AhDDMqicz8a0VL4JEPD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf39dbd7686-LHR

GET
H3 200 38b7179764aeceb4d976a4389c5ae466.jpg
patoshoje.com.br/media/cache/38/b7/ 48 KB
48 KB 183ms
181ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/38/b7/38b7179764aeceb4d976a4389c5ae466.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718c900eeb63b14c42838ec19a99ee855ee1157d4732ab584713bca6d82ae58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49049
last-modified: Sun, 03 Apr 2022 10:44:21 GMT
server: cloudflare
etag: "62497a85-bf99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV2RL4KwE%2FiVlI8QVTV4y1r%2BxIq%2FKPlo9AQGAR8cWttYiTbKGqTPp9QZY1vkvEU8IGrWd5Gcc7SPAEsWWodHeA3EEZmxlXPitK%2FV5%2FVtbOcpSvtIODZzXWCycar1P%2FD79I1b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf39dbf7686-LHR

GET
H3 200 043b7e0c9a47e5e90e529669529027dc.jpg
patoshoje.com.br/media/cache/04/3b/ 62 KB
62 KB 158ms
156ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/04/3b/043b7e0c9a47e5e90e529669529027dc.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02519b92ffab6c131a0bdc70fe813e99592841173b6ce42288351234ca7ed791

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63124
last-modified: Sun, 03 Apr 2022 10:32:36 GMT
server: cloudflare
etag: "624977c4-f694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOJbSShWftKLlsQd0EYOKRDVjdnoLTY5A9s2pKMIdVmKmxAYWJzVWx7BixS%2FvqrH0T%2FRdybowhgFBw0KTlKOwEQ6RILv9tPLMXTid6DgTMbgzXdC43CE4H4ymWWBd528245%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf39dc17686-LHR

GET
H3 200 aee5a07cc5292efdcec4ff4bc7f1ca22.jpg
patoshoje.com.br/media/cache/ae/e5/ 81 KB
82 KB 175ms
172ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/ae/e5/aee5a07cc5292efdcec4ff4bc7f1ca22.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092e091d9fe16d5f6e33ed136fe9a4bd56ae6aaa4ae4aea9f9a05d611df83c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83093
last-modified: Sat, 02 Apr 2022 16:32:19 GMT
server: cloudflare
etag: "62487a93-14495"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYCFqzAW4AXiK0Zd0L4wZHN141KK2SfFSoVwwl%2B5%2FRz0v6e63%2F%2F9uBoPrR2PcQy0F7VAveQFcnXJJAZ49BGjRH1BoLx7Bm9ch%2Fnj6e1uppLZdSdLO%2FwH7HPEp5Y8TBK7Y9Jm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adc27686-LHR

GET
H3 200 cadfeb2d2f8385c51ef5e90ded23232a.jpg
patoshoje.com.br/media/cache/ca/df/ 84 KB
85 KB 171ms
168ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/ca/df/cadfeb2d2f8385c51ef5e90ded23232a.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5d8490394966b91a9ca8b4e7291963a83a2d768d1ba48babaa729270221dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85995
last-modified: Sat, 02 Apr 2022 12:39:07 GMT
server: cloudflare
etag: "624843eb-14feb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww1yjLyG2pQmW%2BNoc5ggCGUicjCabnrsK%2BfRoMAdGuu4dQPh8Q1o%2BEIrq%2BLKiy4hPcy1kPr9jZYdV0kWgEj%2B6LOkPwlKxlgv%2B7Zfao%2BKIE3vTlLKCxsNxwUeVzRDd6bUNud3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adc57686-LHR

GET
H3 200 f20d9bdfc10d8ed5064ce1c7e6df4ad1.jpg
patoshoje.com.br/media/cache/f2/0d/ 74 KB
75 KB 158ms
155ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/f2/0d/f20d9bdfc10d8ed5064ce1c7e6df4ad1.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1d9018f6ce7a104b7cb966769e573caacc362e6d04a4a4b21c474a357f924c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76005
last-modified: Sat, 02 Apr 2022 03:54:10 GMT
server: cloudflare
etag: "6247c8e2-128e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iykFTUQic6SDk9bvWueelXuF4k01CrFoUNSIdhpahytnxKX2HpnM%2Fc2kHGxy3CHW5baJbacMvFaJUb40liqBVWAvtHC4l1fW4b7R24P5usvHn55VvJTAeNlXoylm0xhj%2BlLK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adca7686-LHR

GET
H3 200 c351edc3c8aedef9eeff225c4a411217.jpg
patoshoje.com.br/media/cache/c3/51/ 61 KB
61 KB 247ms
244ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/c3/51/c351edc3c8aedef9eeff225c4a411217.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8930ea8306081348a9705f9e3bb75d14ca6a2855ff182a71803556e384946f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62094
last-modified: Fri, 01 Apr 2022 19:50:31 GMT
server: cloudflare
etag: "62475787-f28e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vObX%2BGhIH%2FcqMsYuh2MkPoCNdiCfipECVy0mO1S7OPihE15Gs3nTzRoSQQdjTmLXPYNuoz2AEEk6TcU1F53W%2FxsB6qM4rEhi27JUKF94xwdyn8ZoXZbZrlSOQNntqDe7UroO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adcb7686-LHR

GET
H3 200 phPlay.jpg
patoshoje.com.br/static/img/ 6 KB
6 KB 194ms
191ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/static/img/phPlay.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c06acf31b92825a7b2bd837344406bccbcdbdd47cef9ec572ce0c647b9a4b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5930
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: "60b3c687-172a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yluKvYqqiDFyHhV9eLUM6SA%2BcWy0WTpDLw%2ByyVR%2BuveLaCgoE5zsF5QuaZZl4Y4EJjc8djErQLJFvTadnBHYSPN9DZN6UxYRvE8s3ShiQ7ye%2BYeQG96dYlpmQM5Huj2OSsZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adcd7686-LHR

GET
H3 200 59aca30c6fb2fbb936ff2adaa3b54a2c.jpg
patoshoje.com.br/media/cache/59/ac/ 106 KB
106 KB 290ms
287ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/59/ac/59aca30c6fb2fbb936ff2adaa3b54a2c.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1a9735f580ee5c95e949e3cd4de29669fc29e1c8cc45b53304b3272cc7523b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108409
last-modified: Fri, 01 Apr 2022 20:31:37 GMT
server: cloudflare
etag: "62476129-1a779"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2uJExj1JWy610%2Bnqw%2BEPuS6ST6aoT1McccAvFJxUg%2BDi4KuVUucCok807wEHFvH6ra0L9oR%2Fgaj0AYgd8b2IFVrIEdsBiLgu13Ken83PVkE5hgmVboohtQf4gzrc%2BMlXzSP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adcf7686-LHR

GET
H3 200 185085d13b99a1ee95d29686436b81c1.jpg
patoshoje.com.br/media/cache/18/50/ 54 KB
54 KB 271ms
268ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/18/50/185085d13b99a1ee95d29686436b81c1.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fa0c02f5ad19a2e06511e30d272dbf9b285c306f8f611a1e533847b7fe8fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55109
last-modified: Fri, 01 Apr 2022 20:31:37 GMT
server: cloudflare
etag: "62476129-d745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXjhx8P3U2JEcLmeNr03BzebPkEpJ1QgAamqFunOZ8BaxKgQPDK%2FaGnF8MQxzRtyHsQpsuiMV960tXc95Pi6zF4e050RfniE8C4oKkie9Nfhb0w9Dzzjeejsd4OTtxlQwncY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3add27686-LHR

GET
H3 200 9e4d0e796b07a5129dffa1c6e882a0fa.jpg
patoshoje.com.br/media/cache/9e/4d/ 43 KB
43 KB 194ms
191ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/9e/4d/9e4d0e796b07a5129dffa1c6e882a0fa.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb156a618120eaede9eb567621ba7fc3bc89334fc7610d22e9829adcbae2cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43982
last-modified: Thu, 31 Mar 2022 20:36:27 GMT
server: cloudflare
etag: "624610cb-abce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuJgfJekhr8PwLDNrrmrPpNrAitcPgeBlfONtuW%2BHaJC1E26PoQJOK9fBC7O0DRVSnvQzihCxwVnOjFUOGEujQ%2BTMiqPtEwUSyMHporjm%2B1Tj0hQ2uGZ3RFJVVSq2CMeF%2FHS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3add47686-LHR

GET
H3 200 68358e09304bc99ddf1748190d1fbf08.jpg
patoshoje.com.br/media/cache/68/35/ 48 KB
48 KB 195ms
192ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/68/35/68358e09304bc99ddf1748190d1fbf08.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ff5618d47f697dcb4e50f80fd830d72b06b460aa0de7db473c38f6d89db4883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48756
last-modified: Fri, 01 Apr 2022 20:14:58 GMT
server: cloudflare
etag: "62475d42-be74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyAQjk1SX%2F0GxZqZyDg%2BH4JQ7Fp2Bg3XvsPsbtZzqRE%2BXGYtZ3a%2BrZk%2FaiFt8th2%2FZuoWuSdBAeJyvAe%2F3f4ajOAn5oZlU2Iu9X0%2FOMkTXve7AGuFSk4PgdFRggO6%2FI2c34M"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3add57686-LHR

GET
H3 200 4738ea71b29878cbb67b1d3d048fb67e.jpg
patoshoje.com.br/media/cache/47/38/ 52 KB
53 KB 292ms
290ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/47/38/4738ea71b29878cbb67b1d3d048fb67e.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6127b4ff6c6f050591c7cc8cacbb81a00ecdad0aad126ac016fa8a241c6b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53541
last-modified: Fri, 01 Apr 2022 20:14:59 GMT
server: cloudflare
etag: "62475d43-d125"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elDc5X6h52feWzNhiyBafHnx6saMFbgreyG1Uq6VJN8uPNHyDbkH%2FjhVUs2ZwnMGsnV%2FnddySPdOM6pxbW9mZXoEEqjNIdxbNSkfZyVFJzSxSLh%2FsTcsFaEP3HKcDRcBYXAi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3add77686-LHR

GET
H3 200 516d59e297c43810dbd1702a51b82775.jpg
patoshoje.com.br/media/cache/51/6d/ 66 KB
66 KB 213ms
210ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/51/6d/516d59e297c43810dbd1702a51b82775.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2e4aa5db05239da9aa17efe4c808d6e3705844a3d4524a0269635894f5e119

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67418
last-modified: Fri, 01 Apr 2022 15:51:00 GMT
server: cloudflare
etag: "62471f64-1075a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKb4hH8wcspHSeoTv%2Fxrv53MahTyoTMhn%2BHjj%2FQ9%2FZWw6pQD1RpV0uQVkM98y%2FJ%2FFbdmiFWUkDR%2F%2BcKA0nI1uoklz1G1%2BuI69UPdgtHmKqpPrJ2O26eTQtNgxvLUmI%2FVEcHr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3adda7686-LHR

GET
H3 200 popBanner.jpg
patoshoje.com.br/static/img/ 14 KB
14 KB 197ms
194ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/static/img/popBanner.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e057db9ac605296eb6a3b7795c47acd290fe3b2d8859b53c88a64f8afe8f88e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14316
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: "60b3c687-37ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI7elI6dSyu22saN67nvpKTse6w3T1DoESknLfpAPvam4EO21qIopiHrcJj%2Bt3By5p52%2FHGhrR%2FopADUTLDLprhnErOmPOCki%2BR41BWAADVMstVRyzZFChX1VyxyihcKgmcg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3addb7686-LHR

GET
H3 200 4785f40bf13f3ec1f43eeee9aab03944.jpg
patoshoje.com.br/media/cache/47/85/ 18 KB
18 KB 197ms
194ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/47/85/4785f40bf13f3ec1f43eeee9aab03944.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db8f18a720cc671253187aa4f0aefdf1debff7dfcf8c0bf754bd7dccbf4a87e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17987
last-modified: Wed, 10 Nov 2021 23:08:22 GMT
server: cloudflare
etag: "618c50e6-4643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq%2F44HpKq2UXsdY18YWO%2F7t9ngJPGy5ELa8jeymsWaubPO4Nxy%2Fx52yiajIfZ%2BZVTndprEL2Isz4z72wn03TTdYriazpmmXo8Gw0xupyBeaL%2FU%2FnojJOF8MEu0sVpoE7X2ZZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3addd7686-LHR

GET
H3 200 c299fd022e2c4e0cd5a8273a2b137798.jpg
patoshoje.com.br/media/cache/c2/99/ 20 KB
20 KB 154ms
152ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/c2/99/c299fd022e2c4e0cd5a8273a2b137798.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c18a1c91f53d7c573c00e4d994e136cb315c80b91684964be4762c98cfeed27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20013
last-modified: Mon, 19 Apr 2021 10:41:43 GMT
server: cloudflare
etag: "607d5e67-4e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F2OBzKIrep%2Ffxa7asNsp%2FUE49fa9tSa8Mv%2BdYEtCc0yvFvJn8bgQziENNtrBOtrRyer8LrU%2FnDYl8mrAzWF%2FIKqkCoM5Y%2F3wl9Rg9lLnjch3fJlk2l03kS3yfxqPTYY5wT0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3addf7686-LHR

GET
H3 200 84abf37dc4a05206cb8eb263fa44b87c.jpg
patoshoje.com.br/media/cache/84/ab/ 13 KB
13 KB 199ms
196ms Image
image/jpeg 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patoshoje.com.br/media/cache/84/ab/84abf37dc4a05206cb8eb263fa44b87c.jpg

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5653677b2802eae323d242cdd7fc0307442f96117dce70839b2e2b8214657081

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12898
last-modified: Tue, 22 Jun 2021 14:07:32 GMT
server: cloudflare
etag: "60d1eea4-3262"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjCXyOtMXpPBq2%2BsGZb8A2TvVabHT0OTgXZObJg%2FJv6P5GDJg%2F5pcjtlpwdRfznjpBvpnlLN%2BLZkvzSg2norizFI7rrHqxozVJPh89oqES0%2FKtoRQaZpRuvP1dYoi8%2BtEJD%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6f61fdf3ade37686-LHR

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 13 B
349 B 169ms
124ms XHR
application/json 108.157.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1306&wid=5635&cb=1864.3918774761391&pid=4231&url=https%3A%2F%2Fpatoshoje.com.br%2F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5635.js?pid=4231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-117.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: eb2e78e82066485dd62ad9e5f2f88b9d9877c6ed1a1fddfd724be899569ee31f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://patoshoje.com.br
access-control-allow-credentials: true
x-amz-cf-id: mHyJgSRFUeKNd0dh9ziVQBf0Kad2ZV66rxMBwNbs1FsrM1bQwb01Gw==
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)

GET
H2 200 sharer.min.js Show response
cdn.jsdelivr.net/npm/sharer.js@latest/ 7 KB
3 KB 70ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sharer.js@latest/sharer.min.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12998
x-jsd-version: 0.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19150-FRA, cache-hhn4051-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1cf4-rU4XDuIRpC8036n5raFlH/qnNeg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f61fdf3ee8b916b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 185ms
67ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20473477-1

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb848cd511e8bc47175fc406b8e5b969b07f8a930f6905977047037a3fe9126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39160
x-xss-protection: 0
expires: Sun, 03 Apr 2022 13:01:16 GMT

GET
H3 200 output.1688c6316668.js Show response
patoshoje.com.br/static/CACHE/js/ 201 KB
57 KB 196ms
195ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/CACHE/js/output.1688c6316668.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a83841170d08cb1fc589083d0d6b6435a641d9a0d78cf5c16a7b9ecd8c7290

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=205976
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 28 Mar 2021 21:44:38 GMT
server: cloudflare
etag: W/"6060f8c6-32498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RChVG8TuCUMcsQk%2BAQR%2FMtsQ5sHFNIwqtw36emab67DYgLGybuWhjlBVICu7ulKHZ9UkKy%2BOP8aJKRyMrYzjhdYN00w%2FFQDAzcFSHU2SwvR9RerMWs8efM2uLIn7FK5O7nlI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6f61fdf3ade57686-LHR
cf-bgj: minify

GET
H3 200 comentarios.js Show response
patoshoje.com.br/static/js/ 9 KB
3 KB 202ms
201ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/js/comentarios.js?update=65478

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac408265c42b9cae1ac6433951e7b786438a381c97d53736e90bb0d4cc976817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=18902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: W/"60b3c687-49d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU0vRqAzvxX4o%2B%2BGqLUSapEQx3NFzPcCaZ1zbXMUkHxV3QJEcCOQg3gs0qjRvjxyPP7h16%2Fdze%2Bc2RPTZb%2FZ9YPGi6J0aGnYxOGj5u29%2Baubau%2FySATjRLOWhZ8pgAx9WgtI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6f61fdf3ade67686-LHR
cf-bgj: minify

GET
H3 200 usuarios.js Show response
patoshoje.com.br/static/js/ 5 KB
2 KB 483ms
482ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/js/usuarios.js?update=65478

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15834fbb524ed7834573fd710ff6d391d582f195895ef7c7935929f39c9895da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9161
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 May 2021 17:08:23 GMT
server: cloudflare
etag: W/"60b3c687-23c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Bpr9WJxUSDxR%2BqkcenFZUUTb4ASfZ8R99XNdocF14pQPS%2FGvGUMV%2Fdx7QVJq1x8wKaW0VVKtx8h8guix%2F4O674YjOc%2Be%2FMNhcEEwjGa9R%2BJaI%2FN%2FVkE%2F3MSlpE1%2FfXIBUGq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6f61fdf3ade87686-LHR
cf-bgj: minify

GET
H3 200 output.c1d3c0a3d8e3.js Show response
patoshoje.com.br/static/CACHE/js/ 204 KB
74 KB 38ms
37ms Script
application/javascript 104.21.70.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://patoshoje.com.br/static/CACHE/js/output.c1d3c0a3d8e3.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a28ec07a0e6479dbc74f2040c0448dec81f6a00f2f594c0ee190b4b45dd48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3295
cf-polished: origSize=208539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 31 Mar 2021 23:30:40 GMT
server: cloudflare
etag: W/"60650620-32e9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcqQxsuM3ArKDrD%2FBOmOJiEWNoI7nmOAM6L4kq5qvJzE%2FWVnxlu%2F%2FZl6cmX%2BCjDnnTiGBw%2BxDFGktlp9%2Fst1V8qLnRVSToNNuMw2Z6znHZCStwukPk6lKP2xtHht6p51mVNy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6f61fdf3ade97686-LHR
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 194ms
71ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25c3616da3e3d44363edde06fb8449df05ebb242d314e6f187956a172caf3ad6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Sun, 03 Apr 2022 13:01:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 244ms
123ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9a43693e6f37d9b00f66e637a2f3be2b743f033aadf401881d2a7f7da0689dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54060
x-xss-protection: 0
server: cafe
etag: 10465543155103508249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Apr 2022 13:01:16 GMT

GET
H2 200 patoshoje.com.br.1274524.js Show response
jsc.mgid.com/p/a/ 2 KB
1 KB 372ms
331ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.js
Requested by: Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403276fd64b91201777979b05ed63826210f8633fde1f109faf1ea211a2eadc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NV9SXJZ4FT0G8352
last-modified: Wed, 30 Mar 2022 13:18:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZGcTYmB+BRxHAv+XXkns9BDTwTYSGdUReemVH20FMaxQ08pOOt7gDdDaK7FoSOdtw+UFzQZIW3s=
cf-bgj: minify
server: cloudflare
etag: W/"fd277bf65131153546b995e57fdd2a90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f61fdf3ec858fc5-FRA
expires: Sun, 03 Apr 2022 16:01:17 GMT

GET
H2 200 container_5oITrxyf.js Show response
tagmanager.alright.network/manager/js/ 77 KB
21 KB 489ms
417ms Script
application/javascript 18.66.248.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_5oITrxyf.js
Requested by: Host: patoshoje.com.br
URL: https://patoshoje.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2ca84549a49db154e7da7270270a9662f798fbf816c598706fdb88f995b2d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 16:21:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"dfcf9580352ed88da9483b8b7d544d60"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-id: TGSDpiZc8Dh4w822YNvySiDTm2XYbWvFB8Ci4H-8OB7z6xBv5_Q08A==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 362 KB
144 KB 180ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://patoshoje.com.br/
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146406
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Apr 2023 12:44:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 293 KB
106 KB 145ms
84ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1234567890123456&plah=patoshoje.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff0c6cdfa465510686fe1bc10ad576ecfca7dbcc246e53354e3cc99fc09720e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108070
x-xss-protection: 0
server: cafe
etag: 13319652911791144223
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 97B0 10 KB
5 KB 175ms
52ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 48736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Sat, 16 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 patoshoje.com.br.1274524.es6.js Show response
jsc.mgid.com/p/a/ 230 KB
69 KB 170ms
152ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c58dde0dea3757b389cdbe25f232f879a3d83fdbd0149767879f9de04e499b45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: H1D4FWHQ4RZT0GPH
last-modified: Wed, 30 Mar 2022 13:18:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cUsTar44YKfqe4GyoSWa4sq2tiQehGZxQEAeePLlBNXiFr/WQG3k/nSu3X2Qk4H0USjaqPNzBYo=
cf-bgj: minify
server: cloudflare
etag: W/"7ad83dd7678a38931d45fc2301217529"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6f61fdf61e189962-FRA
expires: Sun, 03 Apr 2022 16:01:17 GMT

GET service-worker.js
patoshoje.com.br/ Frame 0
0

GET
H2 200 prebid_alright.js Show response
tagmanager.alright.network/ 359 KB
112 KB 12ms
12ms Script
application/javascript 18.66.248.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/prebid_alright.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_5oITrxyf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 562c0d79515363abe1631a1c850cc8dcb4fafcc52f24f34e0807b34c8afeed0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:51:55 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 20:24:54 GMT
server: AmazonS3
age: 580
etag: W/"463d36df974d9db365c359c4b6632747"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: q2BfBbF2grIt2cp_PqE2zLSzc4rbMUIQQQWuQ4uxYrJGaEqGs2-KPg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 131ms
58ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_5oITrxyf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ecf0b855aed06cdba6fcbdfa58950ead633b7c0cdd9b380b4141acc964f8558d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28200
x-xss-protection: 0
server: sffe
etag: "1176 / 886 of 1000 / last-modified: 1648850695"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 134ms
71ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R04Q4RCJ1D

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_5oITrxyf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c2ad2a40f166ded37f7b6b880be086b36960e978aa0cd834ed972353cb8b90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67119
x-xss-protection: 0
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H2 200 clientag.js Show response
warp.media.net/js/tags/ 554 KB
158 KB 671ms
600ms Script
text/javascript 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5776cb9ecde4644b2f20288a936cdb7fe24a861b26f04be2c149a5f910d63165

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: 8011474049305056811
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
date: Sun, 03 Apr 2022 13:01:18 GMT
expires: Sun, 03 Apr 2022 13:31:18 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 19 KB
8 KB 206ms
120ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11953-9/CT-806
Requested by: Host: patoshoje.com.br
URL: https://patoshoje.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 1e1175a2b17393b6d55fffcccc981fdfef862bffaf141b892886dd8236b6f328

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:08:51 GMT
content-encoding: gzip
age: 6746
x-guploader-uploadid: ADPycdsDzFR2_ones7pagCAHBpctoU1-WqKc3D1eq5h2kPbbWoK8FcVh_lStACJltWNf7DkAhNVhWTTvmNdd8dVw_GY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7795
last-modified: Mon, 21 Jun 2021 18:53:44 GMT
server: nginx/1.8.1
etag: "4721dce3fe53a7e1c73c8c49379ab7d1"
vary: Accept-Encoding
x-goog-hash: md5=RyHc4/5Tp+HHPIxJN5q30Q==
x-goog-generation: 1624301624764398
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 7795
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 03 Apr 2022 13:08:51 GMT

GET
H2 200 ws-DIWCXG5D.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
935 B 337ms
99ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-DIWCXG5D.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_5oITrxyf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5e2811c9c52811c43fa395031d209a26e30d3e220d98f10c3b549f70c10ae555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 19:11:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"0958e3d7d0d941164322ea9d82767eb1"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7427 41 KB
21 KB 144ms
79ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl&co=aHR0cHM6Ly9wYXRvc2hvamUuY29tLmJyOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=bxyo5t8au47e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d69598ad9a514509113e09f8742acc83999110bc1a174487406b5062a800204

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JMaO4DljVAP2hMa9mD6tUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21922
content-security-policy: script-src 'report-sample' 'nonce-JMaO4DljVAP2hMa9mD6tUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 41ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=patoshoje.com.br&callback=_gfp_s_&client=ca-pub-1234567890123456

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1234567890123456&plah=patoshoje.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f641140872030642762ef0055f47fd87c703f190e724f8413c9bc51b523e6b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 193ms
67ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=patoshoje.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 187ms
66ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=patoshoje.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6DB 603 B
68 B 146ms
86ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1234567890123456&output=html&adk=1812271804&adf=3025194257&lmt=1648990876&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpatoshoje.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648990876417&bpp=2&bdt=626&idt=381&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3075984362442&frm=20&pv=2&ga_vid=860023652.1648990877&ga_sid=1648990877&ga_hid=848292939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=6195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44761043%2C21066429%2C31066014%2C31062931&oid=2&pvsid=2944051212279048&pem=642&tmod=942271886&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=398

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:17 GMT
expires: Sun, 03 Apr 2022 13:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 141ms
76ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c662d8bfdc9feebee99e7dc556ea8cb38229d22e794634182e0a3c3f1070701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10677
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 82ms
81ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91Q2CWDTF5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20473477-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b7f8182dad7b31ce6eb8073962d94b8a89d03d2ee0367beea94adf753e5becb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66065
x-xss-protection: 0
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 102ms
101ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R04Q4RCJ1D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20473477-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

017f5d0d36f22ed3afbb639c61ef1bb4a75010d6562345e0ec22eadc3ea7ed0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66063
x-xss-protection: 0
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB8E 436 B
236 B 675ms
643ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5155950455221162&output=html&h=200&slotname=4654093518&adk=3001535480&adf=2188159854&pi=t.ma~as.4654093518&w=728&lmt=1648990876&psa=0&format=728x200&url=https%3A%2F%2Fpatoshoje.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648990876419&bpp=1&bdt=628&idt=421&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3075984362442&frm=20&pv=2&ga_vid=860023652.1648990877&ga_sid=1648990877&ga_hid=848292939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44761043%2C21066429%2C31066014%2C31062931&oid=2&pvsid=2944051212279048&pem=642&tmod=942271886&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tsU06gDUrF&p=https%3A//patoshoje.com.br&dtd=425

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd632cc428db4e788a93d8ec822df5f0d148cdd2a805d4bd2c2fe768b3bb41dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:18 GMT
expires: Sun, 03 Apr 2022 13:01:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 46ms
24ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220403

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d0f09a6538d72ce4b7e30c092d9661f11255d29ef032a613c6dc716cbacc38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36006
x-jsd-version: 1.0.1299
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-itm18835-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"670-+IZokjC+7hnE3+r5i4Jvmy/uPvA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f61fdf8bc1490ba-FRA
access-control-expose-headers: *

GET
H3 200 pubads_impl_2022032106.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 73ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 20:13:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Apr 2023 12:43:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
144 B 82ms
41ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=patoshoje.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

63e11417d77031f7ca3a7deebd2c9c0fd67ed2e2918d5b2ea3d71f907ed8a855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 7427 51 KB
24 KB 119ms
56ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl&co=aHR0cHM6Ly9wYXRvc2hvamUuY29tLmJyOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=bxyo5t8au47e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 16:07:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 7427 362 KB
143 KB 118ms
55ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146406
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Apr 2023 12:44:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 195ms
77ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
37 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-206735560-5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20473477-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46c29b2a0c8c946a8aa862a7614a5d0c173a387a8c822c9e4002f1ae2cfdfe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38131
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Apr 2022 13:01:17 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 55ms
33ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: patoshoje.com.br
URL: https://patoshoje.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:11:17 GMT
content-encoding: gzip
age: 35400
x-guploader-uploadid: ADPycdumF9eNkxs4KurRWkmhGJy5yjAreulcancb5fuzRBjxkk2iLgmIJ_bdp-MpCs3Us21BLxwHEpJ_my5ShzczOfc2GMrL2g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 04 Apr 2022 03:11:17 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
162 B 238ms
116ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-91Q2CWDTF5&gtm=2oe3u0&_p=848292939&sr=1600x1200&ul=en-us&cid=860023652.1648990877&_s=1&dl=https%3A%2F%2Fpatoshoje.com.br%2F&dt=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&sid=1648990876&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91Q2CWDTF5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 186ms
66ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20473477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5187
date: Sun, 03 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 03 Apr 2022 13:34:50 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 232ms
117ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R04Q4RCJ1D&gtm=2oe3u0&_p=848292939&sr=1600x1200&ul=en-us&cid=860023652.1648990877&_s=1&dl=https%3A%2F%2Fpatoshoje.com.br%2F&dt=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&sid=1648990876&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R04Q4RCJ1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
975 B 60ms
22ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8594
content-type: application/javascript
x-amz-request-id: tx936e37cd1550438eac0ae-00623993ca
x-amz-id-2: tx936e37cd1550438eac0ae-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqYvHqXi7xuCmJwywHXowlCybMrNQABP6vED4fa2Ig604SXBFFtEWqmgmsNHQgywZOr6s9MdWSwiRJO8IMQxZmrq0TDmaSxqN%2BheujCEVVrwd11EnGJoPp%2FeJINUJ%2BNr4oIU9BmFGRYKr8i2"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1647940521027959
cache-control: public, max-age=1800
cf-ray: 6f61fdfa4b129bb6-FRA
expires: Sun, 03 Apr 2022 13:31:17 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/patoshoje.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/patoshoje.com.br/ROS?rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https...
https://pbjs.e-planning.net/hb/1/4d628/1/patoshoje.com.br/ROS?ct=1&r=pbjs&rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-...

375 B
790 B

16ms
16ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/patoshoje.com.br/ROS?ct=1&r=pbjs&rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpatoshoje.com.br%2F
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2dce6282a65f940eb2aba06e29ef0f9a2e849897f78d07e8225d2759b76d52fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://patoshoje.com.br
expires: Sun, 03 Apr 2022 13:01:17 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 375
x-sid: AMS-739

Redirect headers

date: Sun, 03 Apr 2022 13:01:17 GMT
server: openresty
access-control-allow-origin: https://patoshoje.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/4d628/1/patoshoje.com.br/ROS?ct=1&r=pbjs&rnd=0.15649368854706136&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fpatoshoje.com.br%2F&pbv=6.1.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpatoshoje.com.br%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-739

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
558 B 324ms
110ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 189ms
114ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=351754&zone_id=1870842&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fpatoshoje.com.br%2F&tk_flint=pbjs_lite_v6.1.0-pre&x_source.tid=022c71b7-c533-4eb7-aedb-430bb31c61f0&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.1795532413094989
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 707a3c1024ed19e084cd6ae6b66e43c8919b4e16b87580c0658ad55194f3eec0

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:17 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://patoshoje.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 urls.json Show response
vpaid.vidoomy.com/sync/ 1 KB
826 B 838ms
7ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urls.json
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b471388eaff3d92236c0dc880554f5e839dfacb525b4f6983435937dbba0ecb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
x-77-nzt-ray: RI1wFZLt7tM
x-77-cache: HIT
x-cache: HIT
x-age: 443454
x-77-nzt: Abk73BD60ff/PsQGAA
x-accel-expires: @1649584224
last-modified: Wed, 09 Feb 2022 09:46:55 GMT
server: CDN77-Turbo
etag: W/"62038d8f-57f"
vary: Origin
content-type: application/json
access-control-allow-origin: https://patoshoje.com.br
access-control-allow-credentials: true

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
142 B 446ms
360ms XHR
text/plain 18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&w=728&h=90&pos=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.60%20Safari/537.36&l=en&dt=1&pid=51743&requestId=8adf868e6b72b9&d=patoshoje.com.br&sp=https%3A%2F%2Fpatoshoje.com.br%2F&usp=&coppa=false?videoContext=undefined
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://patoshoje.com.br
date: Sun, 03 Apr 2022 13:01:18 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 414ms
96ms Script
application/javascript 34.192.67.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=DIWCXG5D&h=https%3A%2F%2Fpatoshoje.com.br%2F&t=1648990877116
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-DIWCXG5D.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-67-210.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 658f91e34b0b81c542296697d1587711cc333f09afb1cbdbf68103f605b71490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:18 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 54ms
10ms Script
application/javascript 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-DIWCXG5D.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:53:32 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 32866
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: vJ509PiXYo1ojy0Xq2FjykaBS3K9TYv5GHDxe2vP1zR-YsKKCZWTcQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 56ms
9ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-DIWCXG5D.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 10 Apr 2022 13:01:17 GMT

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 65ms
31ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:33:25 GMT
content-encoding: gzip
age: 34072
x-guploader-uploadid: ADPycdtW7_TGJ0UIpGek8EVdfhWY0WOYf4gmOGmcWvi4Z7TMkqyBJc3GqKlSiP8KlMf29GPjdLbjlr-R77klu4fyZCQRnsj_9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 04 Apr 2022 03:33:25 GMT

GET
H2 200 trk
tt-11953-9.seg.t.tailtarget.com/ 70 B
619 B 212ms
129ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-11953-9.seg.t.tailtarget.com/trk?tA=TT-11953-9&tJ=_channel:alr-patoshoje:1&tK=1648990877&tM=direct&tL=direct&tN=direct&tY=3&tZ=547402431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 70ms
38ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1033594
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx18cbeffb01594eb0a4252-006239940e
x-amz-id-2: tx18cbeffb01594eb0a4252-006239940e
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVYD24o8QC61w89J6SMf%2B2tP%2FqKhJuch%2BUHH%2BZiS00WWgKjjwP77V2d7qrZMoluixnD2i1WKxrptpYARhQfh%2FROPYqBxe1GcZ%2Bu6uuOhaU6tj0u4YvYsDSk2fpC5cEof0r5U5784t6pvXyr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f61fdfaa85f918e-FRA
access-control-allow-headers: Authorization

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9=

0
190 B

14ms
13ms

Image
text/plain

108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9=
Protocol: H2
Server: 108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Ah8uQXRGb7vpqpIkelZSOic40x7vUng0EhoOhV_lBLpDpxo6U50jnQ==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=22153319&ns__t=1648990877173&ns_c=UTF-8&cv=3.5&c8=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&c7=https%3A%2F%2Fpatoshoje.com.br%2F&c9=
date: Sun, 03 Apr 2022 13:01:17 GMT
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: bqtS8s9Vxd-EdXA39Ig33cjE0SVKsDKAoTWYjGLlP1y8WQd5aClMKA==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
429 B 48ms
19ms Script
application/javascript 2600:9000:2315:3400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 17:04:54 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
age: 71784
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: yyemmgGJLzh5xRUNAy-DY2_8sUiA3pBbuyIEGv-Gs-jKPl1TGAns_Q==

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
353 B 156ms
133ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 406d8c42a0a8d0b2fda0883cf0c21a0c986d8ed7485bb8176bfa86a52438375f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:17 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 94CA 13 KB
5 KB 122ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 12:47:58 GMT
expires: Mon, 03 Apr 2023 12:47:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A0C3 783 B
535 B 65ms
64ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37ce6b98c2f7a8489a4a20237c52650a3eb3e0d50643984d52afad2a7bf4a7f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-efx6aQcu678HSzHpalR01w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-efx6aQcu678HSzHpalR01w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:17 GMT
expires: Sun, 03 Apr 2022 13:01:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel;r=864557582;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fpatoshoje.com.br%2F;uht=2;fpan=1;fpa=P0-2126807459-1648990877248;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=patosho...
pixel.quantserve.com/ 35 B
372 B 48ms
15ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=864557582;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fpatoshoje.com.br%2F;uht=2;fpan=1;fpa=P0-2126807459-1648990877248;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=patoshoje.com.br;je=0;sr=1600x1200x24;dst=0;et=1648990877248;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 126ms
62ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=848292939&t=pageview&_s=1&dl=https%3A%2F%2Fpatoshoje.com.br%2F&ul=en-us&de=UTF-8&dt=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=543309949&gjid=439604405&cid=860023652.1648990877&tid=UA-20473477-1&_gid=1846552929.1648990877&_r=1&gtm=2ou3u0&z=1519663320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 107ms
62ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=848292939&t=pageview&_s=1&dl=https%3A%2F%2Fpatoshoje.com.br%2F&ul=en-us&de=UTF-8&dt=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1291405108&gjid=1087132172&cid=860023652.1648990877&tid=UA-206735560-5&_gid=1846552929.1648990877&_r=1&gtm=2ou3u0&z=719040117

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7427 102 B
134 B 63ms
63ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LceshkaAAAAALYzg55wQf2WTy8BWRecv6Et2_sl&co=aHR0cHM6Ly9wYXRvc2hvamUuY29tLmJyOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=bxyo5t8au47e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 03 Apr 2022 13:01:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 117ms
36ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20473477-1&cid=860023652.1648990877&jid=543309949&gjid=439604405&_gid=1846552929.1648990877&_u=YADAAUAAAAAAAC~&z=1560162509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 03 Apr 2022 13:01:18 GMT
content-type: text/plain
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A0C3 0
0 106ms
106ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=2944051212279048&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 9F86 22 KB
8 KB 42ms
35ms Document
text/html 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d03687de8a9f1f810e9ee4b6813f97973483788707d351588fd0286af7929956

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7997
content-type: text/html; charset=UTF-8
date: Sun, 03 Apr 2022 13:01:18 GMT
expires: Tue, 05 Apr 2022 13:01:18 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 176ms
10ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://patoshoje.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://patoshoje.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 03 Apr 2022 13:01:18 GMT
server: ATS/9.1.0.33

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 174ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://patoshoje.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://patoshoje.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 03 Apr 2022 13:01:18 GMT
server: ATS/9.1.0.33

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
600 B 23ms
23ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8583
content-type: application/javascript
x-amz-request-id: tx936e37cd1550438eac0ae-00623993ca
x-amz-id-2: tx936e37cd1550438eac0ae-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TqwcygFKYnIg%2Bmk8R0q56fi3bsyniwtTNi7wKDKWLaeVZmDtJ8VINOQMK84JMf1XjthV9WWMlTGnyI4iwi%2FmjLNBnxfgn56Q8E2ws4AEHGsJxg5o8WKHaGI2K1ocH85RK4d13cBOGyMuigO"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1647940521027959
cache-control: public, max-age=1800
cf-ray: 6f61fdfd496e9bb6-FRA
expires: Sun, 03 Apr 2022 13:31:18 GMT

GET
H2 200 config Show response
prebid.media.net/rtb/prebid/analytics/ 45 B
302 B 60ms
22ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU8Y84F0&dn=patoshoje.com.br
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://patoshoje.com.br
cache-control: max-age=900, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Sun, 03 Apr 2022 13:16:18 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
296 B 97ms
80ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 38acb41b68a60231f4367287174ce7ef7d0cb0fb860d7dd7e321d817d446a7db

Request headers

Referer: https://patoshoje.com.br/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://patoshoje.com.br
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 107ms
88ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: b1fc70f5a7b06c546ae49fc60b9388dae8c1fed92b08a228103372897755dacd

Request headers

Referer: https://patoshoje.com.br/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://patoshoje.com.br
access-control-allow-credentials: true
content-length: 66

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 1978ms
200ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://patoshoje.com.br
date: Sun, 03 Apr 2022 13:01:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
141 B 328ms
327ms XHR
text/plain 18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_DESK__mp__1&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=8ea423ce79972a&d=patoshoje.com.br&sp=https%253A%252F%252Fpatoshoje.com.br%252F&usp=&coppa=false&videoContext=
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://patoshoje.com.br
date: Sun, 03 Apr 2022 13:01:18 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
141 B 286ms
286ms XHR
text/plain 18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_MOB__mp__1&w=320&h=100&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=9f19e276dff39f&d=patoshoje.com.br&sp=https%253A%252F%252Fpatoshoje.com.br%252F&usp=&coppa=false&videoContext=
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://patoshoje.com.br
date: Sun, 03 Apr 2022 13:01:18 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
338 B 19ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:17 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
338 B 38ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
855 B 123ms
90ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU8Y84F0
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50059c67014a27acb4e4a31d4d9485510823156a0f44f1c59f4142132f2fbf93

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 475 B
932 B 89ms
88ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=351754&zone_id=1870842&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fpatoshoje.com.br%2F&tg_i.adUnitCode=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_DESK&tg_i.tref=1&tg_i.mnrf=0&tg_i.mnrfc=0&tg_i.src=mnjs&tg_i.pbadslot=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_DESK&tk_flint=pbjs_lite_v6.6.0&x_source.tid=51e20b73-d7e5-491a-98e0-07db24a33246&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31962087510552073
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 22437c677a85fa9a4f80dc5cfbc9ddb273f6e8576c9799ca36c7e4e387b5ce52

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://patoshoje.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 475
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 481 B
938 B 137ms
107ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=351754&zone_id=1870842&size_id=19&alt_size_ids=43%2C44%2C117&rf=https%3A%2F%2Fpatoshoje.com.br%2F&tg_i.adUnitCode=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_MOB&tg_i.tref=1&tg_i.mnrf=0&tg_i.mnrfc=0&tg_i.src=mnjs&tg_i.pbadslot=%2F21830119956%2C22384740804%2Fpatoshoje.com.br%2FWIDESCREEN_ENGAGE_MOB&tk_flint=pbjs_lite_v6.6.0&x_source.tid=272f2097-a718-4d67-935e-0c3cb02e5ff5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05418896884288715
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a2ea9cbc946341697213ca125e9ce507bb8d2eb714fc1371665e5d82aef57b13

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://patoshoje.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 481
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 38ms
11ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 prebid Show response
mp.4dex.io/ 0
321 B 57ms
33ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6f61fdfd9aaf91e9-FRA
x-err: Parsing the Prebid Request. org/site not found
expires: 0

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 94CA 35 KB
13 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 b Show response
b.t.tailtarget.com/ 148 B
150 B 162ms
129ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11953-9&tY=1&tS=3&tU=0100007F9D9A4962B7065F2702247B05&tX=b.52&tZ=810506889&env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 5a27add747a82e9cb776290b1639e64fc6dc96e3b7b0a731b7ac7e40acbe1ea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 2 KB
1 KB 98ms
98ms Script
application/javascript 34.192.67.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=DIWCXG5D&h=https%3A%2F%2Fpatoshoje.com.br%2F&t=1648990877116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-67-210.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 006069d090e6a67762805d9c51480a15173b4ced41338661d8897633e429088c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:18 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
22 KB 24ms
23ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1033595
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx18cbeffb01594eb0a4252-006239940e
x-amz-id-2: tx18cbeffb01594eb0a4252-006239940e
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYJjUnsYPYCcZrWezn8PcHO2RFmoFFu0bsX0S%2Bs%2FoXXzmuitEtcC0%2F%2BxXZYRyC3XgMsjXN4e6%2BNFBIvQXubbFp2Cooqo4U6pykA5kTbaCAcVgc845kESWvZ3jqueNw463SfAEXwNzuB30qdA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f61fdfddfc8918e-FRA
access-control-allow-headers: Authorization

GET
H2 200 / Show response
c.mgid.com/pv/ 0
44 B 120ms
113ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1648990877751913280320&uniqId=1639c&lct=1648598400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.patoshoje.com.br&lu=https%3A%2F%2Fpatoshoje.com.br%2F&sessionId=62499a9e-0b701&pageView=1&pvid=17fef83f838b6e86299&site=782112&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f61fdfe3d998fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 32ms
24ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FY75M483VQ0RS4R6
x-amz-id-2: 3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f61fdfe6dec8fc5-FRA
expires: Mon, 04 Apr 2022 13:01:18 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
905 B 29ms
23ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 1141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G7XVAWHV2A1TM5YQ
x-amz-id-2: YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f61fdfe6deb8fc5-FRA
expires: Mon, 04 Apr 2022 13:01:18 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 100ms
99ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 retargetly_univ_2.js Show response
wfpscripts.webspectator.com/third_party/ 612 B
578 B 202ms
201ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 20:05:54 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "302fb998d90e2452d81370c4e03fa940"
x-cache-status: MISS
content-type: application/javascript
content-length: 394

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
5 KB 181ms
55ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:08:03 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 200ms
199ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62-alright.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 202ms
202ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62-alright.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2889&vId=0F4B06E2D183D728&dads=0&lts=0&nv=1&s=5728&res=1600x1200&c=1&l=en&r=&sr=&ts=1648990877685&rs=0&h=https%3A%2F%2Fpatoshoje.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fd5aee825e6b73ceb4e6838167db768d76b5b08d4c5029b91706769148c5abe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 15:10:48 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "775296412e1ecc67c07010d2d3784ece"
x-cache-status: MISS
content-type: application/javascript
cache-control: max-age=0
content-length: 23758

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 94CA 0
9 B 56ms
55ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qhjuNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1 Show response
servicer.mgid.com/1274524/ 2 KB
1 KB 48ms
38ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1274524/1?pv=5&cbuster=1648990877851922887099&uniqId=1639c&lct=1648598400&niet=4g&nisd=false&jsv=es6&w=312&h=400&cols=1&ref=&cxurl=https%3A%2F%2Fwww.patoshoje.com.br&lu=https%3A%2F%2Fpatoshoje.com.br%2F&sessionId=62499a9e-0b701&pageView=1&pvid=17fef83f838b6e86299&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f35d0c705f8f32d14082ea95a54dc5034ff142f28960c6a6d63e608f3da5e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6f61fdfedea88fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 45ms
43ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 4195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WYJFAHZEWX29G5P1
x-amz-id-2: 7OhnRNS5qYiPixt1bdMACoBnVA6U2fTn+4wxcph9JgZ8A6Wf5wu7tffo1ahPOZVgwaHgPHNZELo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f61fdff395d9962-FRA
expires: Mon, 04 Apr 2022 13:01:18 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 27ms
24ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TAP7D9AX42CTQWCM
x-amz-id-2: yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6f61fdff39669962-FRA
expires: Mon, 04 Apr 2022 13:01:18 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlN...
s-img.mgid.com/g/11739870/492x277/-/ 17 KB
17 KB 184ms
129ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739870/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlNjQzMGUxMWJiNTA1MmIzMDkuanBn.webp?v=1648990878-SDQlsIgFXJGUZiSPrtQVTX6KqPJcoScfzzWYjiESOGQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0

Request headers

Referer: https://patoshoje.com.br/
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 0550bd05-a08f-4ad7-b7e5-6e4e13ec3c3f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f61fdff9cab997b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17578
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOWZkOGFkNWU5ODE2MzgzZ...
s-img.mgid.com/g/12581068/492x277/-/ 13 KB
14 KB 181ms
127ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581068/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOWZkOGFkNWU5ODE2MzgzZDk5YWQ5ZWZmMzJmMWU2NTEuanBlZw.webp?v=1648990878-w0Yb3FOJg2MRiB6MGy-1XIb59_grL60z96_TdMc-_1s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6386bf271a34bec35e52dd9c456e5b36bd66e3e5027998114ef9c8355b7de358

Request headers

Referer: https://patoshoje.com.br/
Origin: https://patoshoje.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 09:38:54 GMT
x-mg-request-uuid: c5112ed2-b412-45dd-b01e-01bec3097abe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6f61fdff9cad997b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13386
server: cloudflare

GET
H3 200 ca Show response
tt-11953-9.seg.t.tailtarget.com/ 78 B
116 B 128ms
127ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11953-9.seg.t.tailtarget.com/ca?tZ=846961502&env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 0d7960ddcfce97273faf82abce5921039d78c9acac3b8360ee1a814f70915be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=vidoomy&expires=10&bsw_param=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa

43 B
316 B

78ms
18ms

Image
image/gif

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
Date: Sun, 03 Apr 2022 13:01:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526uid%253D%2524UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&uid=5698409636443220784

0
426 B

63ms
7ms

Image
text/plain

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&uid=5698409636443220784
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:18 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 392a99a7-99f3-4969-beda-c1966eee97e6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&uid=5698409636443220784
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 86ms
20ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:17 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
350 B 127ms
48ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: te5ssumsmek00k4ben60hd1d8t1b7a2t

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ 0
0 379ms
20ms Image
text/html 2.20.157.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-2.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 109ms
21ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58573/occ?gdpr=
https://ups.analytics.yahoo.com/ups/58573/occ?gdpr=&verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-AnQfsE9E2uFQ1MwIoc8fZYPaOA.l4xRdW58lMjo-~A

43 B
404 B

13ms
13ms

Image
image/gif

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-AnQfsE9E2uFQ1MwIoc8fZYPaOA.l4xRdW58lMjo-~A
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-AnQfsE9E2uFQ1MwIoc8fZYPaOA.l4xRdW58lMjo-~A
date: Sun, 03 Apr 2022 13:01:19 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://a-prebid.vidoomy.com/setuid?bidder=improvedigital&uid=fd0ce317-8db8-4de2-9b8f-f4ab0d10d098

0
454 B

14ms
8ms

Image
text/plain

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=improvedigital&uid=fd0ce317-8db8-4de2-9b8f-f4ab0d10d098
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=improvedigital&uid=fd0ce317-8db8-4de2-9b8f-f4ab0d10d098
date: Sun, 03 Apr 2022 13:01:18 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ 0
75 B 100ms
17ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-length: 0

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 144ms
134ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1648990877979348299107
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f61fe00086f8fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 8777 0
102 B 115ms
114ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1648990878023573555846
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/patoshoje.com.br.1274524.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f61fe00188f8fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 loader Show response
api.retargetly.com/ 11 KB
5 KB 187ms
143ms Script
application/javascript 2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/loader?id=3368
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86dc548ccb2ee59c42504610c2995a349208d070c1b9dce262e48a4cb836bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe007eff9b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/javascript
expires: Sun Apr 10 2022 13:01:18 GMT+0000 (Coordinated Universal Time)

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 471ms
100ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=48707d7d-bd4e-120f-f612-edc887793afe&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-140-75.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 03 Apr 2022 13:01:19 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 177ms
130ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11953-9&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1648990878438_3117783977&tJ=&tQ=alr-patoshoje&tU=0100007F9D9A4962B7065F2702247B05&tX=b.52&tY=1&tZ=712818939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:18 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 T2.min.js Show response
resources-rt.idx.lat/ 18 KB
7 KB 240ms
47ms Script
application/javascript 2606:4700:10::6816:4acb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources-rt.idx.lat/T2.min.js
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=3368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4acb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f342e7773cb9fc082c703dee6e979cb662fb970a29a7831e4640e8cf833076d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4872
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 19:37:21 GMT
server: cloudflare
etag: W/"0b9b5ba9eeecaf8a64c284aab84d9ef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P6
cf-ray: 6f61fe02ae389122-FRA
x-amz-cf-id: BPk-xpMXta2e1APhqt6PpIHbZtBIhNxClqd6R-Dha_ehklvHkg3dUg==

GET
H2

200

api Show response
api.retargetly.com/ Frame 41EF
Redirect Chain

https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abr...
https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abr...

2 KB
1 KB

125ms
125ms

Document
text/html

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=3368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d49e4c9ecffaec121a657747ad3e83b3c16fb3e35bb219dd5fbf070cc3b5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 6f61fe026b559b64-FRA
content-encoding: gzip
content-type: text/html
date: Sun, 03 Apr 2022 13:01:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

Redirect headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 6f61fe0189779b64-FRA
content-type: application/javascript
date: Sun, 03 Apr 2022 13:01:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: /api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=2944051212279048&bg=!ZGelZyPNAAZku-1yRLs7ACkAdvg8WjHqhbjVvyKUUJaK21Pp8fbVWCo9U_zendZuiXfbMrbGlEW9JQIAAABtUgAAAAJoAQeZAvwBRCqkiD57w9obpb3EHibOIBR9XMgMzUTmWO4t539VyjNIeaWrK1jPtkHSocOTJoAhO7UhY_KOJCKf__SYLmON50NO7Y6E9zsRb3GJ1I46GKaoj6aYhYc8j_cLWRrepcGFAtASwry7Gx1wiFnEz8gzxrMGXvhaPL6p9lXYHta9U5kamBlvY8uDkeDetGT4k5CP3_u9AdchGiZ-7Xjo8gxytDt_z_KxnQR9_j5FLQCtKeydqGCB0VUZUVRCSjnbWA4i_Wr3Yh6k7-wqC5v8sWGWVZs3D5RSNcybLGCzLHpsmE9srCr9Q5wz6OBYYxox3L_oln8Wg0tyUgnT159ypDOvWyTNa3tjoOgjyc-zZXETDD7wpeIC60e5dP_ymX2BPxqynL6w7v-xXziDyML_WZEuEkuXLJduWBBM6JHXzKkK7WyQqs8cEmvz7AJ0C9AzDzBErqAx6__HAn3Y05Z7h2kXsOKPmWNe8ItUNKazo9wLffRStJHVGB-qDPol4UxjPEduhmSMRKy4Lwmf4KOGyI2RS1wdi2RRI8pLQz0JD756ip78TVLVNORP4E4nBbHxbyHMDrC-jrvy5rk7Kf8lITwUpZ9u7pK2LB6ngjME5iWEiKaoafTID8n4ygKhCMRGa9Va3-gYx4hHXDH8tayh0N3CNwj8V-jznSO0x-rVYfrLj1xRpvxY-LzJl7T_a-Mv4M-Zt9bLYqaLdgqYCL3CDJ-uVZX2poD7ebtOQJJmXSI39NrU3KvSc9jrXelNJGDR568Q-M0P41zC7-e_ccysh_GtFuEsGtO72Jy9fjpun9h_abQHRawi6yKmZ7GoftFm_EBBvdihb0E18zkIbEF_xr-8a9mt1vsqGkbzMeDMHrdy1xJaIAf83nTf58OPk8nIGyEs4aM4EcgodUMxNdZfFF7cPFdHHZNiaJji9K_8yZjDHIa3_G2gOIKFJi9ThlM1lDAy2OpxtmHbEpzZwkChcoG99nJsF73UZTMDznrvZ9VScr-YMO9XaNZQZShbUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 500 / Show response
rt.idx.lat/idx/ 44 B
247 B 340ms
140ms Fetch
application/json 52.0.134.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.idx.lat/idx/
Requested by: Host: resources-rt.idx.lat
URL: https://resources-rt.idx.lat/T2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.134.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-134-127.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 0133490a55e15332db76bd206213d985c0473769a8978058980a3e115a7f4daf

Request headers

Referer: https://patoshoje.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
server: awselb/2.0
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: https://patoshoje.com.br
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 44

OPTIONS
H2 200 /
rt.idx.lat/idx/ Frame 0
0 383ms
119ms Preflight
application/json 52.0.134.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.idx.lat/idx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.134.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-134-127.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://patoshoje.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://patoshoje.com.br
content-length: 0
content-type: application/json
date: Sun, 03 Apr 2022 13:01:19 GMT
server: awselb/2.0

GET
H2

200

sync
app.retargetly.com/ Frame 41EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MmRjMTc2NTAtYzkyYy00YThjLTlmMTMtN2ZlZDNlZmI3Njk1&google_cm
https://app.retargetly.com/sync?pid=11&google_gid=CAESEFzyodNxYop89IOAHaM3EYM&google_cver=1

68 B
410 B

116ms
116ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?pid=11&google_gid=CAESEFzyodNxYop89IOAHaM3EYM&google_cver=1
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe03ff189b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://app.retargetly.com/sync?pid=11&google_gid=CAESEFzyodNxYop89IOAHaM3EYM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 41EF 1 KB
2 KB 780ms
28ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master cdg-pixel-x24 config:1.0.0 /
Resource Hash: 6c2b03c27bf24fb1b63bb1a80a472668cc384988edcb005fc7d4b4b65c939989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: MT3 4320 2f2dfe5 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1486
Expires: Sun, 03 Apr 2022 13:01:19 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 41EF
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166

95 B
425 B

39ms
39ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166

Requested by

Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&_rand=1648990879166
date: Sun, 03 Apr 2022 13:01:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK 28347
tags.bluekai.com/site/ Frame 41EF 62 B
304 B 316ms
182ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/28347?limit=0&id=2dc17650-c92c-4a8c-9f13-7fed3efb7695&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:19 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

sync
api.retargetly.com/ Frame 41EF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=83i98y4&ttd_tpi=1
https://api.retargetly.com/sync?pid=13&sid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f

68 B
414 B

114ms
114ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.retargetly.com/sync?pid=13&sid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe040f3b9b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://api.retargetly.com/sync?pid=13&sid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/retargetly/ Frame 41EF 0
191 B 20ms
19ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:18 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 41EF 0
123 B 254ms
40ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=RTGLY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:19 GMT
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H2

200

sync
app.retargetly.com/ Frame 41EF
Redirect Chain

https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
https://app.retargetly.com/sync?sid=5698409636443220784&pid=2

68 B
410 B

127ms
119ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?sid=5698409636443220784&pid=2
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe039e499b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:19 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 020b8bc6-b131-48ab-a256-10b3aa50dcf1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://app.retargetly.com/sync?sid=5698409636443220784&pid=2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/retargetly/1/ Frame 41EF 43 B
230 B 56ms
15ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/retargetly/1/cm
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648990879.286769,VS0,VE9
x-served-by: cache-hhn4055-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

sync
app.retargetly.com/ Frame 41EF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID&rdf=1
https://app.retargetly.com/sync?pid=14&sid=5343D3EF-1F7B-4062-9346-5F076558F7A9

68 B
465 B

131ms
131ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?pid=14&sid=5343D3EF-1F7B-4062-9346-5F076558F7A9
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe075e9c9b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

Redirect headers

location: https://app.retargetly.com/sync?pid=14&sid=5343D3EF-1F7B-4062-9346-5F076558F7A9
date: Sun, 03 Apr 2022 13:01:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
bcp.crwdcntrl.net/map/ct=y/c=11530/tp=RTRG/ Frame 41EF
Redirect Chain

https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
https://bcp.crwdcntrl.net/map/ct=y/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695

49 B
279 B

28ms
28ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.17.146
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=11530/tp=RTRG/tpid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
cache-control: no-cache
x-server: 10.45.21.124
content-length: 0
expires: 0

GET
H2 200 sync
sync.teads.tv/rt/ Frame 41EF 2 B
162 B 83ms
33ms Image
text/plain 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/rt/sync?vid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&gdpr=0&us_privacy=%221-N-%22
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 03 Apr 2022 13:01:19 GMT
server: akka-http/10.2.7
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2

200

sync
app.retargetly.com/ Frame 41EF
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1
https://app.retargetly.com/sync?sid=6574944955898817877

68 B
125 B

116ms
116ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?sid=6574944955898817877
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe057a4f9b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

Redirect headers

location: https://app.retargetly.com/sync?sid=6574944955898817877
pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 cm.os
ads01.groovinads.com/grv/track/ Frame 41EF 43 B
591 B 313ms
258ms Image
image/gif 172.67.23.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads01.groovinads.com/grv/track/cm.os?p=RT&u=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:19 GMT
cf-cache-status: DYNAMIC
x-server-origin: app07.groovinads.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, must-revalidate
x-server: app13
cf-ray: 6f61fe044e729be8-FRA
expires: 0

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 41E9 3 KB
1 KB 27ms
27ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master cdg-pixel-x28 config:1.0.0 /
Resource Hash: c386a73dc3fdcbe3c96812ee6b527b49e4b7f7a420b95756bfd700df3ca75b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 901
Content-Type: text/html
Date: Sun, 03 Apr 2022 13:01:20 GMT
Expires: Sun, 03 Apr 2022 13:01:19 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4320 2f2dfe5 master cdg-pixel-x28 config:1.0.0
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 41EF 43 B
525 B 33ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fpatoshoje.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Patos%20Hoje%20-%20Not%C3%ADcias%20de%20Patos%20de%20Minas&md=Fundado%20em%20abril%20de%202008%20com%20a%20miss%C3%A3o%20de%20levar%20not%C3%ADcias%20com%20responsabilidade%20a%20toda%20a%20popula%C3%A7%C3%A3o%20de%20Patos%20de%20Minas%20e%20Alto-Parana%C3%ADba&mk=&il=0&limit_drop=&userid=2dc17650-c92c-4a8c-9f13-7fed3efb7695&idx=&_rlid=2dc17650-c92c-4a8c-9f13-7fed3efb7695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:19 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 41E9 43 B
517 B 29ms
29ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=105057&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master zrh-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:19 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 41E9 43 B
525 B 20ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
64ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=patoshoje.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
64ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=patoshoje.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 332ms
332ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944051212279048&correlator=3735316585752772&eid=31065402%2C31066014%2C31062931&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=21830119956%3A22384740804%2Cpatoshoje.com.br%2CWIDESCREEN_ENGAGE_DESK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&adks=3356148919&sfv=1-0-38&ecs=20220403&fsapi=false&prev_scp=sitestructure%3DRON%26pageposition%3Dabovefold%26iabtaxonomy%3DNews%2520and%2520Politics%26adposition%3Dwidescreen%26hb_prebidmanage%3D1%26hb_abt%3Dmp&eri=1&cust_params=ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna&sc=1&cookie=ID%3D73b5923eb7b55d1a-22c428206dcd0061%3AT%3D1648990877%3ART%3D1648990877%3AS%3DALNI_MbVBwJqpZ9yiXrtJheh1jdDzgnzYA&abxe=1&dt=1648990879624&lmt=1648990879&dlt=1648990875791&idt=1287&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpatoshoje.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=0x-1&fws=640&ohw=0&ga_vid=860023652.1648990877&ga_sid=1648990877&ga_hid=848292939&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

94779930883bdf274a126f570939691cfec840662c4c78668e0096bd3f6fb8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10071
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://patoshoje.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 957D 6 KB
4 KB 239ms
67ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:20 GMT
expires: Mon, 03 Apr 2023 13:01:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 187ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68a2c8b881b84d8b2478f5b5cecdb1502a777ae59284989b096298bc91ff6342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28202
x-xss-protection: 0
server: sffe
etag: "1176 / 312 of 1000 / last-modified: 1648850764"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 03 Apr 2022 13:01:20 GMT

GET
H3 200 container.html Show response
23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8502 6 KB
3 KB 119ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:20 GMT
expires: Mon, 03 Apr 2023 13:01:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 064C 624 B
297 B 66ms
65ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGM3Z6MYBMAE&v=APEucNWNbkU9P21-u9JOIOIYOQGQqWYoeA4Ufr_qPkDxrLhrknnnFpWSvRJe8oQtrVq8gbefwUBhA9PPp7hWw1ZFMtTGIs7BQ7vQHEI0bid0hBcwgEGrMBtzk5nYhJSAh34e1k0jhNIhzm-HdT3JsmgFPk-6WknR3RUlycnnKFuzSnen-eHZ66Y

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8502 60 KB
30 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs-j8K_ipLt166vwqSgqNmSY4GREYc5ak5RdnU-ffA3_pUBzMwv3vWHkz6tNaFDJ5n23Xxpg7ZTgEiSNBP8U-YSwqw1dsfv1-tl9PLXG3uydlE_Ybudc5XaaAnsSYH6jGLNFw85g87AlRlyjETLEk4aJ0Drw&dbm_d=AKAmf-Bl1z3axMbZrEjZW_kCJaJF_qhsD_0WzmsTnB6EE8NReVFMYncT-JSwqXECJDqbgdmYRK971h7jinQZv3POjpwe13gQuiblATG--4KOZo6mwTGmD7GAfzxRFx4GOwtIka-YXKWJt8H8eofTtiuq1rPl_su7uN4ayDZEUJ8NJ3WMVFdZcwjf3ewn_grCGlhr1KiTsfFZ_Hd8tUElJn01LCvssj_bLYKyDlfCQDrvk7XZPcvhyiLfsVYQFoz991T29Z5Icuj98e7LVyftG38UZDPzozwOZCJZ_SuwKnUBqzkdoAe8rF9qxV40RbAwrjqGqUeWfSMxSF51sDBf_ArHQM7l6fklmFIFWmn6bXnuGUA83_nqG6L-CO5Epx2F4f66fTmE5e6JY4UEGzNYVU_gdpO_cImzGhoXi3A24R4PiiCa8sAM8aouoJQ09XVwDLPmklzMV7k6bEZRD1xTDTmQudP5gD0jCJqNu5bGMGU50O92bbTbYR0KLKGxUnNGiMAexBHGhTE22vhCLZV_AZnGF2hFls1n9dePQklpZ8y6H7o_-Sc7uEiRmXBxECUtG5kgJ2vt5Ex1PQkEQ7Fd54EGYaTn4QHuc6Glgd1_Hu6wmMzP7cWK4NKECC_ZSJeSn3uUrlXuYwkaI-3lX7TXJYwC-aK_aAvtMdYLEeoxKtqOy8WSjXiSU2Hp628nNIowEqkEMONoyHqNezVxPsebJmH_5cPS83F_eRkyTQ-5FWxpBG5nXqTLz3hwMOrjLT09qStqalb-mf4l40Jd8JsgMr_UlSsmfH_RSvnHJdg6FIeVPpGGcqyIXPQbMDve-iKkwzzWoj_Io7NGniwIkcGs7-BjtjCOwnKcGCJTFheRbKOlM1gFCT7J024HphpLTKnZAk8Rsk_d0bAnwkP1MtK23WeR4cf-47naUDe2sJQc7Z0ohJ0nOMLiUmzcOX0N9o-wNXt7KbRvRWwuYhhiZvUHWBfWy_D_jQ_MNqhCf5lOpRoYLUIidZWvloGRj4Gz8IqpuUUGyZp9FQniNk7Dq47AJIFutmHSMi5c-MTKkX6JCJjek0bTNY_jE5Jk2wd4mWjrCmEp79diXGg1hHb6nJt9H1QvmjPbyKQumzx3qFVg4S8CQFrNcaSxS7qdIhyEafAkwPVD1MRAYynNMbQqwjSiQOnPqBTexrp9nod0hU2l48xLznw2-Dqonyb3j2Y3SuziIUMseKeZzDKvhZgppdOWDjwiVtGqT8ITfG2_JXXwwVX6ybp0W29vq7ql8Eo2CfXApF4cm1eKmdtGRij5WzulTWp36NfpT3WnWrxpQ0lvNGbPVUkO-Cz8e5HuTyeWv-bktbsI7qEHQa0o6pLi4PMRGCEbgTK4LheHThNvuq8C3ZV6hOqKMRLXuwWNnKpH_42BIzqyrFZ51UUriM1YsBn8sXiXlWcKlt9fke4X9lQd17AathWELwImg4m1tntoOYb62MWWKYkJKuNhaTzIRclEuAvKlxqMonnQ0kX8GbIQovwvMfkMj3KiIQ-AaUJYsXxZquNOlakoytQxs4fb_XvpO1tU1Y54X_aQm-b1uNhbaSrA7q0QchpzrpRxCRJaxZUM2IChlLCMU34RZzzVFRyNbG08f8UaW818Bir4i9Mn1Myes_vF7KwcxHgQrMSFQK3dKqwu190ERiNQ2YSPSR-1iXhke-EwupIXJ6Hab1DCuV1iAuhMyFCVFMLRdeJ6icZ2axyxTVQurE5_KOkyMmt8CrOzTK2kTPiIq8zgB-wHDMO3oMSXzl_lhWJOopQV4212f0OYOB3lS62QfWZLnpJcRhQ5l8JaoQOd1dXKzRr4r7wPBWYQq7temdPc8a_3Gpag6XUp8LfTBg7jL57OORkiz5V_btDaOypMPeutOSPR-G5VSTMZP2s5t1onQW8WxWe1-8detqdvFHFtKt4681OYJFzcU2NsIgK2mJIs1ORmk7DnYw_TwBK2sj4vCTPrym5g3rlFwgicLDPAxCM4qwwrAKBkmCX5esJDZiYpG-lwamY_flJkmdADAaDwvYQlG9u8-gvZCqbBAdo61Juhon9RV6XjxofniL7el0cSw2OSzORX0SudohhdWG0Ro4Q_5rMR20fwqkgrr5oZoYnpxurKSYdFkoZHRVKgFM9koyHdo487FyO3mzcbFC2X5bte2Dat_2rPzAq-Fy7Bq-Vo8oLd5tNp9CBh2r832-Fqm-t2NDRUMt3yGiEWXdSMdrACDz1JPnEuQwPS03pLUQV1BO5Y2asiSkHuzQ9hO7g91wdrbZU84xY9aUY2Kx5uC2GzCMdYP5wg33he7aC1ilUzIQVSLDvufbJiVj5mMaz5cnU2kFRhxM3KkNYBHoCveFQ_ri_8Kq876rwM3kVW3R4F-OTvOGKCJHD_fyZzxiXlbdm3RFSAQWwMoMdWP_FyiYoMSYr2eg6Z6hJRZ3u20-iluQpMToAZ-djcgJXU5-TIH4mhmXdCJTwS2yROm8qXnyoGDTrUtGd6u99b_GMx1Sdk6a-zNVvfB2IIeNo8O_-tR08EipU_jGNTdKm1AYWCubC_zZjsWHpkTp4GZbD2BbLH62PXqSNHu3IE_QNzTAjqa3thjWGEsDHBaa10RY_0ViUHNoem67RFs0q2P95790VJVXWY7qGT6ZkCHJPmUmOiRBfm42kDE_cAlzP0Xa4geHqt3B6Au4tR22pzato9Ca3ECg2h2WZ60l9tXHKL1s43QSXyEox--zK995DFdzimOFsQSkL3J1UmFljxywavj7abB6qIl0evKqoqYUtNGUxyZSfRcCvEx7cbO6dt0kNyf_POSmmHg06ZQ_GoloXpm3xlXfSdz7MC4ebux-aQ1WI7LnQ00nI75ldTbsDvBNDHJYCdqo6eAAM8bCQXFuet1yUzQHAtNCadHO3OD61il7KRvQYmRFCK-eycfKCakXym6dyIddZEIc2khwU_l3zKt0_eYn9TYzYuhRje0q4sTJ8hh0q0NfcKFZv4Ry2UZJrHvf-8voAF8dWZKaBaygau8r9kvG9cOwJvZpU2ZtYgEev5gpsv9PPKDHBboGIQLtXR9gbdSpGjoqbVHmo13lb0ai-y1Ea9sGGtkK_dr_n3l7y7YDclJ1MSyZ1CWfocIajj1n5DDtYQP6MspSHHLhpFFfbkuV0jL0X-5iatqRaPfl-Z_cVk03nvFaZkk2Y2TEexKXYzRQwJhzrcFv6eiXAfafKZB0Hu7_mEipR-djhLaG3GfEbif5u-phGVBYTGLDhYm4uaSNcB-iqicx5g6vy46UA_X74s7p6uvhx_68aBcqPWZUfy2_s9abzKU93CUAEAXUyosNFAQkEZNbx_Oo_X0aYsXpxWMEJyTs3c81eA_ZkKappJwFQahNaoNiW1RFKNLx4zzSnPOxk4sJIY65ZKlmarj1sNQqY-MGxqzsnM2SbOkqMlRI8Q4fl9Xo2orc3xLVNU4dBTKA_wA6RhfDN3dDhEXvFJoMzod_DQ_XkPN_K7_US9gi8Bzn5M39uMzWI&cid=CAASJORo75HAWXFme6FdCP27SDQKkCCPZs_YMpEwKLHFFigmmgrqcw&rfl=1%2Chttps%253A%252F%252Fpatoshoje.com.br%252F%240

Requested by

Host: patoshoje.com.br
URL: https://patoshoje.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5f5d2ef84b9869ac4fe5d57eafb4fad768e5b1aa8de3ac6792258ab7a44efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30803
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8502 42 B
63 B 90ms
90ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxB0wxKD5z4q63IVe9sbX2omMNylZpxUvwpH7Pl2ym8nqyk5eZxDmxG8Y21Us_6BXj58sRucV7yuIBo7odRUSuWDMaICWeo0KSbLzaS1AGdPuSxug

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 8502 2 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Apr 2022 12:54:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8502 119 KB
36 KB 159ms
93ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 13:01:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 8502 15 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Apr 2022 12:56:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 064C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&C=1

43 B
1014 B

31ms
31ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGM3Z6MYBMAE&v=APEucNWNbkU9P21-u9JOIOIYOQGQqWYoeA4Ufr_qPkDxrLhrknnnFpWSvRJe8oQtrVq8gbefwUBhA9PPp7hWw1ZFMtTGIs7BQ7vQHEI0bid0hBcwgEGrMBtzk5nYhJSAh34e1k0jhNIhzm-HdT3JsmgFPk-6WknR3RUlycnnKFuzSnen-eHZ66Y
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:21 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 03 Apr 2022 13:01:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 064C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkmaoAB.KsxwLK80NNDEAAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&google_hm=2

43 B
894 B

31ms
30ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGM3Z6MYBMAE&v=APEucNWNbkU9P21-u9JOIOIYOQGQqWYoeA4Ufr_qPkDxrLhrknnnFpWSvRJe8oQtrVq8gbefwUBhA9PPp7hWw1ZFMtTGIs7BQ7vQHEI0bid0hBcwgEGrMBtzk5nYhJSAh34e1k0jhNIhzm-HdT3JsmgFPk-6WknR3RUlycnnKFuzSnen-eHZ66Y
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:21 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAllesQcM99UQ_dgYFYntq0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 064C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKw0QqW1ktoSpLaEJNKaxc4&google_cver=1

43 B
1020 B

84ms
84ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKw0QqW1ktoSpLaEJNKaxc4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGM3Z6MYBMAE&v=APEucNWNbkU9P21-u9JOIOIYOQGQqWYoeA4Ufr_qPkDxrLhrknnnFpWSvRJe8oQtrVq8gbefwUBhA9PPp7hWw1ZFMtTGIs7BQ7vQHEI0bid0hBcwgEGrMBtzk5nYhJSAh34e1k0jhNIhzm-HdT3JsmgFPk-6WknR3RUlycnnKFuzSnen-eHZ66Y

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68befdb0-ec0d-4976-9f65-64c2c00fd24e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKw0QqW1ktoSpLaEJNKaxc4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 064C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5ODQwOTYzNjQ0MzIyMDc4NA%3D%3D

170 B
188 B

62ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5ODQwOTYzNjQ0MzIyMDc4NA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:20 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9591f3aa-2ffa-4e93-9374-5a192eb876bf
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5ODQwOTYzNjQ0MzIyMDc4NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 8502 25 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs-j8K_ipLt166vwqSgqNmSY4GREYc5ak5RdnU-ffA3_pUBzMwv3vWHkz6tNaFDJ5n23Xxpg7ZTgEiSNBP8U-YSwqw1dsfv1-tl9PLXG3uydlE_Ybudc5XaaAnsSYH6jGLNFw85g87AlRlyjETLEk4aJ0Drw&dbm_d=AKAmf-Bl1z3axMbZrEjZW_kCJaJF_qhsD_0WzmsTnB6EE8NReVFMYncT-JSwqXECJDqbgdmYRK971h7jinQZv3POjpwe13gQuiblATG--4KOZo6mwTGmD7GAfzxRFx4GOwtIka-YXKWJt8H8eofTtiuq1rPl_su7uN4ayDZEUJ8NJ3WMVFdZcwjf3ewn_grCGlhr1KiTsfFZ_Hd8tUElJn01LCvssj_bLYKyDlfCQDrvk7XZPcvhyiLfsVYQFoz991T29Z5Icuj98e7LVyftG38UZDPzozwOZCJZ_SuwKnUBqzkdoAe8rF9qxV40RbAwrjqGqUeWfSMxSF51sDBf_ArHQM7l6fklmFIFWmn6bXnuGUA83_nqG6L-CO5Epx2F4f66fTmE5e6JY4UEGzNYVU_gdpO_cImzGhoXi3A24R4PiiCa8sAM8aouoJQ09XVwDLPmklzMV7k6bEZRD1xTDTmQudP5gD0jCJqNu5bGMGU50O92bbTbYR0KLKGxUnNGiMAexBHGhTE22vhCLZV_AZnGF2hFls1n9dePQklpZ8y6H7o_-Sc7uEiRmXBxECUtG5kgJ2vt5Ex1PQkEQ7Fd54EGYaTn4QHuc6Glgd1_Hu6wmMzP7cWK4NKECC_ZSJeSn3uUrlXuYwkaI-3lX7TXJYwC-aK_aAvtMdYLEeoxKtqOy8WSjXiSU2Hp628nNIowEqkEMONoyHqNezVxPsebJmH_5cPS83F_eRkyTQ-5FWxpBG5nXqTLz3hwMOrjLT09qStqalb-mf4l40Jd8JsgMr_UlSsmfH_RSvnHJdg6FIeVPpGGcqyIXPQbMDve-iKkwzzWoj_Io7NGniwIkcGs7-BjtjCOwnKcGCJTFheRbKOlM1gFCT7J024HphpLTKnZAk8Rsk_d0bAnwkP1MtK23WeR4cf-47naUDe2sJQc7Z0ohJ0nOMLiUmzcOX0N9o-wNXt7KbRvRWwuYhhiZvUHWBfWy_D_jQ_MNqhCf5lOpRoYLUIidZWvloGRj4Gz8IqpuUUGyZp9FQniNk7Dq47AJIFutmHSMi5c-MTKkX6JCJjek0bTNY_jE5Jk2wd4mWjrCmEp79diXGg1hHb6nJt9H1QvmjPbyKQumzx3qFVg4S8CQFrNcaSxS7qdIhyEafAkwPVD1MRAYynNMbQqwjSiQOnPqBTexrp9nod0hU2l48xLznw2-Dqonyb3j2Y3SuziIUMseKeZzDKvhZgppdOWDjwiVtGqT8ITfG2_JXXwwVX6ybp0W29vq7ql8Eo2CfXApF4cm1eKmdtGRij5WzulTWp36NfpT3WnWrxpQ0lvNGbPVUkO-Cz8e5HuTyeWv-bktbsI7qEHQa0o6pLi4PMRGCEbgTK4LheHThNvuq8C3ZV6hOqKMRLXuwWNnKpH_42BIzqyrFZ51UUriM1YsBn8sXiXlWcKlt9fke4X9lQd17AathWELwImg4m1tntoOYb62MWWKYkJKuNhaTzIRclEuAvKlxqMonnQ0kX8GbIQovwvMfkMj3KiIQ-AaUJYsXxZquNOlakoytQxs4fb_XvpO1tU1Y54X_aQm-b1uNhbaSrA7q0QchpzrpRxCRJaxZUM2IChlLCMU34RZzzVFRyNbG08f8UaW818Bir4i9Mn1Myes_vF7KwcxHgQrMSFQK3dKqwu190ERiNQ2YSPSR-1iXhke-EwupIXJ6Hab1DCuV1iAuhMyFCVFMLRdeJ6icZ2axyxTVQurE5_KOkyMmt8CrOzTK2kTPiIq8zgB-wHDMO3oMSXzl_lhWJOopQV4212f0OYOB3lS62QfWZLnpJcRhQ5l8JaoQOd1dXKzRr4r7wPBWYQq7temdPc8a_3Gpag6XUp8LfTBg7jL57OORkiz5V_btDaOypMPeutOSPR-G5VSTMZP2s5t1onQW8WxWe1-8detqdvFHFtKt4681OYJFzcU2NsIgK2mJIs1ORmk7DnYw_TwBK2sj4vCTPrym5g3rlFwgicLDPAxCM4qwwrAKBkmCX5esJDZiYpG-lwamY_flJkmdADAaDwvYQlG9u8-gvZCqbBAdo61Juhon9RV6XjxofniL7el0cSw2OSzORX0SudohhdWG0Ro4Q_5rMR20fwqkgrr5oZoYnpxurKSYdFkoZHRVKgFM9koyHdo487FyO3mzcbFC2X5bte2Dat_2rPzAq-Fy7Bq-Vo8oLd5tNp9CBh2r832-Fqm-t2NDRUMt3yGiEWXdSMdrACDz1JPnEuQwPS03pLUQV1BO5Y2asiSkHuzQ9hO7g91wdrbZU84xY9aUY2Kx5uC2GzCMdYP5wg33he7aC1ilUzIQVSLDvufbJiVj5mMaz5cnU2kFRhxM3KkNYBHoCveFQ_ri_8Kq876rwM3kVW3R4F-OTvOGKCJHD_fyZzxiXlbdm3RFSAQWwMoMdWP_FyiYoMSYr2eg6Z6hJRZ3u20-iluQpMToAZ-djcgJXU5-TIH4mhmXdCJTwS2yROm8qXnyoGDTrUtGd6u99b_GMx1Sdk6a-zNVvfB2IIeNo8O_-tR08EipU_jGNTdKm1AYWCubC_zZjsWHpkTp4GZbD2BbLH62PXqSNHu3IE_QNzTAjqa3thjWGEsDHBaa10RY_0ViUHNoem67RFs0q2P95790VJVXWY7qGT6ZkCHJPmUmOiRBfm42kDE_cAlzP0Xa4geHqt3B6Au4tR22pzato9Ca3ECg2h2WZ60l9tXHKL1s43QSXyEox--zK995DFdzimOFsQSkL3J1UmFljxywavj7abB6qIl0evKqoqYUtNGUxyZSfRcCvEx7cbO6dt0kNyf_POSmmHg06ZQ_GoloXpm3xlXfSdz7MC4ebux-aQ1WI7LnQ00nI75ldTbsDvBNDHJYCdqo6eAAM8bCQXFuet1yUzQHAtNCadHO3OD61il7KRvQYmRFCK-eycfKCakXym6dyIddZEIc2khwU_l3zKt0_eYn9TYzYuhRje0q4sTJ8hh0q0NfcKFZv4Ry2UZJrHvf-8voAF8dWZKaBaygau8r9kvG9cOwJvZpU2ZtYgEev5gpsv9PPKDHBboGIQLtXR9gbdSpGjoqbVHmo13lb0ai-y1Ea9sGGtkK_dr_n3l7y7YDclJ1MSyZ1CWfocIajj1n5DDtYQP6MspSHHLhpFFfbkuV0jL0X-5iatqRaPfl-Z_cVk03nvFaZkk2Y2TEexKXYzRQwJhzrcFv6eiXAfafKZB0Hu7_mEipR-djhLaG3GfEbif5u-phGVBYTGLDhYm4uaSNcB-iqicx5g6vy46UA_X74s7p6uvhx_68aBcqPWZUfy2_s9abzKU93CUAEAXUyosNFAQkEZNbx_Oo_X0aYsXpxWMEJyTs3c81eA_ZkKappJwFQahNaoNiW1RFKNLx4zzSnPOxk4sJIY65ZKlmarj1sNQqY-MGxqzsnM2SbOkqMlRI8Q4fl9Xo2orc3xLVNU4dBTKA_wA6RhfDN3dDhEXvFJoMzod_DQ_XkPN_K7_US9gi8Bzn5M39uMzWI&cid=CAASJORo75HAWXFme6FdCP27SDQKkCCPZs_YMpEwKLHFFigmmgrqcw&rfl=1%2Chttps%253A%252F%252Fpatoshoje.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Apr 2022 12:53:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame 8502 8 KB
3 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Apr 2022 12:58:54 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8502 0
622 B 154ms
81ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9FWnURcuIev3UCEkTrzPeSsS17rBgTHJoA22xeCy0wxnqtxypX482geT98801_LkamRc19GleQwqkA--9EqusObm5SjtwcxwuChmvkS1IOl7l1WWBDO15KM5lDyZMor6LX759u8npEa2JILzNHnCUBPBfDDPORS4x87Bv3MwiGWsrf-v2QJov2Laxo_QLjTQl0Clcl0p-44oxEpHATXM2gU_2C2W5cZp9TcItP_1enWcndEJaxewLQSVbN_lTb5eAXkmaQSxpYkfdAtfBrKGcTbwDypDr4zBVRU7BXyhARnzyErHTvKYNh50MIZ8LiKF0s-CsVKHBw3ZyTLWDmb9pFBZx1BOEW4BJqYSmX-9fBrsIB2iH4znIVFIaF0BkXAOoxPy81m9vkUsbrE9pYZwZHidHVDq-ttaYRBVvU7jPJtwhY9j3mJwxBv8mTdPWbpD0zwvW_dNAFbiBFNEOa_Nzz9iOGcv5kaZPfoaQB498T8L-hQWcTiHMeqEQWuc_uqSEKfjmqeKXIQGhcFt9a1j6TnjP05TzAk10wZmVQbTxaos59Ld24cBPcCAQcn0U8SV18D0oLfB30ap54O2ap3ye0f_1wVAv2OcTmvqgP-bYG0SzGYn7cu8GDfpgSAUhMGshBsmNeueC2mnuXQtNyOlEOr_bayVqsKZGV9LswwGJYRoTP234ktFO_1TaypGQGIt9lOD_I2TAlJYRtnwI3hCRib781XLZT5EKFfSbSqQeBUNR7544nxDPrCb07rOo1RMg0S2ZAzYpxQkjcYB27vAhN2JEd6w2dAzJq7vlpaq_wUnzFSRrY7Ix_FobnkhE_vZf2znR3c9W0V7HwfeOR8aPmJ25qWQPWi1jcfcIKR2afVUtt4pquBHrmfOIi1F_VE6urDSfOb_VXRGgCPPN8_uUeuo2iEZ8PmYvc7-C0JuPe09xp8eD7i9wglaYSt4QHaiMn1miopeskOlCFlgnOjRcjvnCRayh3Q8cd0FYVGqmrVc7b-VeBKRV94OQ0a-LLVgkSlnGAukB1lwsynuiy3PDoVOLkn93UBKv8VW85EJEre5gHuUzyWcIf0RvcO5WTeZj1XzHbYSSfBLBOtrwoQEOXqWYQ-osgbyhFiaQSSDLmRgMS6D4yFuf0xKB3OqJSIzizA8T041kcHNuLzlbN7vnalPuQkJyXjvAqvKH5BNrrTUxYU-bssJgQqzngs-jedSoa0W1DjQ96skfxStcs42OyajLw372lEETze9q0KecyYQipIWV7oRU4XN15QIfHj-YU9PthJ8zTBE2-bYJU3Jtlxo2CjOd6KxeMlIk1YtIPLwb3PJmA4u0toxQ5WZUQVw3VgyzO_U4-8-RaIZyOM3S_-u_gMu8ggp5fK2TpvbTOXTVHxz9lvdFsJY9cBQ8a8m6QtdRwND0WpLpjN10y9O0BvwXBIs0yX2RQeI&sai=AMfl-YROq4orTfeIrS_ubUrEU676Z985z2ABUWaNJFLqQpTDYmV0ZFl6KUF7JY-UuY84MHu8nUxEJIV25A5WTuCwEE0iL6jW4Owchb-cK4yu9abpVPaD1OxB3MqC-pn4kLUmNwCmo3uTZizb4y9CaXMT4coywqbPJgjl4V6T2LcUiGEsKkwMESzf4YVl65lRe_lSddUXnCfBAgzOArJD31HZhA&sig=Cg0ArKJSzPUp7EGFNbXGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220330.21116&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 03 Apr 2022 13:01:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8502 41 KB
15 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
H2 200 13474930729740013234
s0.2mdn.net/simgad/ Frame 8502 26 KB
27 KB 176ms
56ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13474930729740013234

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c46f5334d12be62825499937b3bb7a9c0106da7c60e9533eee300cc848c0ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 08:35:32 GMT
x-content-type-options: nosniff
age: 188749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26894
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 15:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 08:35:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22D1 1 KB
749 B 55ms
52ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 25656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 04 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DEC1 22 KB
8 KB 56ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 281313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:52:48 GMT
expires: Fri, 31 Mar 2023 06:52:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame E466 875 B
861 B 96ms
96ms Script
text/javascript 34.192.67.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2889&eaup=/21830119956/patoshoje.com.br/WIDESCREEN_ENGAGE_DESK&eolid=null&eci=null&ct=%7B%22siteurl%22%3A%5B%5D%2C%22sitestructure%22%3A%5B%22RON%22%5D%2C%22pageposition%22%3A%5B%22abovefold%22%5D%2C%22iabtaxonomy%22%3A%5B%22News%20and%20Politics%22%5D%2C%22adposition%22%3A%5B%22widescreen%22%5D%2C%22hb_prebidmanage%22%3A%5B%221%22%5D%2C%22hb_abt%22%3A%5B%22mp%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-67-210.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 323c12acb753ac8d1035d2a59e5dbef0c9c2b28105f159ac25da0f8017f67729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22D1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVlSRzZob2sxTkFaUjc1&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVlSRzZob2sxTkFaUjc1&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7Xse-1ZW_IVISRRMaA4hb6NK0KBVXj2EeY5kyr3yeIb-kheCgBLY8

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:20 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVlSRzZob2sxTkFaUjc1&google_gid=CAESEIXWxUXet5mTF5fGKlB-Vbk&google_cver=1&google_push=AYg5qPKirdYdObB9yfFbV6GqMx1weXsUmiZz_W20Aqq80q7Xse-1ZW_IVISRRMaA4hb6NK0KBVXj2EeY5kyr3yeIb-kheCgBLY8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 22D1 43 B
167 B 106ms
104ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESECzePfAmFHjJYclY1XHgZkk&google_cver=1&google_push=AYg5qPLIOHa-vbIsJW71Dl8puUn-PApfv44-Haddl4cHPt6tSrAGahTSMcStpJU7tMrFBvhTWA71I7KwmSRPQH74z7tFCM6Gxhc

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Apr 2022 13:01:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22D1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-qgVdrC1OTYEka57fDHn8&google_cver=1&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB-qgVdrC1OTYEka57fDHn8&google_cver=1&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwMDAxMDYyMTM1NjUwMTYzNw&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwMDAxMDYyMTM1NjUwMTYzNw&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r_1FDZ5DZqj36Py2lrzg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwMDAxMDYyMTM1NjUwMTYzNw&google_push=AYg5qPLMZ4pL9JAnLLY7y9KF2JRn0lY2ZQ2iAlQ3dDU07vrIHmU24OKE6XlXHO7o3gaXH_UK_A1NBp-r_1FDZ5DZqj36Py2lrzg
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22D1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLLHvD4GvJ2V4sdrdNiCzM0tSa378C7h7zsxPcMgu245sf-ywhjHrXyVvH-pgJRuJhMqjVGvDbZEXJVpwgTI4C-UI_4IVI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLLHvD4GvJ2V4sdrdNiCzM0tSa378C7h7zsxPcMgu245sf-ywhjHrXyVvH-pgJRuJhMqjVGvDbZEXJVpwgTI4C-UI_4IVI
date: Sun, 03 Apr 2022 13:01:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22D1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&redir=https%3A%2F%2Fcm.g.double...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&google_hm=

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&google_hm=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJA2WFDECEJS5HoryI_y6A8au3fdn6s-n8qpqB4ZttXUeIC8giCQqQWjlo28Yjjbi9_E1qALx34JflGRInNUUKNolswcCE&google_hm=
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 22D1 0
75 B 195ms
17ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEILf5D3TsiNREtmDiGWxPL0&google_cver=1&google_push=AYg5qPIv20Dkd1Bu0vt45Ztq_NuSquYHmA4SqhBpZ-PHmvovu00b0fVNxAyK7ai9o0Vy0SaCMEkuNm6I8WURUAnLzVLWkWwbvxk
Requested by: Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:20 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22D1
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEecPbbNppAtg5oMzwTJSjQ&google_cver=1&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODhmM2YyNy1iMzRlLTExZWMtYTM4Zi0wMjE0OTkxYTkwYWU%3D&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnP...

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODhmM2YyNy1iMzRlLTExZWMtYTM4Zi0wMjE0OTkxYTkwYWU%3D&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODhmM2YyNy1iMzRlLTExZWMtYTM4Zi0wMjE0OTkxYTkwYWU%3D&google_push=AYg5qPKJwDoQcROcwy81hhYuMRQvbifwGv_Wje59b69-nYsfhRJoH5Yj-u2-cE0xnPme1VMC_s2ztsNvuOTz01jUZtQ7YJpGArLh
date: Sun, 03 Apr 2022 13:01:21 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 22D1 0
12 B 38ms
38ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpSGqPnTzo3FODyYnhVrsNYrAg2cdVn17fuJOkd-sIkfaRgWb_itkYd6ujZhYBJeqD7_qrtg

Requested by

Host: 23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
URL: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame DEC1 35 KB
13 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H2 200 sync
app.retargetly.com/ Frame 41E9 68 B
848 B 120ms
119ms Image
image/png 2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?sid=db876249-9a9f-4900-8a51-d80e1cd562e8&pid=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f61fe0eaf839b64-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png
expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 41E9 43 B
517 B 19ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=760962&check=db876249-9a9f-4900-8a51-d80e1cd562e8&mop_top=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master zrh-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=db876249-9a9f-4900-8a51-d80e1cd562e8&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:21 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 03 Apr 2022 13:01:20 GMT

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame E466 21 KB
9 KB 100ms
100ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2889&eaup=/21830119956/patoshoje.com.br/WIDESCREEN_ENGAGE_DESK&eolid=null&eci=null&ct=%7B%22siteurl%22%3A%5B%5D%2C%22sitestructure%22%3A%5B%22RON%22%5D%2C%22pageposition%22%3A%5B%22abovefold%22%5D%2C%22iabtaxonomy%22%3A%5B%22News%20and%20Politics%22%5D%2C%22adposition%22%3A%5B%22widescreen%22%5D%2C%22hb_prebidmanage%22%3A%5B%221%22%5D%2C%22hb_abt%22%3A%5B%22mp%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8502 0
26 B 121ms
77ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 13:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 8502 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05b18edc49d3ce96b8181a7524a75d2a01f546baada6916a957bda90e5b49ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEC1 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt9LtoJpJYvv4Mf2NjuwPuMek-AQAAAAAOAHgBAI&bg=!09Cl0JTNAAZku-1yRLs7ACkAdvg8WqTCQdIyId3uLWEgpZ3ADl4fm9PiSjDx_E3BwGX7Txz_v0PV8QIAAAB6UgAAAAJoAQcKAB-CDT3VWZbruW2BJWfkeFPiOjwwpZVTo8pV0XBgAu4gmQMbKIeGfSe8bBdm4u7ZBP-N9JTq1giHEIwVY1a7phY60KkOw9Hsjj8N4WgZSTeWnlTlr8UxdPPD8GiyJlw1LZHjShzvTqeSh3pw7LvmY0HxZUF81gR34uqioKpqYTEn2u5_4KZhQUlmpXVLSQhkPH_JBDjL7YoAFpDbJzwAZydUBovxGvSAKHHHYm0qeeKPyES4rburUqQ86eynchSnb6r45HPGJ8sbAL50d8m63PzVGFOibONyi-93kHYB2WQEgxp7XyWV9Zfo9nxwye0q9qrC5gKLj3C50JMYqpuVF2gft_Jn9kU44AHjXeakIecJH1nGDg1QDUbP-qXhdM0exfbBc_LdQWiSP1gHyPCMHm3MR9eJmcYHq0VM-rIyTvLYTJoCkRcVL352WYn10lin_i45qjwxcO7AGHF8SQ5OabbPBJw2IhdPtEYnU8Bw_J21uKUX3UTAxm5vSkjmOUninnLRG6EX1IIvhVk_zIL2bv7u35u4ZBwfeRo0e4RISTfkWFC_51D0YO1_SdGaBKmqgJPSrAUS0ss_NhMGmNexdjpxlblSRv3Q8GImkmgll9ceu-Ti-2amlVrN_FlK9CEnC2I_J3NW2Qzy-vkP1euMmps7ZXqyoAykdjSWibBv4kn2CKLQxN9_Wsmhgbgz2Rhmwl3MRHjidpf-wC_2G9uFmkVQSwz1i2AVbKsmfaHuFv43J20p7aA9zGrmWVyVJrvpusM-Kox6Z8BD0ZHtM2Gna8gXY2l6ByCF71tMLCSNXP_L-ULvPVu2AeMM8VqqMa4xJogPRH723wn5IYQXfTdSL2niYufa3SwhL7Bh7b4ot-YYhOWWJBleIh_y-ltbnInzHP0zGSQElLc88mlm0E0E1P0GyF0w_QUjB_opvKs1GJQbhsr4G96J9zDem4Slw0IErlS74QHT1KtWyGvZPAajjcWw9ZW53DSN2TZl3RWp-PgxC4nv5WQZHoY1b8BYAwuglm-XzuaYuvoT4F2NA_FeA2BOMMuuLcSoZ-KR_B3FuWPqYBti03j6NMXzDNmbe4TD8YIRRyWE_jRoztuTe6FM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 05B1 7 KB
2 KB 81ms
31ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304238f17343b621f358cf5ed137803b1f7636780ba7fbc5c79a11ca96e5d92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://patoshoje.com.br
cf-cache-status: DYNAMIC
cf-ray: 6f61fe10bc519be2-FRA
content-encoding: br
content-type: text/html
date: Sun, 03 Apr 2022 13:01:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 71B0 281 B
554 B 85ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Apr 2022 13:01:21 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 05B1 0
0 14ms
13ms Image
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 05B1 170 B
188 B 43ms
42ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://mwzeom.zeotap.com/mw?cid=efc86151-08a0-495b-bb21-357a65257cb6&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1...

95 B
153 B

28ms
26ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=efc86151-08a0-495b-bb21-357a65257cb6&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe115ded9be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=efc86151-08a0-495b-bb21-357a65257cb6&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 05B1 0
330 B 59ms
19ms Image
text/plain 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da...
https://mwzeom.zeotap.com/mw?cid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1...

95 B
164 B

33ms
25ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe115dee9be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 05B1 0
77 B 20ms
15ms Image
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648990881.456726,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4055-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 05B1 0
411 B 714ms
98ms Image
text/html 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:22 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 05B1 0
41 B 165ms
160ms Image
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb8bac5-2590-45e2-7600-1e414633e17e%26reqId%3Da2b6055e-3928-4ef1-54cf-5c77935a5212%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=136...
https://mwzeom.zeotap.com/mw?cid=6507910e-9703-43f3-a04e-c21dbe659e39&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

42ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6507910e-9703-43f3-a04e-c21dbe659e39&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe13ab1f9be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=6507910e-9703-43f3-a04e-c21dbe659e39&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=adb8bac5-2590-45e2-7600-1e414633e17e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=adb8bac5-2590-45e2-7600-1e414633e17e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=28466053799357499081557241470518043606&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-...

95 B
153 B

28ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=28466053799357499081557241470518043606&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe123ff69be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v030-0c088c812.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jtqqbcHSTd0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=28466053799357499081557241470518043606&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 05B1 0
324 B 129ms
8ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=adb8bac5-2590-45e2-7600-1e414633e17e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022040315-22751-0.726763001648990884-47f02d422cab74e15b567c8c79385e42&zdid=533&env=mWeb

95 B
153 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022040315-22751-0.726763001648990884-47f02d422cab74e15b567c8c79385e42&zdid=533&env=mWeb
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe11aeb89be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022040315-22751-0.726763001648990884-47f02d422cab74e15b567c8c79385e42&zdid=533&env=mWeb
Date: Sun, 03 Apr 2022 13:01:24 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7082361905309218965&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-...

95 B
153 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7082361905309218965&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe116e169be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7082361905309218965&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Date: Sun, 03 Apr 2022 13:01:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 05B1 95 B
414 B 42ms
38ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=adb8bac5-2590-45e2-7600-1e414633e17e

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=adb8bac5-2590-45e2-7600-1e414633e17e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=adb8bac5-2590-45e2-7600-1e414633e17e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=Wjpr07JqTS67rIgPuSXG6u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4e...

95 B
153 B

32ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=Wjpr07JqTS67rIgPuSXG6u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe1258299be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
last-modified: Sun, 03 Apr 2022 13:01:21 GMT
server: nginx/1.18.0
location: https://mwzeom.zeotap.com/mw?webouuid=Wjpr07JqTS67rIgPuSXG6u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 05B1 36 B
272 B 59ms
9ms Image
image/gif 185.15.245.81
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=adb8bac5-2590-45e2-7600-1e414633e17e&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-length: 36
content-type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=adb8bac5-2590-45e2-7600-1e414633e17e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=cd94e7085606016511c9509e159a4e6b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-39...

95 B
153 B

37ms
37ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=cd94e7085606016511c9509e159a4e6b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe115e029be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=cd94e7085606016511c9509e159a4e6b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
cache-control: no-cache
x-server: 10.45.21.112
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-gKJDJQJE2oq4km_nNeZy5jtlN98JA.UtZg--~A&zpartnerid=570&env=mWeb

95 B
153 B

28ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-gKJDJQJE2oq4km_nNeZy5jtlN98JA.UtZg--~A&zpartnerid=570&env=mWeb
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe115df29be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-gKJDJQJE2oq4km_nNeZy5jtlN98JA.UtZg--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=qmLd62khRZf%2FG%2BSUG%2Bf8tfb1T3d8zs16%2BS41iYitP1U%3D

95 B
153 B

29ms
28ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=qmLd62khRZf%2FG%2BSUG%2Bf8tfb1T3d8zs16%2BS41iYitP1U%3D
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe11df269be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=qmLd62khRZf%2FG%2BSUG%2Bf8tfb1T3d8zs16%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 05B1 0
338 B 111ms
26ms Image
text/plain 52.19.63.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.63.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-63-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1648990881
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 05B1 95 B
359 B 55ms
13ms Image
image/png 138.201.8.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.8.249 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.249.8.201.138.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YkmaoQAR2bamIAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c7...

95 B
153 B

38ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YkmaoQAR2bamIAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&_test=YkmaoQAR2bamIAAy
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe1298ed9be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1648990882.685037,VS0,VE0
x-served-by: cache-hhn4049-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YkmaoQAR2bamIAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&_test=YkmaoQAR2bamIAAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=db876249-9a9f-4900-8a51-d80e1cd562e8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055...

95 B
153 B

35ms
35ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=db876249-9a9f-4900-8a51-d80e1cd562e8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe11ff749be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Sun, 03 Apr 2022 13:01:21 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=db876249-9a9f-4900-8a51-d80e1cd562e8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sun, 03 Apr 2022 13:01:20 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 05B1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a...

0
337 B

27ms
27ms

Image
text/plain

52.19.63.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 52.19.63.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-63-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=59 t=1648990881
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
date: Sun, 03 Apr 2022 13:01:21 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 05B1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-760...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-760...

43 B
645 B

32ms
32ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&dcc=t

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HNZ1MR235GKF0ET70QFF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MCEPA7FT7Y0KWWY6NXGB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=adb8bac5-2590-45e2-7600-1e414633e17e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Bad Request 87734
tags.bluekai.com/site/ Frame 05B1 0
225 B 154ms
154ms Image
text/plain 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=adb8bac5-2590-45e2-7600-1e414633e17e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:21 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 05B1
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dadb...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361

95 B
153 B

39ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6f61fe1319dd9be2-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
date: Sun, 03 Apr 2022 13:01:21 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 05B1 557 B
496 B 32ms
30ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db30cc95bca4007a5d1d93c2c9fcc61f468a80471ac0df8c604d1c5408833cba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-ray: 6f61fe111d3c9be2-FRA
date: Sun, 03 Apr 2022 13:01:21 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Sun, 03 Apr 2022 13:01:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 71B0 32 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37526
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Sun, 03 Apr 2022 23:26:47 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame 05B1 0
0 35ms
35ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 6f61fe115de99be2-FRA
date: Sun, 03 Apr 2022 13:01:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 71B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIKALjTorAuKWTazCtutBY&google_cver=1

0
239 B

36ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIKALjTorAuKWTazCtutBY&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIKALjTorAuKWTazCtutBY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 71B0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KQoo-OybSgi3KfMZ3Crw8Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KQoo-OybSgi3KfMZ3Crw8Q

43 B
556 B

106ms
106ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KQoo-OybSgi3KfMZ3Crw8Q

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:22 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VMZ8ZBN3PG1C8FEX3MTQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KQoo-OybSgi3KfMZ3Crw8Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 71B0 70 B
264 B 33ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71B0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU0ODViNTIwNTQ2MDQ5MTAwMDQ5Yjg1N2YzZGU4NTc0ODc2OTBhMg

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU0ODViNTIwNTQ2MDQ5MTAwMDQ5Yjg1N2YzZGU4NTc0ODc2OTBhMg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU0ODViNTIwNTQ2MDQ5MTAwMDQ5Yjg1N2YzZGU4NTc0ODc2OTBhMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71B0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFKQUxDSU8tMTgtS1U1WA==

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFKQUxDSU8tMTgtS1U1WA==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFKQUxDSU8tMTgtS1U1WA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 71B0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1JALCIO-18-KU5X

0
923 B

184ms
157ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1JALCIO-18-KU5X
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:21 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C380195778924C9CB70391267CC88DC8 Ref B: FRAEDGE0715 Ref C: 2022-04-03T13:01:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbv5u9+MUoqi3O43+oNw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1JALCIO-18-KU5X
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 71B0 0
0 108ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 71B0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Fooly9yRaS9iLErAujnNA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Fooly9yRaS9iLErAujnNA

43 B
556 B

35ms
34ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Fooly9yRaS9iLErAujnNA

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G781BJG9825CE1JJ861H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Fooly9yRaS9iLErAujnNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8502 42 B
64 B 104ms
103ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstay45fT6M_BcRbRHJEWOia-oPOSGFxvWdQC6YgltaJPoKAR9pZD8xKHV-TejOLU-yepOqf53Zu436ov__eFM3Zj65t7puYzCKrPtLyxtH2eiamdsNHTw&sai=AMfl-YRG5OFjM3PnAiqeCBbdZ2QOhI1eeWY42dum6fgAItXOIyk11IY6B8nGkZbH7X1zf1Xyih1oru2_AteR0fdNL92CNkmk22nk-cndOL-511d-uUj89hB5y9iWJP8&sig=Cg0ArKJSzFXMUcAlaR2VEAE&cid=CAASJORo75HAWXFme6FdCP27SDQKkCCPZs_YMpEwKLHFFigmmgrqcw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3356148919&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648990879975&rpt=503&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 22F1 281 B
554 B 7ms
6ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Apr 2022 13:01:23 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A660 2 KB
814 B 27ms
26ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1648990877698

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 914F 22 KB
8 KB 56ms
37ms Document
text/html 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8Y84F0&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C331%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C337%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=MANAGED_PREBID

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

543e4837e05d69d2b85db4c9c63e5491f479c20e49d0c3ca25c02a9f3692f781

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8173
content-type: text/html; charset=UTF-8
date: Sun, 03 Apr 2022 13:01:23 GMT
expires: Tue, 05 Apr 2022 13:01:23 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6F28 15 KB
6 KB 19ms
18ms Document
text/html 2.20.157.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=patoshoje.com.br&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-2.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=167345
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 03 Apr 2022 13:01:23 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 05 Apr 2022 11:30:28 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_9d5c6f3c-bef5-44b9-8b9e-9184f735a386&bsw_param=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&expires=10
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa

43 B
404 B

8ms
8ms

Image
image/gif

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:23 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
Date: Sun, 03 Apr 2022 13:01:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5698409636443220784

0
544 B

8ms
8ms

Image
text/plain

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5698409636443220784
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:23 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 28f18d1a-f1ab-431b-8c3c-36306a0cabff
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5698409636443220784
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET vidoomy
sync.0rx.io/usersync2/ 0
0

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D&ox_sc=1
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=ee8e4068-5efe-4015-8f80-4b092ace16b9

0
654 B

9ms
8ms

Image
text/plain

18.192.130.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=ee8e4068-5efe-4015-8f80-4b092ace16b9
Protocol: H2
Server: 18.192.130.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-130-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=ee8e4068-5efe-4015-8f80-4b092ace16b9
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: camcv3585g44tla2if4ldqdufq1b40ud

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 21ms
21ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=020&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://patoshoje.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:22 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 22F1 32 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 13:01:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37524
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Sun, 03 Apr 2022 23:26:47 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6F28 6 KB
6 KB 161ms
161ms Script
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6747708&p=160638&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 286f86f994ead8f85669f15055b49cff70aeca439a0b8f7b150568c302ae25f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 0944 35 B
467 B 22ms
18ms Document
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=5343D3EF-1F7B-4062-9346-5F076558F7A9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 03 Apr 2022 13:01:23 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2F1A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkmaoQAR2bamIAAy&gdpr=0&gdpr_consent=

1 B
543 B

2820ms
162ms

Document
text/html

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkmaoQAR2bamIAAy&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 11:17:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug006:0:381

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 03 Apr 2022 13:01:23 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkmaoQAR2bamIAAy&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4049-HHN
x-timer: S1648990884.932058,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6756
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:db876249-9a9f-4900-8a51-d80e1cd562e8&gdpr=0&gdpr_consent=

42 B
495 B

1843ms
165ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:db876249-9a9f-4900-8a51-d80e1cd562e8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 03 Apr 2022 05:32:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug023:0:461

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 03 Apr 2022 13:01:24 GMT
Expires: Sun, 03 Apr 2022 13:01:23 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4320 2f2dfe5 master hkg-pixel-x18 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:db876249-9a9f-4900-8a51-d80e1cd562e8&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 631E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHdGRFN0VrelVBQURZellBNDlRQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGtdE7EkzUAADYzYA49QA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGtdE7EkzUAADYzYA49QA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGtdE7EkzUAADYzYA49QA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

52ms
16ms

Document
image/gif

185.86.137.132

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGtdE7EkzUAADYzYA49QA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 03 Apr 2022 13:01:24 GMT
transfer-encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 03 Apr 2022 13:01:24 GMT
Server: nginx
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGtdE7EkzUAADYzYA49QA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame ACF5 43 B
408 B 433ms
26ms Document
image/gif 72.251.245.179

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 03 Apr 2022 13:01:24 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: ams-delivery-7
server: Cowboy

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 969E 43 B
363 B 62ms
16ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:01:23 GMT
expires: Sun, 03 Apr 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 629727
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 17B4 0
44 B 299ms
92ms Document
text/plain 38.91.45.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 -, , ASN (),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length: 0
date: Sun, 03 Apr 2022 13:01:23 GMT
server: c

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2412
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=660691125109

42 B
377 B

2779ms
163ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=660691125109
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 03 Apr 2022 11:18:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug013:0:348

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=660691125109

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame D7D5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
415 B

210ms
195ms

Document
image/gif

2606:4700::6812:d05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 6f61fe2269e69bdd-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 03 Apr 2022 13:01:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 6f61fe20dd249bdd-FRA
content-type: text/html
date: Sun, 03 Apr 2022 13:01:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2755

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5E09
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1YRG6hok1NAZR75&gdpr=0&gdpr_consent=

42 B
367 B

2820ms
164ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1YRG6hok1NAZR75&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 03 Apr 2022 11:16:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug004:0:389

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 03 Apr 2022 13:01:23 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1YRG6hok1NAZR75&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame EB41
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

21ms
21ms

Document
image/gif

23.55.23.233

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.55.23.233 -, , ASN (),
Reverse DNS
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 03 Apr 2022 13:01:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 03 Apr 2022 13:01:24 GMT
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Server: AkamaiGHost

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8CD2
Redirect Chain

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d48b64b5-e866-4e54-8ffb-b20283f920c4

1 B
164 B

2456ms
160ms

Document
text/html

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d48b64b5-e866-4e54-8ffb-b20283f920c4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 05:48:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug024:0:377

Redirect headers

content-length: 0
date: Sun, 03 Apr 2022 13:01:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d48b64b5-e866-4e54-8ffb-b20283f920c4
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1 200 usersync Show response
match.bnmla.com/ Frame B5DF 0
112 B 453ms
103ms Document
text/plain 38.27.122.126

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 03 Apr 2022 13:01:24 GMT
Server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AED4
Redirect Chain

https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=208d9730-8e19-4657-809a-5bc806a5dd94

42 B
378 B

2736ms
163ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=208d9730-8e19-4657-809a-5bc806a5dd94
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 03 Apr 2022 11:17:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug014:0:281

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 03 Apr 2022 13:01:24 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=208d9730-8e19-4657-809a-5bc806a5dd94

GET
H2

200

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 9E7B
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c6742476-d740-4813-bc33-5ede72661281&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5343D3EF-1F7B-4062-9346-5F076558F7A9

42 B
350 B

97ms
97ms

Document
image/gif

52.72.71.171

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5343D3EF-1F7B-4062-9346-5F076558F7A9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.71.171 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length: 42
content-type: image/gif
date: Sun, 03 Apr 2022 13:01:26 GMT
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 03 Apr 2022 11:17:16 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5343D3EF-1F7B-4062-9346-5F076558F7A9
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug009:0:437

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U0PT7x97QGKTRl8HZVj3qQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

16ms
16ms

Image
text/html

2.20.157.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-2.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=167345
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 05 Apr 2022 11:30:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 6F28 0
44 B 55ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=5343D3EF-1F7B-4062-9346-5F076558F7A9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:23 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db876249-9a9f-4900-8a51-d80e1cd562e8

0
128 B

1840ms
162ms

Image
text/plain

104.36.113.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db876249-9a9f-4900-8a51-d80e1cd562e8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.24 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 03 Apr 2022 13:01:24 GMT
Server: MT3 4320 2f2dfe5 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db876249-9a9f-4900-8a51-d80e1cd562e8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 03 Apr 2022 13:01:23 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTM0M0QzRUYtMUY3Qi00MDYyLTkzNDYtNUYwNzY1NThGN0E5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
186 B

2778ms
158ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:19:47 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug015:0:350
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUaQ2aP66Tf0GcWm3MWTsc&google_cver=1

42 B
435 B

2776ms
160ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUaQ2aP66Tf0GcWm3MWTsc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:16:57 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug016:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUaQ2aP66Tf0GcWm3MWTsc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6F28 43 B
612 B 69ms
19ms Image
image/gif 169.50.137.184

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 02 Apr 2022 13:01:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8300646895888285295&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

2747ms
166ms

Image
text/html

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8300646895888285295&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:16:59 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug012:0:575
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8300646895888285295&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f

42 B
581 B

2942ms
315ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 06:53:38 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug010:0:438
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6fbb4d95-bc42-48c3-af9d-be9d303a9c0f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 5343D3EF-1F7B-4062-9346-5F076558F7A9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6F28 43 B
987 B 248ms
33ms Image
image/gif 2a05:d018:d29:3602:d715:9c64:5860:e3e3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/5343D3EF-1F7B-4062-9346-5F076558F7A9?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d715:9c64:5860:e3e3 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5343D3EF-1F7B-4062-9346-5F076558F7A9&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2v727TdE2uUcFhtNM.Ch6nRxCiuav5A-~A&gdpr=0&gdpr_consent=

0
260 B

2805ms
161ms

Image
text/plain

104.36.113.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2v727TdE2uUcFhtNM.Ch6nRxCiuav5A-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.24 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:27:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2v727TdE2uUcFhtNM.Ch6nRxCiuav5A-~A&gdpr=0&gdpr_consent=
date: Sun, 03 Apr 2022 13:01:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5698409636443220784&gdpr=0&gdpr_consent=

42 B
543 B

2800ms
158ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5698409636443220784&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:17:35 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug019:0:395
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:23 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b7a44dfd-6458-4f9c-82bb-5b92d018005c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5698409636443220784&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2a77ae06-b34e-11ec-a023-a3a88443b67e&gdpr=0&gdpr_consent=

1 B
406 B

2419ms
164ms

Image
text/html

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2a77ae06-b34e-11ec-a023-a3a88443b67e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:17:06 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug007:0:380
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2a77ae06-b34e-11ec-a023-a3a88443b67e&gdpr=0&gdpr_consent=
Date: Sun, 03 Apr 2022 13:01:23 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 2a77ae07-b34e-11ec-a023-a3a88443b67e

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6F28 0
191 B 28ms
22ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6F28 0
104 B 356ms
68ms Image
text/plain 2a02:fa8:8806:13::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5343D3EF-1F7B-4062-9346-5F076558F7A9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4900010621356501637

42 B
392 B

2951ms
314ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4900010621356501637
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:17:00 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug012:0:433
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4900010621356501637
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0w9JStxcRBfIWB9FhwhQFdQOGRXIXEhCgFiUcMJf

42 B
471 B

2806ms
159ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0w9JStxcRBfIWB9FhwhQFdQOGRXIXEhCgFiUcMJf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 05:58:09 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug025:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 13:01:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0w9JStxcRBfIWB9FhwhQFdQOGRXIXEhCgFiUcMJf
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077721058782643&expires=30&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd=

1 B
258 B

2869ms
313ms

Image
text/html

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:17:06 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug007:0:290
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bbce85a5-ad90-4548-b9b3-9ec5e7b142fa&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 03 Apr 2022 13:01:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 6F28
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_EDC04FC5_2E058805&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

126ms
126ms

Image
image/gif

38.67.14.233

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638

Protocol

HTTP/1.1

Server

38.67.14.233 -, , ASN (),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-331977686; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:25 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-331977686; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Sun, 03 Apr 2022 05:32:42 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug023:0:454
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6F28
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5698409636443220784

42 B
186 B

2705ms
314ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5698409636443220784
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:17:20 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug008:0:400
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 03 Apr 2022 13:01:24 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 334d07dd-95c4-46d4-9f23-83f47a9c9797
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5698409636443220784
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6F28 0
47 B 2567ms
160ms Script
text/plain 104.36.113.24

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160638&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.24 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:01:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: patoshoje.com.br
URL: https://patoshoje.com.br/service-worker.js

Domain: sync.0rx.io
URL: https://sync.0rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

105 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
patoshoje.com.br/	1970-01-20 10:47:20	Name: csrftoken Value: eOw9qAXs2neWjP1iqui9FdISUm7xl5AOJVL6Xo9ynzjKSNqIAREklFHHGkCYcAgZ
.mgid.com/	1970-01-20 02:03:12	Name: __cf_bm Value: Iw91szZGifP1cqESYErMFKrZsSVx33z8pUOIj8EG.Kk-1648990877-0-AVVVLNfxK3NLSd6Gt/rpm8tTwo1gIMOcxz/+CofZLPgEQkNuBkLqUxWB7alRtvH7QFel3MKV86z7RwqLqnAH3Ng=
.patoshoje.com.br/	1970-01-20 19:34:22	Name: _ga_91Q2CWDTF5 Value: GS1.1.1648990876.1.0.1648990876.0
.patoshoje.com.br/	1970-01-20 19:34:22	Name: _ga_R04Q4RCJ1D Value: GS1.1.1648990876.1.0.1648990876.0
patoshoje.com.br/	1970-01-20 02:03:12	Name: tt_c_vmt Value: 1648990877
patoshoje.com.br/	1970-01-20 02:03:12	Name: tt_c_c Value: direct
patoshoje.com.br/	1970-01-20 02:03:12	Name: tt_c_s Value: direct
patoshoje.com.br/	1970-01-20 02:03:12	Name: tt_c_m Value: direct
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 15:22:22	Name: E Value: AFmmgc1PLQSoW70j
.scorecardresearch.com/	1970-01-20 19:19:58	Name: UID Value: 141be1c809f5d8ed1a392431648990877
patoshoje.com.br/	1970-01-20 19:19:58	Name: _ttuu.s Value: 1648990877193
.patoshoje.com.br/	1970-01-20 19:34:22	Name: _ga Value: GA1.3.860023652.1648990877
.patoshoje.com.br/	1970-01-20 02:04:37	Name: _gid Value: GA1.3.1846552929.1648990877
.patoshoje.com.br/	1970-01-20 02:03:10	Name: _gat_gtag_UA_20473477_1 Value: 1
.patoshoje.com.br/	1970-01-20 02:03:10	Name: _gat_gtag_UA_206735560_5 Value: 1
.rubiconproject.com/	1970-01-20 10:48:46	Name: khaos Value: L1JALCIO-18-KU5X
.rubiconproject.com/	1970-01-20 10:48:46	Name: audit Value: 1\|hLZGFuTafB0aOFCopRZH2j5APvdogVCbaTd6KyMQnat7y9GyzaExIfvgJh1RsulFsuCv26jvXW5UBDfJxG8cIOBxGCOXoSK1DMMhIuR/nHPc6UO785F0Pw==
.quantserve.com/	1970-01-20 11:33:25	Name: mc Value: 62499a9d-eb6b5-f13df-a51ee
.tt-11953-9.seg.t.tailtarget.com/	1970-01-20 02:46:22	Name: trk Value: o06crd5DDmhg2JrHYXxB8FdciCujUruT5qr8568QRoA=
.t.tailtarget.com/	1970-01-20 02:06:03	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-20 10:48:46	Name: u Value: fwAAAWJJmp0nXwa3BXskAgB=
.patoshoje.com.br/	1970-01-20 11:27:39	Name: __qca Value: P0-2126807459-1648990877248
patoshoje.com.br/	1970-01-20 10:48:46	Name: tt.u Value: 0100007F9D9A4962B7065F2702247B05
.webspectator.com/	1970-02-17 05:01:44	Name: ___ws_gid Value: 0F4B06E2D183D728
.patoshoje.com.br/	1970-01-20 02:03:12	Name: ___ws_ses Value: 0F4B06E2D183D728.1
.patoshoje.com.br/	1969-12-31 23:59:59	Name: ___ws-sr Value:
.patoshoje.com.br/	1970-01-20 06:22:22	Name: ___ws_vis Value: 0F4B06E2D183D728.1648990878150
.patoshoje.com.br/	1970-01-20 02:03:12	Name: ___ws_ses_sec Value: 5728:1648990878150
.patoshoje.com.br/	1970-01-20 06:22:22	Name: ___ws_vis_sec Value: 5728:1648990878150
.t.tailtarget.com/	1970-01-20 02:46:22	Name: ttbprf Value: _frankfurt am main_hesse_de_1648990878438_3117783977
.t.tailtarget.com/	1970-01-20 02:03:12	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 02:46:22	Name: ttnprf Value:
patoshoje.com.br/	1970-01-20 02:04:37	Name: tt.nprf Value:
patoshoje.com.br/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1274524%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648990877920%7D%7D
.adnxs.com/	1970-01-20 04:12:46	Name: uuid2 Value: 5698409636443220784
.tt-11953-9.seg.t.tailtarget.com/	1970-01-20 02:03:14	Name: ttca Value: _1648990878
.360yield.com/	1970-01-20 04:12:46	Name: tuuid Value: fd0ce317-8db8-4de2-9b8f-f4ab0d10d098
.360yield.com/	1970-01-20 04:12:46	Name: tuuid_lu Value: 1648990878
patoshoje.com.br/	1970-01-20 02:03:12	Name: ___ws_d_st Value: {}
patoshoje.com.br/	1970-01-20 02:03:11	Name: ws-refr Value: https://patoshoje.com.br/
a-prebid.vidoomy.com/	1970-01-20 04:12:46	Name: SSCookie Value: 1
.vidoomy.com/	1970-01-20 04:12:46	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiJmZDBjZTMxNy04ZGI4LTRkZTItOWI4Zi1mNGFiMGQxMGQwOTgiLCJleHBpcmVzIjoiMjAyMi0wNC0xN1QxMzowMToxOC44MTU3MTUwNjRaIn19LCJiZGF5IjoiMjAyMi0wNC0wM1QxMzowMToxOC44MTU3MDg3MDhaIn0=
.bidswitch.net/	1970-01-20 10:48:46	Name: tuuid Value: bbce85a5-ad90-4548-b9b3-9ec5e7b142fa
.bidswitch.net/	1970-01-20 10:48:46	Name: c Value: 1648990878
.bidswitch.net/	1970-01-20 10:48:46	Name: tuuid_lu Value: 1648990878
.t.tailtarget.com/	1970-01-20 02:46:22	Name: n Value: 1648990878
.retargetly.com/	1970-01-20 06:22:22	Name: _rlid Value: 2dc17650-c92c-4a8c-9f13-7fed3efb7695
.yahoo.com/	1970-01-20 10:49:08	Name: A3 Value: d=AQABBJ-aSWICEKuUo5mzYUBNt4SqWaT4lewFEgEBAQHsSmJTYgAAAAAA_eMAAA&S=AQAAAplAK7tPWxN0uHfL2xf6uOM
.vidoomy.com/	1970-01-20 10:48:46	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImJiY2U4NWE1LWFkOTAtNDU0OC1iOWIzLTllYzVlN2IxNDJmYSIsImV4cGlyZXMiOjE2NTE1ODI4Nzl9LCJZQUgiOnsidWlkIjoieS1BblFmc0U5RTJ1RlExTXdJb2M4ZlpZUGFPQS5sNHhSZFc1OGxNam8tfkEiLCJleHBpcmVzIjoxNjUxNTgyODc5fX19
.adsrvr.org/	1970-01-20 10:48:46	Name: TDID Value: 6fbb4d95-bc42-48c3-af9d-be9d303a9c0f
.doubleclick.net/	1970-01-20 11:24:46	Name: IDE Value: AHWqTUlcOGrDl7oswdmAyLh0dC8zYjQz039vzSYLPg774B-gRtFBjwkds8-UMwE2xlE
.tapad.com/	1970-01-20 03:29:34	Name: TapAd_TS Value: 1648990879329
.tapad.com/	1970-01-20 03:29:34	Name: TapAd_DID Value: efc86151-08a0-495b-bb21-357a65257cb6
.tapad.com/	1970-01-20 03:29:34	Name: TapAd_3WAY_SYNCS Value:
.smartadserver.com/	1970-01-20 11:31:58	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 11:31:58	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/	1970-01-20 11:31:58	Name: pid Value: 6574944955898817877
.groovinads.com/	1970-01-20 09:15:10	Name: GRV_IDU Value: 1648990881168850
.groovinads.com/	1970-01-20 02:17:34	Name: GRV_RT Value: 2dc17650-c92c-4a8c-9f13-7fed3efb7695
patoshoje.com.br/	1969-12-31 23:59:59	Name: ortcsession-w5tlOg-s Value: 7c3109294c49e9b8
.pubmatic.com/	1970-01-20 02:04:37	Name: KTPCACOOKIE Value: YES
patoshoje.com.br/	1970-01-20 02:03:12	Name: ortcsession-w5tlOg Value: 7c3109294c49e9b8
.pubmatic.com/	1970-01-20 04:12:46	Name: KADUSERCOOKIE Value: 5343D3EF-1F7B-4062-9346-5F076558F7A9
.mathtag.com/	1970-01-20 11:29:06	Name: uuid Value: db876249-9a9f-4900-8a51-d80e1cd562e8
.mathtag.com/	1970-01-20 02:46:22	Name: mt_misc Value: mt_bt:1
.mathtag.com/	1970-01-20 02:46:22	Name: mt_mop Value:
.patoshoje.com.br/	1970-01-20 11:24:46	Name: __gads Value: ID=73b5923eb7b55d1a:T=1648990877:S=ALNI_MbtY9xZp6_POPmI1iPaRguPgZ972w
.casalemedia.com/	1970-01-20 04:12:46	Name: CMPS Value: 3274
.adnxs.com/	1970-01-20 04:12:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?]j]:cK!]tbPl1M>e)ZlrFUfJ+tGXxoeaRxZ6a:)TTM[3o9Y<x[UKDJ#LQ<7dJg=oNh3If)y3KL9D3I?+TSvw%?
.casalemedia.com/	1970-01-20 02:04:37	Name: CMST Value: YkmaoWJJmqEA
.casalemedia.com/	1970-01-20 10:48:46	Name: CMID Value: YkmaoAB.KsxwLK80NNDEBAAA
.casalemedia.com/	1970-01-20 04:12:46	Name: CMPRO Value: 1191
.casalemedia.com/	1970-01-20 10:48:46	Name: CMRUM3 Value: 2d62499aa12760CAESEAllesQcM99UQ_dgYFYntq0
.w55c.net/	1970-01-20 11:31:58	Name: wfivefivec Value: 1YRG6hok1NAZR75
.advertising.com/	1970-01-20 10:50:13	Name: APID Value: UP288f3f27-b34e-11ec-a38f-0214991a90ae
.w55c.net/	1970-01-20 02:46:22	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 02:46:22	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 10:48:46	Name: IDSYNC Value: "1971~244d:18wq~244d"
.adform.net/	1970-01-20 03:29:34	Name: uid Value: 4900010621356501637
.retargetly.com/	1970-01-20 06:22:22	Name: _rlmp1 Value: 2\|\|1648990879&&9\|\|1648990879&&10\|db876249-9a9f-4900-8a51-d80e1cd562e8\|1648990879&&11\|\|1648990879&&13\|6fbb4d95-bc42-48c3-af9d-be9d303a9c0f\|1648990879&&14\|5343D3EF-1F7B-4062-9346-5F076558F7A9\|1648990879&&15\|\|1648990879&&22\|\|1648990879&&23\|\|1648990879&&24\|\|1648990879&&27\|\|1648990879&&39\|\|1648990879&&51\|\|1648990879&&63\|\|1648990879
.zeotap.com/	1970-01-20 10:48:46	Name: zc Value: adb8bac5-2590-45e2-7600-1e414633e17e
.zeotap.com/	1970-01-20 02:04:37	Name: zsc Value: %EF%E7b%B6c%1558%0C%E7%3D%AEk%10%BC%3A5mb%B5%A6X%3A%05%A2%F7%AC8z%FCg%16%3FD%81%1E%7Be%EC%B4%B5%01d%82%DF%8DJ%AF%17c%0Dd%B5%DB%A3%07%CE%5E%94%24%23%9B%AC%CAN%AB%BF%ED%F57%FA%83y%01%2Co%CF%D1w%EE%E2%12%B8%F8%08%06%9F%E5%3D%FCR%B2%80R%7F%F8%E2%CA-E%F7%08y%1D%0FPm%0D%BA%A8%B9%1Bn%D5%B7%BC%95%F1gRSc%11%9A%98%C0%FD%87%D7O%0A%D9%B4%EEO%09%AB%A6B%EAsp%0A%EES%90z%95M%09%3E%B3%C0i%13%26%EA%EF0%25N%94%82q%DB%5Dd%23
.adsrvr.org/	1970-01-20 10:48:46	Name: TDCPM Value: CAEYASABKAIyCwisua2Bmd_KOhAFOAFaBzJ4bGdyemxgAg..
.crwdcntrl.net/	1970-01-20 08:31:59	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 08:31:59	Name: _cc_id Value: cd94e7085606016511c9509e159a4e6b
.adfarm1.adition.com/	1970-01-20 04:12:46	Name: UserID1 Value: 7082361905309218965
.theadex.com/	1970-01-20 04:12:46	Name: axd Value: 4290339447151993424
.theadex.com/	1970-01-20 02:13:15	Name: tis_KgL Value: KgLeAvIw
.agkn.com/	1970-01-20 10:48:46	Name: ab Value: 0001%3AT%2BJ15o13N%2BmHx%2F16ponJOovGFJqAne%2FQ
.richaudience.com/	1970-01-20 04:12:46	Name: avcid-zeo-uid Value: adb8bac5-2590-45e2-7600-1e414633e17e
.weborama.fr/	1970-01-20 11:29:06	Name: AFFICHE_W Value: Ygm47toVVBhi74
.demdex.net/	1970-01-20 06:22:22	Name: demdex Value: 28466053799357499081557241470518043606
.krxd.net/	1970-01-20 06:22:22	Name: _kuid_ Value: OwZ_GJcB
.dpm.demdex.net/	1970-01-20 06:22:22	Name: dpm Value: 28466053799357499081557241470518043606
.everesttech.net/	1970-01-20 10:48:46	Name: everest_g_v2 Value: g_surferid~YkmaoQAR2bamIAAy
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:35:04	Name: bcookie Value: "v=2&0f355f4f-bcd6-4252-8d4f-d42fdf7bf8f8"
.linkedin.com/	1970-01-20 19:26:09	Name: li_gc Value: MTswOzE2NDg5OTA4ODE7MjswMjHSdp/H/9/mZ2YP6vV05KXTVO8Y/TIlPq0SawzCRwbQ7A==
.linkedin.com/	1970-01-20 02:04:37	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2316:u=1:x=1:i=1648990881:t=1649077281:v=2:sig=AQF-Z9QHeHT81-9pSHnN8Q0snodgFTKb"
.tidaltv.com/	1970-01-20 10:48:46	Name: tidal_ttid Value: 6507910e-9703-43f3-a04e-c21dbe659e39
.tidaltv.com/	1970-01-20 10:48:46	Name: sync-his Value: "H4sIAAAAAAAAADM0NjA3szK0MAIA2TELLgkAAAA="
.amazon-adsystem.com/	1970-01-22 00:00:46	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 08:36:18	Name: ad-id Value: A7d5zLmLs0kZitT3auxuB3I
.fwmrm.net/	1970-01-20 06:22:22	Name: _uid Value: "e3f84_7082361909592305030"

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rt.idx.lat/idx/ Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=adb8bac5-2590-45e2-7600-1e414633e17e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=adb8bac5-2590-45e2-7600-1e414633e17e&reqId=a2b6055e-3928-4ef1-54cf-5c77935a5212&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.0rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=5343D3EF-1F7B-4062-9346-5F076558F7A9 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23f6bca3363c6d96cb17a4525c9aad4f.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads01.groovinads.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.retargetly.com
app.retargetly.com
b.t.tailtarget.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
c.mgid.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.jsdelivr.net
cdn.mgid.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
contextual.media.net
d.tailtarget.com
d.vidoomy.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
docker.creative-serving.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id.rlcdn.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jsc.mgid.com
loadeu.exelator.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
msgws.webspectator.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
patoshoje.com.br
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
resources-rt.idx.lat
rt.idx.lat
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.0rx.io
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.teads.tv
sync.tidaltv.com
t.tailtarget.com
tagmanager.alright.network
tags.bluekai.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tt-11953-9.seg.t.tailtarget.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
usermatch.krxd.net
vpaid.vidoomy.com
warp.media.net
webservices.webspectator.com
wfpscripts.webspectator.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
patoshoje.com.br
sync.0rx.io
103.229.206.240
104.19.134.78
104.19.136.78
104.21.70.108
104.36.113.107
104.36.113.23
104.36.113.24
104.45.178.220
104.90.192.27
104.92.106.130
108.157.4.117
108.157.4.15
138.201.8.249
142.250.186.162
142.250.186.66
142.250.74.194
151.1.205.165
151.101.194.49
154.59.122.79
157.90.167.185
169.50.137.184
172.67.23.236
176.34.153.222
178.250.2.151
18.156.0.31
18.185.167.9
18.192.130.236
18.196.142.162
18.198.126.47
18.66.248.72
184.87.212.24
185.15.245.81
185.33.220.244
185.33.223.38
185.86.137.131
185.86.137.132
185.86.138.121
185.86.139.104
193.0.160.129
198.148.27.139
2.18.233.201
2.20.157.2
2.20.157.55
2001:678:cb4:bbbb::11
204.237.133.116
212.82.100.182
213.19.147.45
23.205.235.133
23.55.23.233
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2600:9000:2315:3400:6:44e3:f8c0:93a1
2600:9000:2315:ec00:3:7e1c:5b40:93a1
2602:803:c004:200::143
2606:4700:10::6816:108d
2606:4700:10::6816:4acb
2606:4700:10::ac43:db6
2606:4700:20::681a:9a9
2606:4700::6810:5614
2606:4700::6812:372
2606:4700::6812:d05
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:21::14
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:6ea0:c700::10
2a02:fa8:8806:13::1370
2a04:4e42:600::300
2a05:d018:24:b001:8602:c81a:97ba:276d
2a05:d018:d29:3602:d715:9c64:5860:e3e3
3.120.1.163
3.121.94.129
3.211.130.57
3.65.142.105
34.102.185.99
34.102.253.54
34.107.148.139
34.192.67.210
34.203.25.60
34.234.140.75
35.157.246.167
35.178.150.13
35.201.123.184
35.201.81.244
35.227.248.159
35.227.252.103
35.244.174.68
35.71.131.137
37.157.4.23
37.157.4.39
38.27.122.126
38.67.14.233
38.91.45.7
46.249.52.248
51.89.9.251
52.0.134.127
52.1.252.251
52.19.63.143
52.208.103.128
52.212.211.89
52.46.130.91
52.72.71.171
54.220.206.62
54.239.38.253
63.33.77.67
66.155.71.25
69.173.144.138
69.173.144.139
72.251.245.179
85.114.159.118
006069d090e6a67762805d9c51480a15173b4ced41338661d8897633e429088c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0133490a55e15332db76bd206213d985c0473769a8978058980a3e115a7f4daf
017f5d0d36f22ed3afbb639c61ef1bb4a75010d6562345e0ec22eadc3ea7ed0a
02519b92ffab6c131a0bdc70fe813e99592841173b6ce42288351234ca7ed791
05b18edc49d3ce96b8181a7524a75d2a01f546baada6916a957bda90e5b49ec3
092e091d9fe16d5f6e33ed136fe9a4bd56ae6aaa4ae4aea9f9a05d611df83c6d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7f8182dad7b31ce6eb8073962d94b8a89d03d2ee0367beea94adf753e5becb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d69598ad9a514509113e09f8742acc83999110bc1a174487406b5062a800204
0d7960ddcfce97273faf82abce5921039d78c9acac3b8360ee1a814f70915be6
0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67
15834fbb524ed7834573fd710ff6d391d582f195895ef7c7935929f39c9895da
17a38b4165c7798a5e67133b6bcfd8575189abc2c45b295d6359c282c58f1b81
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f35d0c705f8f32d14082ea95a54dc5034ff142f28960c6a6d63e608f3da5e7
1e1175a2b17393b6d55fffcccc981fdfef862bffaf141b892886dd8236b6f328
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20a83841170d08cb1fc589083d0d6b6435a641d9a0d78cf5c16a7b9ecd8c7290
22437c677a85fa9a4f80dc5cfbc9ddb273f6e8576c9799ca36c7e4e387b5ce52
24cee3976a1f2d7cba9518a09b980b937e881b2a86c52047e9bcbde42beed3f5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c3616da3e3d44363edde06fb8449df05ebb242d314e6f187956a172caf3ad6
286f86f994ead8f85669f15055b49cff70aeca439a0b8f7b150568c302ae25f6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2dce6282a65f940eb2aba06e29ef0f9a2e849897f78d07e8225d2759b76d52fb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304238f17343b621f358cf5ed137803b1f7636780ba7fbc5c79a11ca96e5d92e
312fd7d22598aa806b0c1ad722a7747cfb634f3fd0b6328a35ff0d34cb6d9b9b
323c12acb753ac8d1035d2a59e5dbef0c9c2b28105f159ac25da0f8017f67729
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ce6b98c2f7a8489a4a20237c52650a3eb3e0d50643984d52afad2a7bf4a7f2
38acb41b68a60231f4367287174ce7ef7d0cb0fb860d7dd7e321d817d446a7db
3c46f5334d12be62825499937b3bb7a9c0106da7c60e9533eee300cc848c0ef9
3c6538f799165cdc1782e352e8d8d4b264d1624f4665e096ad43ba0c0fa36f0b
3cf0dc29e46e0aa146306ff78ec1f6dbae164c50f3c2f17e726a621fadbe1555
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403276fd64b91201777979b05ed63826210f8633fde1f109faf1ea211a2eadc0
406d8c42a0a8d0b2fda0883cf0c21a0c986d8ed7485bb8176bfa86a52438375f
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
46c29b2a0c8c946a8aa862a7614a5d0c173a387a8c822c9e4002f1ae2cfdfe55
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4a6127b4ff6c6f050591c7cc8cacbb81a00ecdad0aad126ac016fa8a241c6b49
4a91bd4ae4ea77d7c1c7a7eb1bd636d4e14177f1429d49e9eaeb502726f3b412
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5d8490394966b91a9ca8b4e7291963a83a2d768d1ba48babaa729270221dcd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2e4aa5db05239da9aa17efe4c808d6e3705844a3d4524a0269635894f5e119
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f84d85482cc6b271b7077d6978b290fa4f6a727801e91e028dace46ad64c065
50059c67014a27acb4e4a31d4d9485510823156a0f44f1c59f4142132f2fbf93
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a28ec07a0e6479dbc74f2040c0448dec81f6a00f2f594c0ee190b4b45dd48d
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
543e4837e05d69d2b85db4c9c63e5491f479c20e49d0c3ca25c02a9f3692f781
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562c0d79515363abe1631a1c850cc8dcb4fafcc52f24f34e0807b34c8afeed0d
5653677b2802eae323d242cdd7fc0307442f96117dce70839b2e2b8214657081
5776cb9ecde4644b2f20288a936cdb7fe24a861b26f04be2c149a5f910d63165
5a27add747a82e9cb776290b1639e64fc6dc96e3b7b0a731b7ac7e40acbe1ea8
5a2ca84549a49db154e7da7270270a9662f798fbf816c598706fdb88f995b2d3
5c06acf31b92825a7b2bd837344406bccbcdbdd47cef9ec572ce0c647b9a4b52
5e2811c9c52811c43fa395031d209a26e30d3e220d98f10c3b549f70c10ae555
5ff5618d47f697dcb4e50f80fd830d72b06b460aa0de7db473c38f6d89db4883
618e4d7cde008e7d06926c2d6bf115a1077173c8e538b1b5f299d5bf563993e7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
62fa0c02f5ad19a2e06511e30d272dbf9b285c306f8f611a1e533847b7fe8fa1
6386bf271a34bec35e52dd9c456e5b36bd66e3e5027998114ef9c8355b7de358
63e11417d77031f7ca3a7deebd2c9c0fd67ed2e2918d5b2ea3d71f907ed8a855
658f91e34b0b81c542296697d1587711cc333f09afb1cbdbf68103f605b71490
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a2c8b881b84d8b2478f5b5cecdb1502a777ae59284989b096298bc91ff6342
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2b03c27bf24fb1b63bb1a80a472668cc384988edcb005fc7d4b4b65c939989
707a3c1024ed19e084cd6ae6b66e43c8919b4e16b87580c0658ad55194f3eec0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
718c900eeb63b14c42838ec19a99ee855ee1157d4732ab584713bca6d82ae58f
7895bff5a75fb627fa4d1fd1669492c6e04ecb11e2637bdf654f134b53fba0e9
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8750cfeab2dba1f04bd325d38ebecf3d7158b61c547b1cf9cc8506aed83a8290
8930ea8306081348a9705f9e3bb75d14ca6a2855ff182a71803556e384946f3c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c662d8bfdc9feebee99e7dc556ea8cb38229d22e794634182e0a3c3f1070701
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9997ea0e986e2be8e745ecca55ffe18023ac0795394b8d816382aaa6b95250
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
94779930883bdf274a126f570939691cfec840662c4c78668e0096bd3f6fb8c4
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2ad2a40f166ded37f7b6b880be086b36960e978aa0cd834ed972353cb8b90f
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9e1a9735f580ee5c95e949e3cd4de29669fc29e1c8cc45b53304b3272cc7523b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ea9cbc946341697213ca125e9ce507bb8d2eb714fc1371665e5d82aef57b13
a36d4f83add2176a3c6243bd57a32a387a1906227e286689530ff878de1994eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac408265c42b9cae1ac6433951e7b786438a381c97d53736e90bb0d4cc976817
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0
b1fc70f5a7b06c546ae49fc60b9388dae8c1fed92b08a228103372897755dacd
b471388eaff3d92236c0dc880554f5e839dfacb525b4f6983435937dbba0ecb5
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
bb1d9018f6ce7a104b7cb966769e573caacc362e6d04a4a4b21c474a357f924c
bd632cc428db4e788a93d8ec822df5f0d148cdd2a805d4bd2c2fe768b3bb41dd
c18a1c91f53d7c573c00e4d994e136cb315c80b91684964be4762c98cfeed27f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c386a73dc3fdcbe3c96812ee6b527b49e4b7f7a420b95756bfd700df3ca75b86
c58dde0dea3757b389cdbe25f232f879a3d83fdbd0149767879f9de04e499b45
c8b76e2e11715d0ce18589d3a21da893abca4dec31857cb3f2d6d27ede9460b2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb848cd511e8bc47175fc406b8e5b969b07f8a930f6905977047037a3fe9126c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ceb156a618120eaede9eb567621ba7fc3bc89334fc7610d22e9829adcbae2cea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03687de8a9f1f810e9ee4b6813f97973483788707d351588fd0286af7929956
d0df8bd9b6651fd43db1c4568ff3d7b6c0c5177d048219e67666d06f922c8bca
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d9a43693e6f37d9b00f66e637a2f3be2b743f033aadf401881d2a7f7da0689dd
db30cc95bca4007a5d1d93c2c9fcc61f468a80471ac0df8c604d1c5408833cba
db8f18a720cc671253187aa4f0aefdf1debff7dfcf8c0bf754bd7dccbf4a87e8
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
e057db9ac605296eb6a3b7795c47acd290fe3b2d8859b53c88a64f8afe8f88e8
e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71
e2cf75e8680813765f1157399ee8499dbafd15b627cd4512e970c59519865284
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f5d2ef84b9869ac4fe5d57eafb4fad768e5b1aa8de3ac6792258ab7a44efdb
e7d0f09a6538d72ce4b7e30c092d9661f11255d29ef032a613c6dc716cbacc38
e8d49e4c9ecffaec121a657747ad3e83b3c16fb3e35bb219dd5fbf070cc3b5b8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb2e78e82066485dd62ad9e5f2f88b9d9877c6ed1a1fddfd724be899569ee31f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecf0b855aed06cdba6fcbdfa58950ead633b7c0cdd9b380b4141acc964f8558d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f342e7773cb9fc082c703dee6e979cb662fb970a29a7831e4640e8cf833076d0
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
f641140872030642762ef0055f47fd87c703f190e724f8413c9bc51b523e6b1b
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f86dc548ccb2ee59c42504610c2995a349208d070c1b9dce262e48a4cb836bd8
fd5aee825e6b73ceb4e6838167db768d76b5b08d4c5029b91706769148c5abe4
ff0c6cdfa465510686fe1bc10ad576ecfca7dbcc246e53354e3cc99fc09720e0

patoshoje.com.br Open in urlscan Pro 104.21.70.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

300 Requests

79 %HTTPS

28 %IPv6

90 Domains

145 Subdomains

94 IPs

10 Countries

3639 kBTransfer

7344 kBSize

105 Cookies

7 Outgoing links

Page URL History

Redirected requests

300 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

patoshoje.com.br Open in urlscan Pro
104.21.70.108 Public Scan

Screenshot
Live screenshot

Full Image

300
Requests

79 %
HTTPS

28 %
IPv6

90
Domains

145
Subdomains

94
IPs

10
Countries

3639 kB
Transfer

7344 kB
Size

105
Cookies

300 HTTP transactions
1 data transactions