urlscan.io logo urlscan.io
SecurityTrails logo

ricmais.com.br Open in urlscan Pro
190.89.238.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ricmais.com.br/
Effective URL: https://ricmais.com.br/
Submission: On April 01 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 10 countries across 57 domains to perform 333 HTTP transactions. The main IP is 190.89.238.77, located in Brazil and belongs to Under Servicos de Internet Ltda, BR. The main domain is ricmais.com.br. The Cisco Umbrella rank of the primary domain is 480171.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 3rd 2021. Valid for: a year.
This is the only time ricmais.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 190.89.239.105 29802 (HVC-AS)
33 190.89.238.77 28209 (Under Ser...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
7 2.18.232.111 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f02... 32934 (FACEBOOK)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
5 187.108.201.249 53107 (EVEO Serv...)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
10 142.250.185.162 15169 (GOOGLE)
3 35.201.123.184 15169 (GOOGLE)
1 108.157.4.121 16509 (AMAZON-02)
4 18.156.195.47 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3.123.205.63 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
4 81.17.55.160 60781 (LEASEWEB-...)
1 54.72.57.179 16509 (AMAZON-02)
2 51.89.9.253 16276 (OVH)
3 14 185.33.221.90 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 34.102.185.99 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 15 172.217.18.98 15169 (GOOGLE)
4 8 69.192.160.245 16625 (AKAMAI-AS)
9 23.35.228.23 16625 (AKAMAI-AS)
1 23.216.77.21 20940 (AKAMAI-ASN1)
1 151.101.193.108 54113 (FASTLY)
3 185.33.220.145 29990 (ASN-APPNEX)
4 143.204.215.128 16509 (AMAZON-02)
3 20 76.223.111.18 16509 (AMAZON-02)
1 1 3.64.18.217 16509 (AMAZON-02)
3 37.157.5.142 198622 (ADFORM)
2 2 18.193.41.238 16509 (AMAZON-02)
2 2 37.157.4.25 198622 (ADFORM)
1 2 3.124.34.143 16509 (AMAZON-02)
3 37.157.5.71 198622 (ADFORM)
1 23.216.77.25 20940 (AKAMAI-ASN1)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 15.197.193.217 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 5 209.54.180.144 16509 (AMAZON-02)
1 1 70.42.32.95 22075 (AS-OUTBRAIN)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
3 69.192.160.186 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 54.75.174.52 16509 (AMAZON-02)
1 1 34.203.25.60 14618 (AMAZON-AES)
2 2 3.124.17.200 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
1 1 52.200.181.105 14618 (AMAZON-AES)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 3 52.94.223.37 16509 (AMAZON-02)
2 3 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.165 26667 (RUBICONPR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.18.232.7 16625 (AKAMAI-AS)
4 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 104.111.242.245 16625 (AKAMAI-AS)
4 2600:9000:205... 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
3 44.239.182.76 16509 (AMAZON-02)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 52.6.241.167 ()
1 35.172.120.178 ()
1 204.237.133.116 ()
1 52.57.177.81 ()
3 2a00:1450:400... ()
1 37.252.167.215 ()
333 81
18    190.89.239.105 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us117.serverdo.in
www.ricmais.com.br
static.ricmais.com.br
33    190.89.238.77 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br37.serverdo.in
ricmais.com.br
4    2606:4700:20::ac43:4a70 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
8    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2.18.232.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-111.deploy.static.akamaitechnologies.com
sc.r7.com
barra.r7.com
cms-media-api.r7.com
snippets.r7.com
scs.r7.com
adv.r7.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
static.premiumads.com.br
5    187.108.201.249 (Brazil)

ASN53107 (EVEO Servicos de Internet Ltda., BR)
PTR: publico-31.enviou.net.br
www.netdeal.com.br
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
3    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net
sb.scorecardresearch.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    3.123.205.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
4    81.17.55.160 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    54.72.57.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-57-179.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
14    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
17    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
15    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
8    69.192.160.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
9    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
1    23.216.77.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-21.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
4    143.204.215.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-128.fra53.r.cloudfront.net
ib.3lift.com
20    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.64.18.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-18-217.eu-central-1.compute.amazonaws.com
aws-fr.bidswitch.net
3    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    18.193.41.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-41-238.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.124.34.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-34-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    23.216.77.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-25.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2a05:d018:d29:3605:381e:fa43:f4d:caac (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    69.192.160.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-186.deploy.static.akamaitechnologies.com
acdn.adnxs.com
acdn.adnxs-simple.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    54.75.174.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.203.25.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-25-60.compute-1.amazonaws.com
sync.ipredictive.com
2    3.124.17.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-17-200.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
4    2600:9000:2057:e00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
1    2600:9000:214f:e800:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
at.teads.tv
4    2600:9000:2057:4200:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    44.239.182.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-182-76.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
4    2a02:26f0:3500:698::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
3    52.6.241.167 (None, )

ASN- ()
track1.aniview.com
1    35.172.120.178 (None, )

ASN- ()
go1.aniview.com
1    204.237.133.116 (None, )

ASN- ()
hbopenbid.pubmatic.com
1    52.57.177.81 (None, )

ASN- ()
prebid-server.rubiconproject.com
3    2a00:1450:4001:800::200a (None, )

ASN- ()
imasdk.googleapis.com
1    37.252.167.215 (None, )

ASN- ()
rb.adnxs-simple.com
Apex Domain
Subdomains		 Transfer
51 ricmais.com.br
www.ricmais.com.br
ricmais.com.br — Cisco Umbrella Rank: 480171
static.ricmais.com.br
720 KB
35 googlesyndication.com
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
200 KB
35 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
bid.g.doubleclick.net Failed
336 KB
27 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 566
ib.3lift.com — Cisco Umbrella Rank: 1118
eb2.3lift.com — Cisco Umbrella Rank: 325
101 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
cdn.adnxs.com — Cisco Umbrella Rank: 1396
ams1-ib.adnxs.com — Cisco Umbrella Rank: 7100
acdn.adnxs.com — Cisco Umbrella Rank: 560
98 KB
12 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 19501
static.avantisvideo.com — Cisco Umbrella Rank: 21069
cdn1.avantisvideo.com — Cisco Umbrella Rank: 23093
avm.avantisvideo.com — Cisco Umbrella Rank: 20303
events1.avantisvideo.com — Cisco Umbrella Rank: 18613
72 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
eus.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 348
token.rubiconproject.com — Cisco Umbrella Rank: 669
prebid-server.rubiconproject.com
15 KB
10 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 46015
d.tailtarget.com — Cisco Umbrella Rank: 52980
tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 327475
b.t.tailtarget.com — Cisco Umbrella Rank: 46765
cm.t.tailtarget.com — Cisco Umbrella Rank: 6846
t.tailtarget.com — Cisco Umbrella Rank: 6483
90 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
2 KB
9 media.net
contextual.media.net — Cisco Umbrella Rank: 511
warp.media.net — Cisco Umbrella Rank: 2233
lg3.media.net — Cisco Umbrella Rank: 3614
hblg.media.net — Cisco Umbrella Rank: 1522
161 KB
8 aniview.com
play.aniview.com — Cisco Umbrella Rank: 15365
player.aniview.com — Cisco Umbrella Rank: 1841
track1.aniview.com
go1.aniview.com
217 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1196
5 KB
8 adform.net
track.adform.net — Cisco Umbrella Rank: 3843
c1.adform.net — Cisco Umbrella Rank: 571
s1.adform.net — Cisco Umbrella Rank: 8738
205 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
7 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 389
mug.criteo.com — Cisco Umbrella Rank: 2685
8 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
394 KB
7 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1133
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370
cms.analytics.yahoo.com — Cisco Umbrella Rank: 899
2 KB
7 r7.com
sc.r7.com — Cisco Umbrella Rank: 322795
barra.r7.com — Cisco Umbrella Rank: 441669
cms-media-api.r7.com — Cisco Umbrella Rank: 301109
snippets.r7.com — Cisco Umbrella Rank: 310549
scs.r7.com — Cisco Umbrella Rank: 529258
adv.r7.com — Cisco Umbrella Rank: 298830
35 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 22478
usr.navdmp.com — Cisco Umbrella Rank: 26581
cdn.navdmp.com — Cisco Umbrella Rank: 5378
sync2.navdmp.com — Cisco Umbrella Rank: 42943
sync.navdmp.com — Cisco Umbrella Rank: 9101
6 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5640
adservice.google.de — Cisco Umbrella Rank: 8069
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
imasdk.googleapis.com
128 KB
5 bidswitch.net
aws-fr.bidswitch.net — Cisco Umbrella Rank: 13449
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 29537
x.bidswitch.net — Cisco Umbrella Rank: 285
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
173 KB
5 gstatic.com
fonts.gstatic.com
117 KB
5 netdeal.com.br
www.netdeal.com.br
103 KB
5 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 225624
static.premiumads.com.br — Cisco Umbrella Rank: 956723
150 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1328
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
605 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
196 KB
4 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 94652
56 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
108 KB
2 adnxs-simple.com
acdn.adnxs-simple.com
rb.adnxs-simple.com
50 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1194
at.teads.tv — Cisco Umbrella Rank: 7144
5 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 438
pixel.mathtag.com — Cisco Umbrella Rank: 1197
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 575
650 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 813
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
1004 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
844 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
529 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
59 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1458
res-a.akamaihd.net — Cisco Umbrella Rank: 6917
25 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1906
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 pubmatic.com
hbopenbid.pubmatic.com
115 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 599
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 822
589 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1001
462 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 756
412 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 230
594 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1413
465 B
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 10029
176 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 132
1 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 954
73 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 229
7 KB
333 57
Domain Requested by
33 ricmais.com.br ricmais.com.br
20 eb2.3lift.com 3 redirects f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
ib.3lift.com
eb2.3lift.com
tags.premiumads.com.br
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
ricmais.com.br
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
17 static.ricmais.com.br ricmais.com.br
15 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
eb2.3lift.com
14 ib.adnxs.com 3 redirects tags.premiumads.com.br
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
player.aniview.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
ricmais.com.br
tpc.googlesyndication.com
10 securepubads.g.doubleclick.net tags.premiumads.com.br
securepubads.g.doubleclick.net
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
www.googletagservices.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 www.googletagmanager.com ricmais.com.br
tags.t.tailtarget.com
www.googletagmanager.com
7 www.google.com ricmais.com.br
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 s.amazon-adsystem.com 3 redirects eb2.3lift.com
5 contextual.media.net static.premiumads.com.br
contextual.media.net
ricmais.com.br
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
www.googleadservices.com
5 www.googletagservices.com f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
adv.r7.com
5 f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 www.netdeal.com.br ricmais.com.br
www.netdeal.com.br
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 ib.3lift.com static.premiumads.com.br
ib.3lift.com
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net ricmais.com.br
4 prg.smartadserver.com tags.premiumads.com.br
4 c2shb.pubgw.yahoo.com tags.premiumads.com.br
4 www.facebook.com ricmais.com.br
4 www.google.de ricmais.com.br
4 connect.facebook.net ricmais.com.br
connect.facebook.net
4 cdn.privacytools.com.br ricmais.com.br
cdn.privacytools.com.br
3 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
3 track1.aniview.com
3 player.aniview.com cdn.avantisvideo.com
player.aniview.com
3 events1.avantisvideo.com
3 cdn.avantisvideo.com tags.premiumads.com.br
cdn.avantisvideo.com
3 pixel.rubiconproject.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 mug.criteo.com
3 s1.adform.net aws-fr.bidswitch.net
s1.adform.net
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
3 track.adform.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
s1.adform.net
3 ams1-ib.adnxs.com static.premiumads.com.br
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
cdn.adnxs.com
3 s0.2mdn.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
imasdk.googleapis.com
3 tt-9964-3.seg.t.tailtarget.com scs.r7.com
d.tailtarget.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 tlx.3lift.com tags.premiumads.com.br
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
3 fonts.googleapis.com ricmais.com.br
client
3 tags.premiumads.com.br ricmais.com.br
tags.premiumads.com.br
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 sync-tm.everesttech.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 eus.rubiconproject.com tags.premiumads.com.br
eus.rubiconproject.com
2 acdn.adnxs.com tags.premiumads.com.br
acdn.adnxs-simple.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 match.adsrvr.org eb2.3lift.com
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 x.bidswitch.net 1 redirects eb2.3lift.com
2 c1.adform.net 2 redirects
2 aws-fr-sync.bidswitch.net 2 redirects
2 lg3.media.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
ricmais.com.br
2 b.t.tailtarget.com d.tailtarget.com
2 static.premiumads.com.br f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
2 d.tailtarget.com ricmais.com.br
d.tailtarget.com
2 adservice.google.de securepubads.g.doubleclick.net
2 onetag-sys.com tags.premiumads.com.br
2 script.4dex.io tags.premiumads.com.br
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 barra.r7.com ricmais.com.br
1 rb.adnxs-simple.com acdn.adnxs-simple.com
1 acdn.adnxs-simple.com player.aniview.com
1 prebid-server.rubiconproject.com player.aniview.com
1 hbopenbid.pubmatic.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 cms.analytics.yahoo.com
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 at.teads.tv a.teads.tv
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 static.avantisvideo.com cdn.avantisvideo.com
1 a.teads.tv tags.premiumads.com.br
1 id.rlcdn.com
1 sync.mathtag.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 ad.turn.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 t.tailtarget.com
1 cm.t.tailtarget.com
1 res-a.akamaihd.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
1 aws-fr.bidswitch.net 1 redirects
1 hblg.media.net f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
1 cdn.adnxs.com static.premiumads.com.br
1 warp.media.net static.premiumads.com.br
1 qsearch-a.akamaihd.net static.premiumads.com.br
1 adv.r7.com ricmais.com.br
1 scs.r7.com ricmais.com.br
1 www.googleadservices.com www.googletagmanager.com
1 snippets.r7.com sc.r7.com
1 ice.360yield.com tags.premiumads.com.br
1 prebid-us.creativecdn.com tags.premiumads.com.br
1 fastlane.rubiconproject.com tags.premiumads.com.br
1 bidder.criteo.com tags.premiumads.com.br
1 sb.scorecardresearch.com ricmais.com.br
1 tags.t.tailtarget.com ricmais.com.br
1 cms-media-api.r7.com barra.r7.com
1 stats.g.doubleclick.net www.google-analytics.com
1 use.fontawesome.com ricmais.com.br
1 cdnjs.cloudflare.com ricmais.com.br
1 sc.r7.com ricmais.com.br
1 www.ricmais.com.br 1 redirects
0 bid.g.doubleclick.net Failed acdn.adnxs-simple.com
333 116
Subject Issuer Validity Valid
www.ricmais.com.br
Sectigo RSA Domain Validation Secure Server CA		 2021-07-03 -
2022-07-03		 a year crt.sh
static.ricmais.com.br
Sectigo RSA Domain Validation Secure Server CA		 2021-07-03 -
2022-07-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-02 -
2022-10-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.r7.com
DigiCert SHA2 Secure Server CA		 2022-01-02 -
2023-01-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-09 -
2022-04-09		 3 months crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
www.netdeal.com.br
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs-simple.com
GeoTrust RSA CA 2018		 2022-03-14 -
2023-03-25		 a year crt.sh

This page contains 37 frames:

Primary Page: https://ricmais.com.br/
Frame ID: 4F89B2FA5F7EFD360299DA10FE6DDB48
Requests: 185 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 041A5BEA7884084D72071C10C14CA6ED
Requests: 1 HTTP requests in this frame

Frame: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F9C2C58A9B87D695BEE612743FF70D2
Requests: 1 HTTP requests in this frame

Frame: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B30C922575C1D2142CBEDFF736A1650B
Requests: 7 HTTP requests in this frame

Frame: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7EEE13FED32D071830C011410BE1D903
Requests: 14 HTTP requests in this frame

Frame: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A38E1CBD49494CE5E9FFA40027F7159D
Requests: 13 HTTP requests in this frame

Frame: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 581ABAA88DE576947081CFA70EACC59C
Requests: 7 HTTP requests in this frame

Frame: https://scs.r7.com/tailtarget/profiles.js
Frame ID: 96BCBD7FE29B885DFA15642EB862637A
Requests: 2 HTTP requests in this frame

Frame: https://adv.r7.com//script/async?href=https://ricmais.com.br/
Frame ID: 5FDBBC881613694BA7A7CD813FBF8798
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Frame ID: 4DEA2A4384EDC28C546C51F1D7A4C6F2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Frame ID: B160B522E04ADFC736F2603472F09D63
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CABF7C21252D4EEF5D197583D9892638
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C21E0B1EDA2552F84A0A134F696003FE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EB2287E69D18CF7EF856F0ED5889140
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 07D0228E3E48E7949DB205491E3FED5D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Frame ID: 56603AFF31934627F9E8FCE678316043
Requests: 10 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=PremiumAds_RON_Prebid
Frame ID: 223F4A6940F47626863F7E5E9B62157C
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 8882F07A3EBA8E9F95BFB1C843A756BD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C3014%2C97%2C77%2C99%2C56%2C59%2C38%2C182%2C184%2C141%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 1155AF6743BA21A1E12753C37379BB6B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C3014%2C97%2C77%2C99%2C56%2C59%2C38%2C182%2C184%2C141%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 69A53F5243049F8A2BE3F3A61EF4BE0B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3C97DFC75D3ED5BF9CC620EE678F5304
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P_WbtM2lWFbbEY6kM34_Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2;OOBClickTrack=
Frame ID: 18F0EAD04A9F065929535A2052A098B1
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 10C2D61FAD7D8D87696EC64C41B4B3AF
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=77786
Frame ID: E767033A6C8EA3A634A95519D1B533EC
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ricmais.com.br
Frame ID: 477281C4FC5F0C490865515CA25CE52A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 17886A5CBF535A5CB56F3408852F48BB
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B339E2D612E5F854C35798E0AC2B35B9
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 25F37A77541F0A6BFDB3A0E61D795CEA
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648835697091
Frame ID: 0502ED98B06B49A86B5545DB0348153A
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: C153065BA2B7591912A431592216DCBD
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Frame ID: A69920497B609E2C783539B98CB1BBCE
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Frame ID: 57BD130CFF41C7CDD639AC6D5CF2CBA7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D3FF45275D33B3A736860F2FA366B20B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: 7AE6E613E1E72F8B4BCBF3758E3AB766
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: DC76CB41A9D6243A7B7273516705BC00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E40E65D65F026E8A950E2220F4F678DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9BBCA60BA1E55F3748D16DAF5AD7C7ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RIC Mais - Notícias do Grupo RIC (Paraná)

Page URL History Show full URLs

  1. http://www.ricmais.com.br/ HTTP 301
    https://ricmais.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

333
Requests

89 %
HTTPS

37 %
IPv6

57
Domains

116
Subdomains

81
IPs

10
Countries

3975 kB
Transfer

11944 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ricmais.com.br/ HTTP 301
    https://ricmais.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Request Chain 177
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykc8cg3yIt5p2HBIVOEhQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
Request Chain 179
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Request Chain 181
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykc8cg3yIt5p2HBIVOEhQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
Request Chain 183
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Request Chain 230
  • https://aws-fr.bidswitch.net/imp/0.206/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750725_Qrtbwp_R_I_WAUCTION__PRICE_X-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0_Qrtbdata_Rljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ__tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P__WbtM2lWFbbEY6kM34__Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/XTpK6c0fzYZFlgwl2lf_HQ1LuHnerRfBubbwsnl4TRo1SDis-3BnmX2Lnx9okqnQkRRxR_8gAXxXj1sJGBNZO_fwdERPXNW5rlIhwrRwZzRRxJTCkPHLEc7KPA-EOYNLJOZzc9ZIcY_psH-IjlFGhD55_hMAbZaT-F1O8Dh6ESezrDuneqIbGHEOVIGALZ1MJj0FwMZVrAyqxZ9gT-7HyVbs-EP_0kWrd0RS5CWU22Tz_mnS0TV0eTE_xvQzLSaLNBFKDGdzdk3qzaKG2VFmQQS0SP2Ns5abm0TIpI09Y5aV3qO5Gu_UamNbwzge3iviKI3JRniSbA1wziEtX0S1fxxhlySnaJJmR7VWPGRtonlLDbNZ-pSX64KdlWPp5lyWom_4-gDEWxWsscqw_C2W4sGtb2bsu91yxH5JHz_luiE4OhmrYGX-M86dOiiw5Nmc3g_YnTQ2_3pB7PMMvfP_GqbjXdcR4ba3Ga_0ByGz_na-1QHuNprpLsSwxkD1TJ7oXkdeBBLo-Aaf_j-GTWVhKPjd7VngP6Hctz-aJ00sWkQy-FNBn2Gw9kZ4XphAX-EhcqAfRThOb-6kT1sWGx2HRWVlomZUWTqimfQrVQ-v5FtujeskQgPIzbFVdy6aJ8NhRwkbZEJdyUBziMpT2Do9yvFDInjQqm0FYsUPy4F6SR1ecYOCJ0eeKT0FH5wGVzEDo8-pYH7v8Hm8lhlVg1b64TOMxrCO3iNTiseZb65rTJ-UGL-VKBsKBqLTVpadEnB3eunxOzV36rnaAwo4ADqu2Q0jSUcnwTF7G3lMoDoyGiMMaakjqZ-kwzVylG4fm2VCdogeG9PBgyzfdKFDEKCh_X6X9jwHEmFZYbbmfv59VMWGqAd7abgvgWW_mUa6C3zKM4tJmmXhIrgw/ HTTP 302
  • https://track.adform.net/adfscript/?bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P_WbtM2lWFbbEY6kM34_Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2;OOBClickTrack=
Request Chain 231
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2123232730093984153&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAvymlIFM29DNKSI8KpZjnc&google_cver=1&google_ula=862479430,0
Request Chain 251
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
Request Chain 253
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
Request Chain 255
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/948783330268713292486?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D0Vy1nBE2oTmBrkXUuJ5xDp7jrFR9IRbGix7Cd5AjQ--~A&dongle=0883
Request Chain 258
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=948783330268713292486 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=948783330268713292486&dcc=t
Request Chain 259
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 263
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ricmais.com.br&sn=ChromeSyncframe&so=0&topUrl=ricmais.com.br&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=KT-ctHxqRmdSdkdubHkyalpnU3hKaStTMHRxVEU1UXRVWGk5Y2dsbGM0ZitkcXl4YjRVUXpJVDRpTTgweDNmOWxpZlN3dHVwRU5lVElCUXlJK0ZkdjRQdHRqNWswc3NlbTcrK2hzRnBzMjdNYUZHUk83cHlmUGcxRm54T2o4TG5LUVFtWnp5RWVqa0F4dzFUdlE1SXRVQU1CT0RmTlM3VDFmUHc0Q0FDQjdYWlJVeW5Iek84WGFvblFYaCtQSXJ5VmE3MUdqbjFYeFV4SFlKa2NYYWVNS0xXZjVGM3FNR0pSUVUzN3pyUSt4NWdOZnlHLy94V1hMam5XQ3NwOUQ3eWVwU2orR01tZ1hqem05cTVhelBQZmRRSXc2UT09fA&cppv=2
Request Chain 267
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fricmais.com.br%2F&domain=ricmais.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Cf8tEnw2Q0RDMU1wMW9WM01ZYy95cVJhck85Y3pVT0JsVnpTNzJGTjFpRm9YRmhLNjFlbnZ1d21hK0JsS1JicmRKb0hNc2pWbEZIRzBlVFcvQldJcEpzSWQ2ei9XdGc5Um9YcnpuNVIwSStOL3JpOHAxMVQ4QlBtWmk5Q3BHWXFqS2xQVi9mL3YxKzloV0w0aTVWMHNMU2pkcEF2c2J6QTZQYnhuL0dMZHF3QVY3a2tiNmR0c3M1K2pJcjBydUpZSDFBOTRHelcxNTh4Wm5WMFFNK0pXQjc0M3lxY1ZHQitnYy83cGRQTnpDRnhGM1JSNSt4V1ZLU0ovblVpSVRjQnljaCt6bDUvQ3BNYmRUbVhzK0U3TTFKaHB5NHh0R1RaQVN1U1NJUWZiUW5pNENZWT18&cppv=2
Request Chain 273
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2788397559477685773&dongle=d407
Request Chain 276
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAF-zk7EjnkAADVS_J5_DA&dongle=bzwx
Request Chain 277
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=da07d978-b1e4-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Request Chain 278
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=6fcd6d83-befe-4ef0-8f32-7f83c2b98074&dongle=31ac
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=Ykc8dAARZ2OOdAAy HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Ykc8dAARZ2OOdAAy&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ykc8dAARZ2OOdAAy
Request Chain 280
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=905200602991461316&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 281
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f92c3b86-d3ef-4bff-49c5-c3a5cbdbb2a7$ip$45.141.152.68&dongle=4430
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f&dongle=3995&gdpr=1&gdpr_consent=
Request Chain 286
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=locpbDzxT6e4EV1YQXqIdg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=locpbDzxT6e4EV1YQXqIdg
Request Chain 288
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1GQ7A9D-1E-BHLX
Request Chain 289
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0pdbApukTHGNvzTkEUgAxA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0pdbApukTHGNvzTkEUgAxA
Request Chain 290
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFHUTdBOUQtMUUtQkhMWA==
Request Chain 291
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2I5ZDkwY2I2NTJlMWU1MTg1MTdkOTMwODFkMjUyODJhZjY5NzE3ZQ
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Qfr7Cc067xyqqURm1mz6Tcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6599176773678877437
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=70797551082 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=70797551082&google_gid=CAESELot80vURPGA0ACm6owPOFo&google_cver=1
Request Chain 307
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f

333 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ricmais.com.br/
Redirect Chain
  • http://www.ricmais.com.br/
  • https://ricmais.com.br/
204 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
a436161b4133ce535b961cf53a630fa56ff1056670cb53d8045f8cd34fbc1fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 17:54:56 GMT
expires
Fri, 01 Apr 2022 17:55:56 GMT
last-modified
Fri, 01 Apr 2022 17:48:57 GMT
pragma
no-cache
server
nginx/1.20.2
vary
Accept-Encoding Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Fri, 01 Apr 2022 17:54:54 GMT
Location
https://ricmais.com.br/
Server
nginx/1.20.2
8d0434b764a2167c3a37f1e49b012358.css
ricmais.com.br/wp-content/cache/min/1/ 		478 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
33d48170131fd2039b694ad2325f0fff0e9141d54ded55321bdb62308fe7512d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 18:36:41 GMT
server
nginx/1.20.2
etag
W/"622a4539-777d0"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:56 GMT
HurmeFIN1bWide-Medium.woff2
static.ricmais.com.br/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/HurmeFIN1bWide-Medium.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
306954d16de1c789f34afa5f21dd6ce55d7c3599fd8f825e6f922b0893d218b6

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Wed, 01 Jul 2020 19:14:21 GMT
server
nginx/1.20.2
etag
"5efce08d-5e50"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
24144
expires
Fri, 08 Apr 2022 17:54:56 GMT
Ample-Bold.woff2
static.ricmais.com.br/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/Ample-Bold.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7fc5b151e4cfda6a4b3f5ee7a173468c5fafd5ebe8648de4e40f48503d837cd8

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Wed, 01 Jul 2020 19:14:20 GMT
server
nginx/1.20.2
etag
"5efce08c-316c"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
12652
expires
Fri, 08 Apr 2022 17:54:56 GMT
HurmeFIN1a-Bold.woff2
static.ricmais.com.br/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/HurmeFIN1a-Bold.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
fa7b512593d1faa62852c4917f86a476dae718be92f1ca59999e08fd05ce6907

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Wed, 01 Jul 2020 19:14:20 GMT
server
nginx/1.20.2
etag
"5efce08c-5a20"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
23072
expires
Fri, 08 Apr 2022 17:54:56 GMT
HurmeFIN1a-Medium.woff2
static.ricmais.com.br/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/HurmeFIN1a-Medium.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f46ecb430921a486fdefe829af0de888e022ca62df915e7d4fc9abcdd7c8c187

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Wed, 01 Jul 2020 19:14:20 GMT
server
nginx/1.20.2
etag
"5efce08c-5cdc"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
23772
expires
Fri, 08 Apr 2022 17:54:56 GMT
Ample-Medium.woff2
static.ricmais.com.br/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/Ample-Medium.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e8f188d5991b472aad22b8d3aa1fa2c021ebe6baf9ba65cd22f802d1f335ec89

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Wed, 01 Jul 2020 19:14:20 GMT
server
nginx/1.20.2
etag
"5efce08c-2a38"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
10808
expires
Fri, 08 Apr 2022 17:54:56 GMT
wvdw612141.js
cdn.privacytools.com.br/public_api/banner/autoblock/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/autoblock/v2/wvdw612141.js?t=1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48065293e64589b33d9cfedc14fc4bf394570e90c183a912db23605446e9db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 15:04:51 GMT
server
cloudflare
age
96604
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C1IikSXjA7s04VQPnG03xt%2BiNDRTk6Rd9IhQ65oeZY5%2BkJjIOlSwIiOa77QocbP77wLs28WxNQcoNpnH3wlG%2FDR%2B%2BrM4ZI1r9Gt213HdL4pQHyY5dsEpMcRO5mzbCEp4B8eANK0ZVN%2B0ZTlcVjBUxPQuvJ8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f53315b3e5d59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38032183-1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
299048689c196c7dcafdc3280a532e967e679ec771bd075d91e09def26f76d84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38127
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:56 GMT
jquery.min.js
ricmais.com.br/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-15d98"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:56 GMT
jquery-migrate.min.js
ricmais.com.br/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:56 GMT
adPartner.min.js
sc.r7.com/r7/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.r7.com/r7/js/adPartner.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75bbed9465e0357e20a867f3e835fc000e5de508409e85f0f51424b267dd15ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:54:56 GMT
Content-Encoding
gzip
ETag
"2cc9-5cdc7c09301d8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4729
jquery.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/jquery.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:35 GMT
server
nginx/1.20.2
etag
W/"5f6e2adf-1538e"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
bootstrap.min.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/bootstrap.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:35 GMT
server
nginx/1.20.2
etag
W/"5f6e2adf-bf30"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
home.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ 		0
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/home.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Wed, 05 May 2021 18:57:35 GMT
server
nginx/1.20.2
etag
"6092ea9f-0"
vary
Accept
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
0
expires
Fri, 08 Apr 2022 17:54:57 GMT
jquery-ui.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/ 		629 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/jquery-ui.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
91dd5b228e05cf2e795af9e9cba362f6e91a29c620972e547194b51a8b7100f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:35 GMT
server
nginx/1.20.2
etag
W/"5f6e2adf-9d32a"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
main.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/main.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
401e9326dbd59e94387e9096b53e96f551fabb0b26905ed76291c06483a6121d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 17:00:59 GMT
server
nginx/1.20.2
etag
W/"5faebbcb-1671"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
jquery.maskedinput.min.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/jquery.maskedinput.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:35 GMT
server
nginx/1.20.2
etag
W/"5f6e2adf-12fc"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
slick.min.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/ 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/vendor/slick.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
a7433c70c0c27f9ab46ea42d025561349a88c0344faba8c7d261615186799106

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:35 GMT
server
nginx/1.20.2
etag
W/"5f6e2adf-15b7a"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
slick_options.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ 		2 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/slick_options.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
93e4203d9e755f3af24d6800b4629a588b8fac16fad6cea3a76e1eb2473a189e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 15:21:11 GMT
server
nginx/1.20.2
etag
W/"5fdcc8e7-868"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
mask.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ 		448 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/mask.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2fbf3af126d817d4144909558fa5978405da71d1d9cec75ad6734c9cecf63f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:33 GMT
server
nginx/1.20.2
etag
W/"5f6e2add-1c0"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
ajax.js
ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/js/ajax.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
97c88b79a751482a481b67a7981501e9ebe7be62bcad30bed748de21f218ca95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 01:32:08 GMT
server
nginx/1.20.2
etag
W/"5f728e98-1ae4"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1543683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6507
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGQXwDRJY2IhRuFnp2mEhJqzpOhxAVRYY7gZC3Mj9%2BgPmRYH0qTejAZHubkgdhqU3VQjZ%2B1Us%2F%2BAMp0GYj5FFPB%2FMOdb6udRg7K259JwJ8KRhXe1WYrAH2TuRq1gfO1zVED68nt%2FGqmdmsp0m%2Fbrz2ul"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f53315efc9c01fc-ZRH
expires
Wed, 22 Mar 2023 17:54:56 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebe31f021c4f865342a830f2d65c8e6051b778c9c7f54a7ea7a8370a65b43a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UeTknmCzqlL1Zj5OzEh70g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
Vt/Ed962ntE/TT3G3Xfc0HfRCFXq95B6F0SEF0wlAXAKQJA5pWauDLP1KT843/wGOm/LKqTabY8Ach/+pIbEBg==
x-fb-trip-id
917726464
x-fb-content-md5
378a421346d0910b8f00c732dec3938b
x-frame-options
DENY
date
Fri, 01 Apr 2022 17:54:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"66d542e0d6a2fc662ba4509634e837f3"
timing-allow-origin
*
expires
Fri, 01 Apr 2022 18:11:51 GMT
f4c0e542-cfba-4767-a28c-3fa71b1571c7
tags.premiumads.com.br/dfp/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
714b2f8fc0f1428f312da9a7484469925b034cf6384dbd72f496b65e2fde961f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271285
x-powered-by
ASP.NET
last-modified
Tue, 29 Mar 2022 14:33:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMPTn95dB%2F97JDsVWDTW%2BnX6GrDSwH5dGq3CQUXGeTAswKYk2nXjeJMt0zv2S0PKz4fkp5PsXgdLYwrFxHU%2BX5%2FXdebneRX6ZiKZ%2B%2FSQGw4eR9EB3fnz0Lwr9H%2Bgu4YgTHNgA9QocxyZd%2BCupxR7Fk7sSH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
6f53315f49c459b9-MXP
cf-bgj
minify
barra.js
barra.r7.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/barra.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:28 GMT
server
AkamaiNetStorage
etag
"703e196e3c0da18c7b8365fb7bd025d7:1618419748.848626"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=225379
accept-ranges
bytes
content-length
8872
wp-polyfill.min.js
ricmais.com.br/wp-includes/js/dist/vendor/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 23:31:05 GMT
server
nginx/1.20.2
etag
W/"5f371eb9-183ee"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
index.js
ricmais.com.br/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 18:23:00 GMT
server
nginx/1.20.2
etag
W/"61e9a884-25f8"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
core.min.js
ricmais.com.br/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-5133"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
tabs.min.js
ricmais.com.br/wp-includes/js/jquery/ui/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-2e8b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
accordion.min.js
ricmais.com.br/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-21d7"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
imagesloaded.min.js
ricmais.com.br/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 23:25:19 GMT
server
nginx/1.20.2
etag
W/"5f371d5f-15fd"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
masonry.min.js
ricmais.com.br/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 23:25:02 GMT
server
nginx/1.20.2
etag
W/"5f371d4e-5e4a"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
jquery.masonry.min.js
ricmais.com.br/wp-includes/js/jquery/ 		2 KB
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 23:27:25 GMT
server
nginx/1.20.2
etag
W/"5f371ddd-71b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
menu.min.js
ricmais.com.br/wp-includes/js/jquery/ui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/ui/menu.min.js?ver=1.12.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-253b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
dom-ready.min.js
ricmais.com.br/wp-includes/js/dist/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/dist/dom-ready.min.js?ver=eb19f7980f0268577acb5c2da5457de3
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e73356d7f272c8b109ef3b61568f5502c6f6b7fb698d4446364c9a02965f985b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-4c3"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
hooks.min.js
ricmais.com.br/wp-includes/js/dist/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-1b19"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
i18n.min.js
ricmais.com.br/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-27b6"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
a11y.min.js
ricmais.com.br/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/dist/a11y.min.js?ver=5e00de7a43b31bbb9eaf685f089a3903
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
dd69db050945063e092f3020e3f2d74eede936a5f5e723ff941e92d19bb73bfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-be1"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
autocomplete.min.js
ricmais.com.br/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.12.1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-215b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
wp-embed.min.js
ricmais.com.br/wp-includes/js/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 03:46:07 GMT
server
nginx/1.20.2
etag
W/"60ee5dff-592"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
lazyload.min.js
ricmais.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ricmais.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 18:29:47 GMT
server
nginx/1.20.2
etag
W/"61e9aa1b-2063"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
netdeal.js
www.netdeal.com.br/resources/ 		1 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netdeal.com.br/resources/netdeal.js?m=2c6fa9cd-96ab-44dc-bd55-ad2397979c3a
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
187.108.201.249 , Brazil, ASN53107 (EVEO Servicos de Internet Ltda., BR),
Reverse DNS
publico-31.enviou.net.br
Software
Apache/2.4.25 (Debian) /
Resource Hash
938344b0aae263ecc9c186c7f5ab90b10b2d1394f762b13bc8122b8c7a23174b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 15:56:30 GMT
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, must-revalidate
accept-ranges
bytes
content-length
647
wvdw612141.js
cdn.privacytools.com.br/public_api/banner/script/bottom/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/script/bottom/wvdw612141.js?t=1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdca6c6dad0058fa1535632c9545a655f6ab1d63a19672309da564bd17b5b289

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 21:29:00 GMT
server
cloudflare
age
851156
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB2bPMEO2MAkX92eebQ5y5lM1XjgOaUDHvCqmud2fLGWFvXPPRicqegmrQIFiE16luR%2BNdo%2Fme3L8TnCfbdoxWbo9tfImeIW9ZDOqtS%2BsYeTWTzlxuMd3GuX6t3w%2Fn9zbso%2BPClPWz7bBnf0kcrv0F2JOUeR"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cache-control
public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f53315c084659a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700&display=swap
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44d53676506f21bed579062b091f0be4a691ecc3ef84e4dc01d1a87c70e6733a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 17:54:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 17:54:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 17:54:56 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Mono:300,400,500,700&display=swap
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8af3ca0262fce9ac49c9a33de96e1c1fd36d48d1070d76023e0fc41dd380380c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 17:54:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 17:54:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 17:54:56 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDKLVZF
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e9ac99fbe40ef4775c22bc48d42ebd40244116b8ded9408f2af838cce9b7fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42811
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:56 GMT
logo_white.svg
ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/logo_white.svg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
893112444eb6c9c1d685159da5c9cf96c4af46ce77cebff6fcee6ffb87ccb96d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:32 GMT
server
nginx/1.20.2
etag
W/"5f6e2adc-7ec"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
seta_dropdown_header.svg
ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/ 		299 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/seta_dropdown_header.svg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
836d883cd17a9b1eeab42d979dab9bff4758b13dfc807349af016694a039f367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 17:04:14 GMT
server
nginx/1.20.2
etag
W/"5faebc8e-12b"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:44 GMT
x-content-type-options
nosniff
age
166272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18232
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:43:44 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:56 GMT
x-content-type-options
nosniff
age
166260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:43:56 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173489
cf-ray
6f53315f2b9c3744-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73852
x-amz-id-2
nNY5UFWoyskKKQK1NIQDL5oOGs1KWVGtLhbxIOtGHbGqE709qs38DzsZvKNaRz3pjiKgybAJ23I=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptGYhEM6pMO5JTv7DITlKJ7xv4uNNbrz2az87cn%2F1b4C3telkQMtUxnpPArZqRji3h%2Bf5liqT%2Bo9G9h7FNeOMLnA0tINW95d%2Bxz0GiDOesE3E2sjNBHBmtS1Ljls%2FXPg07g81GXx7oKFv1%2BQYBSuPwWF"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ZYGJ8FHR7AZ6T5NP
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:25:09 GMT
x-content-type-options
nosniff
age
59387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:25:09 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
play.svg
ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/ 		529 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ricmais.com.br/wp-content/themes/ricmais_2020/assets/img/play.svg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.77 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br37.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e1dc442c1f428a40dc13733e89246fd0d99571fa2f6d76ffbbc6031389d5f040

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 17:37:33 GMT
server
nginx/1.20.2
etag
W/"5f6e2add-211"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Fri, 08 Apr 2022 17:54:57 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 00:08:18 GMT
x-content-type-options
nosniff
age
150398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19200
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 31 Mar 2023 00:08:18 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38032183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6610
date
Fri, 01 Apr 2022 16:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Apr 2022 18:04:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26313
x-xss-protection
0
pragma
public
x-fb-debug
yMNVT7TWeA0d2Y4TCjIRDqDckAbmrM4Rjvtdo0Eeq30GWEbAjZgVv2uNPP4y9d+IR2hF9R6dHE1BOQAuGqGGwg==
x-frame-options
DENY
date
Fri, 01 Apr 2022 17:54:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1230107972&t=pageview&_s=1&dl=https%3A%2F%2Fricmais.com.br%2F&ul=en-us&de=UTF-8&dt=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=574072907&gjid=1636968725&cid=702413586.1648835697&tid=UA-38032183-1&_gid=1121743024.1648835697&_r=1&gtm=2ou3u0&cd1=noticia&cd2=&cd3=2020-04-16&cd4=2022-04-01&cd5=&cd6=&cd7=Reda%C3%A7%C3%A3o%20RIC%20Mais&z=620238626
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
663334520774510
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/663334520774510?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab9c2ce090d7cbe8b897f15304c610a622465a8a94a661f7d15048598bea7484
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
KqS+fY01y3ljDLH86/eEH89o4pw8TSvB+QDzQYbCaK0ZKAHxCp0zuX3iCHOys8pCc7eO8fQTdeZg9qpDIPl/zA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Apr 2022 17:54:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38032183-1&cid=702413586.1648835697&jid=574072907&gjid=1636968725&_gid=1121743024.1648835697&_u=YEBAAUAAAAAAAC~&z=775541723
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Apr 2022 17:54:56 GMT
content-type
text/plain
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38032183-1&cid=702413586.1648835697&jid=574072907&_u=YEBAAUAAAAAAAC~&z=454668713
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38032183-1&cid=702413586.1648835697&jid=574072907&_u=YEBAAUAAAAAAAC~&z=454668713
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=663334520774510&ev=PageView&dl=https%3A%2F%2Fricmais.com.br%2F&rl=&if=false&ts=1648835696777&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1648835696776.1788250038&it=1648835696672&coo=false&exp=p0&rqm=GET
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 01 Apr 2022 17:54:56 GMT
sdk.js
connect.facebook.net/pt_BR/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=f292db736cfcf6960ab55c3111f32035
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d903605db7deeaa8b31fdd665945d3126fe1e33d47978499df23df4f6d416a9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4b0vXyMEncp0vX9npFoqOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 01 Apr 2023 17:23:49 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82772
x-fb-rlafr
0
x-fb-debug
m8iBILA2jDIIWKD4ICUhgFwxxW/Wdd3DWtfXXM/WgCPZjp4XtrNPqXtRVrb+OSc3PccEb4qhdLinfpkagl/CnA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8da2e0cd8a5529cd717759273120db51
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 17:54:56 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"83dc6c70a965573904267b3eae94b8e1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pbjs-min.js
tags.premiumads.com.br/scripts/ 		340 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
af9cc8680c2a103d0cbc601fa171ac82ba8489fe93b576a6e1c9a99ccb59b6ee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
974457
x-powered-by
ASP.NET
strict-transport-security
max-age=2592000
last-modified
Fri, 18 Mar 2022 06:09:56 GMT
server
cloudflare
etag
W/"1d83a8eca3f5d0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqELfP2GvkUVgsbgcXMR6qdlbwQ81DMEXr6pW3CB0cDZ9xYMLVA7ZkyNvCDJKM4exKoOryibatP%2FtCSsxON5KGsQD69px6OlAX2X4FCPOudIU7ems6817LlcGJ2Ic%2BmC%2FCNbJWwC7M8n1tt5IauC3iyXRdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
6f5331611ed159b9-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28182
x-xss-protection
0
server
sffe
etag
"1174 / 697 of 1000 / last-modified: 1648811202"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Apr 2022 17:54:56 GMT
p_icons_3.png
tags.premiumads.com.br/Content/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.premiumads.com.br/Content/p_icons_3.png
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
974455
x-powered-by
ASP.NET
strict-transport-security
max-age=2592000
content-length
12013
last-modified
Fri, 18 Mar 2022 06:09:56 GMT
server
cloudflare
etag
"1d83a8eca3a3ced"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axBhOaRUXhX%2F98c9uXSycx3H6U9Wv0C1U%2BX4yut%2FhUWRxXz5zZNGF3DKZUZp4AZ7ujrFzqEoymMrXkrIf5LOhBjY9FKOPUeOO%2Bv3YwRPfrIZUI%2BuXW7nc8EGdm4%2BS5qwaYU4zIJpZ9iJki4ena8kXSTTAOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f5331612ee959b9-MXP
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		5 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e45512e6a8849091f2b483d2e2698b1dc9d29f4b479562886f92119048843cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 17:37:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 17:54:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 17:54:56 GMT
58ee86211d42061afb000002
cms-media-api.r7.com/menu/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cms-media-api.r7.com/menu/58ee86211d42061afb000002
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36378e17555f7897039ac0bb8d9db4cf97f3b965c14fbd0d192af7b22689713a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:54:56 GMT
Content-Encoding
gzip
ETag
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4267
t3m.js
tags.t.tailtarget.com/ 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
1d7dcbdf573cfe4386abf5cbcebc97caabfd23715785619cba12f51e949c7980

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:01:07 GMT
via
1.1 google
x-goog-stored-content-length
21157
age
3229
x-guploader-uploadid
ADPycds4KiAja62sgtng4bzO0WOPnNWaHtFURfwTm84DStbtaV9VqTvZaQ7BcTTpvJ-yXFy3p5iuFJxbSXO_zLYQ6v4
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74835
last-modified
Fri, 07 Jan 2022 13:30:42 GMT
server
nginx/1.8.1
vary
Accept-Encoding, Accept-Encoding
x-goog-hash
md5=KHSHX9F+D78JPyvjW9rdCA==
x-goog-generation
1641562242805520
cache-control
max-age=7200,public
warning
214 UploadServer gunzipped
content-type
application/javascript
expires
Fri, 01 Apr 2022 19:01:07 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 02:28:29 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
55592
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
aTTcbQD_ojBjjk8phNTUwysbKyumMUDaJjLIiRWIuJQY9oTPOKFbRA==
tagreuters.com2022binary_LYNXNPEI3028K-BASEIMAGE.jpg
static.ricmais.com.br/uploads/Reuters_Direct_Media/BrazilOnlineReportTopNews/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI3028K-BASEIMAGE.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
492ea816580b6269c001a4a56bb3a70fccfc5554551ff1d4a95afd2bb522827c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 17:31:03 GMT
server
nginx/1.20.2
etag
"624736d7-12b2a"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
76586
expires
Fri, 08 Apr 2022 17:54:57 GMT
covid-vacina-gripe-sabado.jpg
static.ricmais.com.br/uploads/2022/04/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/covid-vacina-gripe-sabado.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
a111c5ad56a37b159b5d36c1b49379fa17079a21ed1c9370ab11220eef9022eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 17:28:02 GMT
server
nginx/1.20.2
etag
"62473622-6b50"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
27472
expires
Fri, 08 Apr 2022 17:54:57 GMT
video-trote-ufpr-palotina-creolina-1067x600.jpeg
static.ricmais.com.br/uploads/2022/04/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/video-trote-ufpr-palotina-creolina-1067x600.jpeg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3ab5b6ecec51aaaa253e30fa23b09f5a1bbf932f168752dd1a8b4a66062327ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 14:56:59 GMT
server
nginx/1.20.2
etag
"624712bb-79a2"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
31138
expires
Fri, 08 Apr 2022 17:54:57 GMT
marcia-huculak-candidata-deputada-150x150.png
static.ricmais.com.br/uploads/2022/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/marcia-huculak-candidata-deputada-150x150.png
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
dc29f5193a688aad285871f68e37e37982602243e563056551cc4f0a4fee1207

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 15:48:01 GMT
server
nginx/1.20.2
etag
"62471eb1-d14"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
3348
expires
Fri, 08 Apr 2022 17:54:57 GMT
parana-imuniza-covid-150x150.jpg
static.ricmais.com.br/uploads/2022/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/parana-imuniza-covid-150x150.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
bc6e0b16425d67244be12fc4828112004f717e3267738490d0044493d3db2a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 15:30:02 GMT
server
nginx/1.20.2
etag
"62471a7a-e56"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
3670
expires
Fri, 08 Apr 2022 17:54:57 GMT
onibus-acidente-sapopema-150x150.jpeg
static.ricmais.com.br/uploads/2022/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/onibus-acidente-sapopema-150x150.jpeg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8fac2e8fbce9dc297dbc5c9fa7e64c41d8be05df0bc0340eadd01e167f74b927

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 13:27:28 GMT
server
nginx/1.20.2
etag
"6246fdc0-2404"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
9220
expires
Fri, 08 Apr 2022 17:54:57 GMT
mulher-morta-onibus-150x150.jpg
static.ricmais.com.br/uploads/2022/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/mulher-morta-onibus-150x150.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9bd18123f031f83e1291e02875c710cfe37fd805a22d1d47fc9dc2031741ca09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 17:08:02 GMT
server
nginx/1.20.2
etag
"62473172-8fe"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
2302
expires
Fri, 08 Apr 2022 17:54:57 GMT
jasson-goulart-bg-curitiba-01-04-255x142.jpeg
static.ricmais.com.br/uploads/2022/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/jasson-goulart-bg-curitiba-01-04-255x142.jpeg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
349d35f124299f4cc151b9163060b9c5d82206c84bbf2b2a8740fc63c4ae309c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 14:52:01 GMT
server
nginx/1.20.2
etag
"62471191-edc"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
3804
expires
Fri, 08 Apr 2022 17:54:57 GMT
reajuste-taxi-curitiba-255x142.jpg
static.ricmais.com.br/uploads/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/reajuste-taxi-curitiba-255x142.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d3a4eda40c81b6af6b8531de4a7571060cf25dec16a41a0080dc020c4f0b9dd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 15:18:01 GMT
server
nginx/1.20.2
etag
"624717a9-1a08"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
6664
expires
Fri, 08 Apr 2022 17:54:57 GMT
rodrigo-mussi-255x142.png
static.ricmais.com.br/uploads/2022/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/rodrigo-mussi-255x142.png
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1d176cce938e3b16601c343eb4a7d88ec8b99688ea4229a291ee73782284a73b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 13:12:01 GMT
server
nginx/1.20.2
etag
"6246fa21-ee8"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
3816
expires
Fri, 08 Apr 2022 17:54:57 GMT
o-que-fazer-fim-de-semana-curitiba-255x142.jpg
static.ricmais.com.br/uploads/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ricmais.com.br/uploads/2022/04/o-que-fazer-fim-de-semana-curitiba-255x142.jpg
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c8ac15e6905978581ba1179f326e1350ea71202cd220e0fda8e7af6756d09680

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
last-modified
Fri, 01 Apr 2022 12:58:01 GMT
server
nginx/1.20.2
etag
"6246f6d9-1c34"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
content-length
7220
expires
Fri, 08 Apr 2022 17:54:57 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2303655209671245&ev=fb_page_view&dl=https%3A%2F%2Fricmais.com.br%2F&rl=&if=false&ts=1648835696908&sw=1600&sh=1200&at=
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 01 Apr 2022 17:54:56 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 16:52:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		180 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ricmais.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8f5e97230caa7d2e21d9e18e3b2e09da937e81bca9bcca30f2e4f5d240b1c8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Fri, 01 Apr 2022 17:54:56 GMT
profiles.js
barra.r7.com/tailtarget/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/tailtarget/profiles.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:29 GMT
server
AkamaiNetStorage
etag
"8004950a941b96d9c812191aaaa6ce00:1618419749.19302"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=245635
accept-ranges
bytes
content-length
5253
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:45:07 GMT
x-content-type-options
nosniff
age
241789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:45:07 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ricmais.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ricmais.com.br
access-control-max-age
600
age
0
content-length
0
date
Fri, 01 Apr 2022 17:54:57 GMT
server
ATS/9.1.0.33
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ricmais.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ricmais.com.br
access-control-max-age
600
age
0
content-length
0
date
Fri, 01 Apr 2022 17:54:57 GMT
server
ATS/9.1.0.33
localstore.js
script.4dex.io/ 		483 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
895142
x-amz-request-id
tx19d8ce819bcb496485a59-00623993cb
x-amz-id-2
tx19d8ce819bcb496485a59-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57peboChPCUUlI%2FApDyiO2ThVtg3bWbr6SmmJAIUh3i%2FYMRjnxIO84pihFqh4ksQJInvTLjbeDgLp18Ql9jPzNDUlwrji148kxpuWZb8VSaRgNgePmY1JSgTppJWFv2UQjlsyZgy4h%2FbycdF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647940521027959
cf-ray
6f533162b928d60c-MXP
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fd9ad37eedb9f23edf7807fefe74a6873cf33b8f6feb0ffd26398833e43dc3b2

Request headers

Referer
https://ricmais.com.br/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ricmais.com.br
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4052d3188ab1fcb118713262f75f5e686ca76a983356cafd11cc3e330999e05d

Request headers

Referer
https://ricmais.com.br/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ricmais.com.br
access-control-allow-credentials
true
content-length
66
auction
tlx.3lift.com/header/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fricmais.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8fb8290c9b84880c045020c72c7c086d95d1b0390feb8e1c62c8b1a2d88bb91
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2125
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.10.0&cb=6572929812
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Apr 2022 17:54:56 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ricmais.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ 		594 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=316680&zone_id=1620442&size_id=2%3B2%3B2%3B9&alt_size_ids=55%2C221%3B1%2C55%2C57%2C57%2C221%3B1%2C55%2C57%2C57%2C221%3B10&rp_schain=1.0,1!premiumads.com.br,3482cbc8-2837-4872-8862-73a481b1de42,1,3495ecd8-f3af-49c5-85b8-f78029eb2efc,,&rf=https%3A%2F%2Fricmais.com.br%2F&tk_flint=pbjs_lite_v6.10.0&x_source.tid=a8b9eec4-93c8-414f-84f6-8e70624fb79c%3Bd41e4e28-2298-40e7-ab51-04106ee0bee9%3B32105113-360a-4740-a562-5b400e3f2f01%3B3b8189d8-d6d2-4375-8366-fb6392447a9d&p_screen_res=1600x1200&rp_floor=0.21097046413502107%3B%3B%3B&rp_secure=1&rp_maxbids=1&slots=4&rand=0.6084598892563604
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ea75ea886581f66a9b2ecbe46efa092d8b2aa51525413c796e4aa3008d1cdff2

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
594
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ricmais.com.br
date
Fri, 01 Apr 2022 17:54:57 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:56 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
hb
ice.360yield.com/ 		249 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2249cfd926899d8ef%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fricmais.com.br%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22premiumads.com.br%22%2C%22sid%22%3A%223482cbc8-2837-4872-8862-73a481b1de42%22%2C%22hp%22%3A1%2C%22rid%22%3A%223495ecd8-f3af-49c5-85b8-f78029eb2efc%22%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230b575b207f9693%22%2C%22currency%22%3A%22USD%22%2C%22bidfloor%22%3A0.21097046413502107%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22655502%2C%22tid%22%3A%22a8b9eec4-93c8-414f-84f6-8e70624fb79c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%7D%5D%7D%7D%2C%7B%22id%22%3A%22319209d1f3b1f38%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22655502%2C%22tid%22%3A%22d41e4e28-2298-40e7-ab51-04106ee0bee9%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%7D%2C%7B%22w%22%3A970%2C%22h%22%3A300%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%7D%5D%7D%7D%2C%7B%22id%22%3A%22327ccfdcb76759b%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22655502%2C%22tid%22%3A%2232105113-360a-4740-a562-5b400e3f2f01%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%7D%2C%7B%22w%22%3A970%2C%22h%22%3A300%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%7D%5D%7D%7D%2C%7B%22id%22%3A%2233ae575a8122417%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22655502%2C%22tid%22%3A%223b8189d8-d6d2-4375-8366-fb6392447a9d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.57.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-57-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1044efc6f9181f24d8dc1ce6a56d990a0af379d5ac34bf9bb1a1f10bf2dc55a

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ricmais.com.br
date
Fri, 01 Apr 2022 17:54:57 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
249
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ricmais.com.br
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		64 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
55ddf20c364c6f2d7deb5866f9d2525f30c1296f4c7f20af9085198749c40615
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Apr 2022 17:54:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e5643bba-3e3a-4f89-8b14-fe1d4c00461a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9a629a84c525f68bae66232d9427f4df77c84cbd1d0556e24b254c07a9422e5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Apr 2022 17:54:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bdea7ee9-4082-4de3-a9a4-7e4771b76fc7
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885207
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx812cad8475034e4a9f637-006239940d
x-amz-id-2
tx812cad8475034e4a9f637-006239940d
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyhXxabKamxCTd1kKgh8wd4eNlM8om3WvdIHxpw5lwczFbk4%2FFBHzmqkc8th082jlSOcnIKuD%2BrXoOYlVoxi1R8kId2CX6hvP16Hri5WiAtKj3Qu%2B%2Fzemm26%2F7NQw57ta8I6khqa%2FDkHRibQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f53316339cb59c5-MXP
access-control-allow-headers
Authorization
netdeal.core.js
www.netdeal.com.br/resources/js/ 		383 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netdeal.com.br/resources/js/netdeal.core.js?v=1207
Requested by
Host: www.netdeal.com.br
URL: https://www.netdeal.com.br/resources/netdeal.js?m=2c6fa9cd-96ab-44dc-bd55-ad2397979c3a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
187.108.201.249 , Brazil, ASN53107 (EVEO Servicos de Internet Ltda., BR),
Reverse DNS
publico-31.enviou.net.br
Software
Apache/2.4.25 (Debian) /
Resource Hash
f246cffbe47c99b2d2ca0fd5966733e37aa8c31650a2f9d78932497ec89c7848

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 15:56:30 GMT
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, must-revalidate
accept-ranges
bytes
/
www.facebook.com/tr/ Frame 041A 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://ricmais.com.br
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ricmais.com.br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ricmais.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ricmais.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		173 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=408336624607677&correlator=3871705989622310&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=75894840%3A59114593%2CRICMAIS_HEADERSTICKY%2CRICMAIS_HOME_TOPO%2CRICMAIS_HOME_01%2CRICMAIS_HOME_LATERAL_01%2CRICMAIS_TEMPLATES&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C970x250%7C970x90%7C728x90%7C468x60%7C970x300%7C970x250%7C1x1%2C970x250%7C970x90%7C728x90%7C468x60%7C970x300%7C970x250%7C1x1%2C300x600%7C160x600%2C1x1&ifi=1&adks=1639908204%2C502024572%2C2003981541%2C1605956188%2C351973004&sfv=1-0-38&fsbs=1%2C1%2C1%2C1%2C1&ecs=20220401&fsapi=false&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D1.00%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.21%26hb_adid%3D54d8c8a7ef1cd2%26hb_bidder%3Doftmedia%7Cpp_loop%3D00%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.21%26hb_adid%3D5548767f56f5b56%26hb_bidder%3Doftmedia%7Cpp_loop%3D00%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.10%26hb_adid%3D565213d1855a82e%26hb_bidder%3Doftmedia%7Cpp_loop%3D00%26hb_adomain%3Dvideoslots.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.17%26hb_adid%3D51472af30e52668%26hb_bidder%3Dtriplelift%7Cpp_loop%3D00&cust_params=editoria%3D%26url%3Dricmais.com.br%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1648835697666&lmt=1648835337&dlt=1648835695781&idt=1195&biw=1600&bih=1200&adxs=315%2C315%2C315%2C1022%2C800&adys=1265%2C279%2C1799%2C3000%2C11708&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fricmais.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x-1%7C1132x10668%7C1132x10668%7C348x753%7C1600x1&msz=1000x-1%7C1092x300%7C1092x300%7C348x600%7C1600x1&fws=512%2C4%2C4%2C4%2C0&ohw=0%2C1600%2C1600%2C1600%2C0&ga_vid=702413586.1648835697&ga_sid=1648835698&ga_hid=1230107972&ga_fc=true&btvi=1%7C0%7C2%7C3%7C4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ad8c3eef2cd93cf44fecc1aa3b2202573a2e4f5be8899e0a502f53b0630fd01a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53759
x-xss-protection
0
google-lineitem-id
5561239408,-1,-1,5561239396,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138333700145,-1,-1,138334150636,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F9C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
expires
Sat, 01 Apr 2023 17:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
www.netdeal.com.br/open/netdeal/ 		0
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netdeal.com.br/open/netdeal/login?code=0&local=BROWSER%3Andc4732240930_1648835698021
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
187.108.201.249 , Brazil, ASN53107 (EVEO Servicos de Internet Ltda., BR),
Reverse DNS
publico-31.enviou.net.br
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:57 GMT
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache-Coyote/1.1
x-frame-options
DENY
access-control-max-age
600
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
image/gif;charset=UTF-8
netdeal-container-name
core_queues_8081
access-control-expose-headers
X-AUTH-TOKEN
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER
expires
0
js
www.netdeal.com.br/open/merchant/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.netdeal.com.br/open/merchant/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
187.108.201.249 , Brazil, ASN53107 (EVEO Servicos de Internet Ltda., BR),
Reverse DNS
publico-31.enviou.net.br
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ricmais.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
https://ricmais.com.br
access-control-expose-headers
X-AUTH-TOKEN
access-control-max-age
600
content-length
0
js
www.netdeal.com.br/open/merchant/ 		0
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.netdeal.com.br/open/merchant/js
Requested by
Host: www.netdeal.com.br
URL: https://www.netdeal.com.br/resources/js/netdeal.core.js?v=1207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
187.108.201.249 , Brazil, ASN53107 (EVEO Servicos de Internet Ltda., BR),
Reverse DNS
publico-31.enviou.net.br
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
access-control-allow-origin
https://ricmais.com.br
x-frame-options
DENY
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
netdeal-container-name
core_queues_8081
access-control-expose-headers
X-AUTH-TOKEN
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-max-age
600
access-control-allow-headers
X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER
x-xss-protection
1; mode=block
expires
0
615cafd08509f36f39000026
snippets.r7.com/snippet/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippets.r7.com/snippet/615cafd08509f36f39000026?callback=googleMCMCallback
Requested by
Host: sc.r7.com
URL: https://sc.r7.com/r7/js/adPartner.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0bf152d57a4df9327e27f2a902b1e8e7c48d0684ea2d227c4338361d1214d1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
!no-store, must-revalidate, max-age=60
accept-ranges
bytes
content-length
1883
wvdw612141.html
cdn.privacytools.com.br/public_api/banner/pop/ 		89 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/pop/wvdw612141.html?t=1&m=0&c=1,642,126,517,369
Requested by
Host: cdn.privacytools.com.br
URL: https://cdn.privacytools.com.br/public_api/banner/script/bottom/wvdw612141.js?t=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de10821a60610177275f7c73fbeafd070a70c4131ec798889b78d6cce4ef1d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
173473
etag
W/"Thu Jan 13 23:10:28 GMT-03:00 2022"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjkevNyeeZnU8i%2FnYGNOBq7JFBTErtK%2FE4oaaksy3j%2BaPnfOj1zL0g2LGmUkg0RbzGzDITIeVbHSc1eRMr%2FB6T1P1LURgjui8DyUYDOdoLVwKF503TL%2BRLK3%2FclJH%2BZnFjA0MNTAbVXu5VgylZ0HV6rk6hRa"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
6f53316a6ae3374e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 03:11:16 GMT
content-encoding
gzip
age
53022
x-guploader-uploadid
ADPycdso5VeOSDz4RkZuQ_NgVOLUT0z-GXMGOeq9fGHyoj2ROXaZSelOMHoi50wfHg0VfYYniVJsJvU7FoL53ONw0ys
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"c011d7eff3edda011a5511fb703d925a"
x-goog-hash
crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language
en
x-goog-generation
1632418656103247
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 02 Apr 2022 03:11:16 GMT
js
www.googletagmanager.com/gtag/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de99c2063596c67fcd076f06e6e113bfc3882dfc5d4a798e4eafd00ed70e84e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56072
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
js
www.googletagmanager.com/gtag/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12e8fc071446160d1465f999d00208e73a5bbdfd0aa38f7e52fe66e3309955b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56168
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
js
www.googletagmanager.com/gtag/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38032183-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e36cf46c1f6bc04666bbf0ebdf6bfba4a694a44d13637aed5777d3636d55756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56138
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
js
www.googletagmanager.com/gtag/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
245bb9bb6e89fcd3202a97bda2d3f0f2f406e48cc6ebd5b3a7d43b9a5eed21e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56122
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
js
www.googletagmanager.com/gtag/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38032183-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86408395d0b369ad0ebab70b87a6e5fc4c36189628c7c19635c2354e450e0b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56137
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38032183-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dfa71c5447cc5fdc4588ee611ac81e793ee4c6daaa9fbbaf195cd744329f0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41543
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 17:54:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a56529f1a3836b9dee646175520b15edab3b1c4a7c1909d7771b227dda8e09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10728
x-xss-protection
0
container.html
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B30C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
expires
Sat, 01 Apr 2023 17:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7EEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
expires
Sat, 01 Apr 2023 17:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A38E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
expires
Sat, 01 Apr 2023 17:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 581A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:57 GMT
expires
Sat, 01 Apr 2023 17:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Ample.woff2
static.ricmais.com.br/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ricmais.com.br/fonts/Ample.woff2
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/wp-content/cache/min/1/8d0434b764a2167c3a37f1e49b012358.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.105 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us117.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1d037b6d428e1c1902e3b88c5ff1cb37468e170c3996033aab39669bc5fc09c9

Request headers

Referer
https://ricmais.com.br/
Origin
https://ricmais.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
last-modified
Wed, 01 Jul 2020 19:14:20 GMT
server
nginx/1.20.2
etag
"5efce08c-2ab0"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://ricmais.com.br
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
10928
expires
Fri, 08 Apr 2022 17:54:58 GMT
E4F6F0314D833704F0A375FE79694907.png
cdn.privacytools.com.br/assets/cee4c37e-924b-4914-9823-6d240996bcda/website/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.privacytools.com.br/assets/cee4c37e-924b-4914-9823-6d240996bcda/website/E4F6F0314D833704F0A375FE79694907.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e378f88ac542d00d65db8e2d6956d184ea37992b5143ed5e91c38e4f62983985

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2022 08:25:48 GMT
server
cloudflare
age
2194150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LogIC24x6Rp6LqUZYMoyUxOs9excMvcMuC%2BM8UvQThHUYk580nw1n90ahbjrXmFL51Dq8qsEf1GQkBU6%2BMIFsLwQtgFn3pjWzAQGAzgjqpDqKOdJYB9TWplPRbU1j2nwJ%2FXl%2Bs5gKKthx4ERB%2BDBYRewbMqp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f53316b1bcc599b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15584
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:54:58 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 17:54:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B30C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 13:41:02 GMT
pbuc-min.js
static.premiumads.com.br/pbjs/ Frame B30C 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7c82034d05942708d9b34d82fb3199b70e0faad83e609ee549db028314acb48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Feb 2022 19:12:14 GMT
server
cloudflare
age
974437
x-powered-by
ASP.NET
etag
W/"0bb20ef5627d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfobsQN6BWmNL2urTicVNfF2EyHRqozy6%2BicZeyzddcXEsn00xjZt2qjjOrxkejYkAM9jF%2BNKvvqZhH13vc%2FXgYdbaF7u2RAqvhxE%2B%2BJL97UfYrKEvm6spVUdIVMR15Kxn3aD5UEo7hiP51afs3PvA8DIPyTOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f53316b88c459b9-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B30C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:54:58 GMT
profiles.js
scs.r7.com/tailtarget/ Frame 96BC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scs.r7.com/tailtarget/profiles.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e57f5918a13e9c93ea39596451443f8a6fbec817b04f09acacf3662f7c12a20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
etag
"29c4-58ab0a8988bc0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
!no-store, must-revalidate, max-age=31536000
accept-ranges
bytes
content-length
4331
async
adv.r7.com//script/ Frame 5FDB 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adv.r7.com//script/async?href=https://ricmais.com.br/
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38e39062f4209fcc8461e7a5599a5cba4004f43f271812ddb7379ec24e61e16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
cache-control
!no-store, must-revalidate, max-age=600
accept-ranges
bytes
content-length
4630
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:13:21 GMT
content-encoding
gzip
age
31297
x-guploader-uploadid
ADPycdueg7y_oKLYSpDxZMlv7pmjJqvH-SB_ACVCcJ-lmac2S94eJ98r7NaWT2hFWSO6SGEn_aCc_6rKzEDNge9pNcA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash
crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language
en
x-goog-generation
1632418656026668
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 02 Apr 2022 09:13:21 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-ricmais:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1648835698&tM=direct&tL=direct&tN=direct&tY=3&tZ=118411509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4DEA 		624 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Fri, 01 Apr 2022 17:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame A38E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:46:30 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame A38E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 15:38:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A38E 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFJ9_hhAQPQRcFyMkVKuhkL5HeR0ZyFeRUOf0OAQ-ydXUovSx54GGlI2fFuZUq2JoFm6BvpwR1Z8H3stUWQPV4ZICqmgRjKJjk2bZzvs9jUqY_GVhGUnTQKgfQXbMw4ROU-1yVEUHS7Rr9pS6hQlZV6i8qA2S1taqC7ko0iK1E8XvIGWOw_RPLMkvWPad0Yk0MqZvullCvQVpJ0q9IblUsQXE72WANk5Gqvccc9SCYgcQSyVZao_3KU668QUzdMO2D700W3e7LyuxoF61npgD9bJUEGvbRn8KVGv1jpgAPXB2PmipZlc6lYIPG242dwNSaWe-2s02d9gSZQO_EUkFm5y7COOYwGJXt3krOwv-uGLcJunnKT8ynO19KYu5E2wczcVoaHkKJK3scIelQWTJaAJwhzvqrWImBvmqG4KhnNd5rdeJuuDNsMCVUM9mDXFD17o64OP03NJ1OdI4CEr74PXsxVC6wsUr2i8SFXmM38rcYvJ_i956vOZXHKrqJoDA4JBODQfO1apbJshHNeSUslOt2yh5yCT2Naq-FhiZmaAbUCR_5DMMb_Km-mwPJhtKvQPKKRHY1pIWEpuTtPpvEEZGJVP3q3N1UGYaBlSUCY4WcoKxOjOIyEY8dOfbUy0WyPrAh2A0Uh7Dv_mruXUn4vHkXMEhhdbacMb_4hahznsHp1NcQJJT2VDtjE2b6Q41UwBteyQlRAYa1227YcKqCwRP42czqq-zR2ZAR8FH7VDYDl0JdhRmXIob0MYVFQeVfuaOJAvfvpjIM5OT-kJB20nHw2WfXaRwHgck8upYyWNagDw1YnoaT3mMu7yNsF9VGjJK9OQHXHEOjOWzRpPg0pKp0RnZbZ02ELZXpfBnlwSTJfXcuf3YKJeZDNDspUiuvyHCq5wHLLXfwQcpkF--Om-QHMvstkqhnIQZWvI1t2Md37ze2ow_rHVOgrbRa9WK243SFHq30hDmfH_ZDlmW1VRneTTCDzzo2iXe3CDba6A9q6p4wCJAXLRVltkb48_LtsDHl9So7b6Jz_RnUkydaFMJI8pQKtYtvzjwJ-MkU8xJLa4jG8Be8XJYDs-Vc9nxddo4p6INV0OmcwQApaiAulgJRemKN-2ZfxdsQ4vMhzbE-ztGCEVJeVYJjy1TKYRVPusiK-un7v6NVzXgg_G2-1gXu-CQCGCdqj2aeFnqMkSQeOIUaEg01bgoyRAkiuI6bQ44&sai=AMfl-YQ5xiqMskEPvb7woZw67qlscEe_TwRgjEZO6cxgidQTpHq1jL7vgo51ckk5qVGOxoNJmFDDkAju7J3JO-ActNVuXqVlnG_TRJMx5xPuTxueC0XpSQZ4Ggb-ZiAdnI70rcT61XZ-Mb71I92fDmcdiqm5iX8ewvzl4xo4sPrAunj76nZ2jZJWcWGRmSwEJf780PVF03WxSIFAWk3-uvcJvhHpmQM8UCCuNytG6SbQ36V97HT5wwPZ4tXeFKksUSFQRLQMQjjjnKIcQvtujMxpXzd3FJttUDpyOkMQ84eCcDojaTb0htlsQycIhUpixak&sig=Cg0ArKJSzPrXicIehSSlEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220330.79637&adurl=
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 01 Apr 2022 17:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A38E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A38E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnpZtjtzGiwbhYCLvWTyRPWbc2Lg8SL2dkvWP-vleKGWl2uFJo-jjgR22rf4C_7zMd7ZRisRVwJsBKLl5EXtrBShq_nH3QLJpyWj4UOcNA-Yg5pu4
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A38E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:44:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A38E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:54:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A38E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:54:07 GMT
l
www.google.com/ads/measurement/ Frame A38E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZwW16YHj7NgZJt7FSig_ixN4az64jQ7rcTikFkjB8HVVyqiLKWhgsLv9PDvhdoMWFBb6R
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
759945806609660301
s0.2mdn.net/simgad/ Frame A38E 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/759945806609660301
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5235cbf8944664df0f507cd063884648773b54d269f65776c28e2e2e3f0a6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 08:56:33 GMT
x-content-type-options
nosniff
age
32305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50929
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 11:59:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Apr 2023 08:56:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B160 		624 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Fri, 01 Apr 2022 17:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 7EEE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:46:30 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame 7EEE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 15:38:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7EEE 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYPQkpvvL9mC82SJKQ1CZzgBTDj3Df3By4pPakrPQlgTP0cnNttBfoKakBxz_4Vy9U_gFkyCBFUzWQF0flD51Gzo5RaSOralEAnvf9Cf6P4MIwuIRYJYG0x9y0IoUd8yrKxeT8ogk7cRLHiH-g11uoGOTFWmUHcf37W6RZvETtzL6CQ3aGuHXc9Zvbk07CrV-2ck-pXVb3TeSkXXhp4r2RPc0mOKhJ2t-Tiw3ZmyOP6NtYqb7Dm8tKq5C8itiHuotza6BoEVvdRMuEErpnpOhS7mYVHHtb4XTc5b4rU0OELbGvL_PNjnQklFUTaJfikUQb-JOngvByFyDm_RXWc-K3s1NP3i0h5jK6oEi24YvQ4GFUvpPF_LV_0hYtmPyFcG09jW2RjK4mYixUFicAtwhEEtmH3q30vpYKx93vbnXAh7bCEGhwu65Z3zaJQZ-zg0ZvTH3K3AjvQErtgmDNcJEzAKzCpzbsy4Zw6kJoRcO5p6vVEMuIiy0xApNEJWE2YG4-qp3JDYFTDAtJMyczjjJOVwbmGrvhadYJEgADws_3FK8ovA3UQXacapGLAe-cMu7O2xfOnCSEwtQXpp1Bmifxd6rUOOQsOHHqCGAoJVzPE_0etg6W80WWqwsWqdJhP3PXuB9LcEygOuI7dZt-knawPSbdI6btcl1xiPVoRv4Yox-BgR435sFsDT94i-KKKUUnJKZR8htNX7JFso5QnqAyUJu7Mobl-ZxtKnJ__Pg9API1fkC1iz5pHvfq1Etj4u14HiuDMviZKWI_QWpnpRNh_akKZYGWMWUI7ytZwovMR6KXloUTN2jeLQ-XsVkO7NZpPMRxkyKwAq8daBVT9OsTj8L7mKbIy7x3wtkvpi-gVhb4AyBNFlqoqcdXszZp6aP3QBrgGb-QMFCKcb6Enkt-zblTl7GEC9MCnKIOvTw7P3WLly9oh6CsDIR6OmiMKt-tjQvcT2WPM4kKz0cBahGN8l1qu7DFJG5N8HOPpL45gUh3L2vtl2xblJxvRkTuLYrIbTpOxK0R5A-W_rjm3RDq8wV_vzkZTE9AvD5lT2YW7lfiao2wpVtHv1-D43ajnjDNBC_RHk9ApyyksHI9GXuK6VQxqkUN7s1_yVoi3KLKJnPGv4KJ1QVTl2Dv94tTdfIti0MyPtopGR955HUnba9MFmhgN_7mc4NokxRI4UmhjU49Bx6jXg2_stlhIQxJXqJYh24&sai=AMfl-YQh1dtX0x80lj5tZFDRueG9OLQLWWzD-QH7d5S05UtxYbvlj5XBCWExOSGkeSVwMVMWila90FhtOZbeNgvW_-nGk6EinOGlDpieFonii8tvkE9FaH0BhJ65qQkJrButJYguD0Kna0clHCFcrlNYtZBTxXNSJJbVnqqjJkN_1MBz1riNuwE9A_uhb3qMiv62BPfGySlVSmbEybHAZCIqTBPmDwYJPY-3EYzCrZUgFTc_YZGriyavK0pmQ3S0hnFwuhqPXLjUwrWZU6JUMibwAZkPSomNwMMAD3lbDw7yDLMQ-8nvYz5r4-vw_YpHvok&sig=Cg0ArKJSzONUwmyWRmivEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220330.21094&adurl=
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 01 Apr 2022 17:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7EEE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EEE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJv0acI2xctnTspWoqw-ijCf8d4vpqIARsRpVgGAhV8egLuzzh3AawpjvIMzvVNzyFIl-dYsHnQaXv8X_l8EGioXOHmoRrXW9RANc8wzhxTq_-0RI
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 7EEE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:44:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EEE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:54:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 7EEE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:54:07 GMT
l
www.google.com/ads/measurement/ Frame 7EEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7uK-vfWHth_kLuTGJfV8M5VRaTkHEusfqyiDeTbnULTCNsFM8kiutVzzcifERzJUuEWX4
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
603783595747143568
s0.2mdn.net/simgad/ Frame 7EEE 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/603783595747143568
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c79f8e69ab46c938bb87d0d04e0a708c4039d8cc3a3a455ef7945243620b88f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:04:26 GMT
x-content-type-options
nosniff
age
323432
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41815
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 12:10:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Mar 2023 00:04:26 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 581A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 13:41:02 GMT
pbuc-min.js
static.premiumads.com.br/pbjs/ Frame 581A 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7c82034d05942708d9b34d82fb3199b70e0faad83e609ee549db028314acb48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Feb 2022 19:12:14 GMT
server
cloudflare
age
974437
x-powered-by
ASP.NET
etag
W/"0bb20ef5627d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BczUFKPNmDKS2JrZHkbSNq6q3j8Tjgcr%2F7RwD3ahEt8qxj7ciiw5JdgpHx5n6tsl1Q280XAAk8lXtOS4%2FmzNM44Cb%2FCb62zBCVn19aUOMNNmWaOw9j%2BHaZd9T0KlasayemWqActkztwe9G0KQsHEemTpIxBJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f53316bd97359b9-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 581A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:54:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CABF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
3730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:52:48 GMT
expires
Sat, 01 Apr 2023 16:52:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C21E 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0e7b9f5d60a168dc0a53692a6d3eb45b8cef9071b85eb85cff17f8803fbb57d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wdmVgAvMCSxzxcodS9F/Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-wdmVgAvMCSxzxcodS9F/Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Fri, 01 Apr 2022 17:54:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame B30C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBbsXtjmhP9eqyax6SnWKMr0WGXcdQrbg2_dQe-C0JiLRORDX0oJiLE0UqFymhOdtnN7gwrnUiom-EXO4DHtPhWziUyWzlfpJMxZIyBE3-WmkOGqavXPCAWZKQnGYEK6KwA20bKePrPPti1j2ydSbGyA9_v5N-Kvu7EpwWBg-R4yX2JG1SqGxmOn4Yo-SAMHj5KhWnWYaaQfzdtnGF9Ox1qQzZTegYtohHja8-gBpn9mDvloIBzrvQFa7Ynz3NdZuRInNnQFqM542QjnlJ--6LJdIzTC05vgRgKrj7iVamIN49Jaji7WM5ymePWDW6G9Fq9w&sai=AMfl-YQQQdsFWZBIrzHYxQmuweAbpWUDhTnPwNddI6b9mYbeuMhwGxqB8K6UTuij67SJGWv6HaVqpDTa_pVNL6vYsYJ8pQIilmtfZTZh2VqjWQ&sig=Cg0ArKJSzFJCeMrjeximEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1648835698558&cv=9&fst=1648835698558&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
010e8dccbfbcbe84e3ca23850b95a5d5f5cbdc22049129c5637b785489825f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1648835698562&cv=9&fst=1648835698562&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28d3815fabab7575483ad5c20b71dfe3b38d963e57c3227707ac0231168f5c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1648835698563&cv=9&fst=1648835698563&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf36cddb867c0661af31587bea3b3724a7ff5a3db5cb935526232ded4f255080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
tt-9964-3.seg.t.tailtarget.com/ Frame 96BC 		92 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/profile
Requested by
Host: scs.r7.com
URL: https://scs.r7.com/tailtarget/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via
1.1 google
cache-control
private, proxy-revalidate
content-type
application/x-javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame B30C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c038142614386defe90276b5757b4d3c0ebe5554093757cf366bffb76833d2df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B30C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOQqgWKU8jzfjt4zb4zyhgpdexxskA72R2Zfoe6CpON0UOencgjF9edjffOe6PSCcW0WEitjKXJoolx0M9B_mClEfpM0hvAoNyLw6QSf-Bhnaq-CfGc6c5HNivMy9Lru5ZqUOxr1VO1nkbUCbhsMts_8yqhxfc8eVzs0j897ks_DvluuiDLdE4HXqSu-iZArOPvSLL9zzidFEuCIBK0P149HkbkMLr-lEODmlE1cIQkESygGeKM94H3ah3vSzvDOlE9QXrwyXzzdCWzFD1KgSs7hqd0_bSN-dZeaBekIYFAY-7ixGbPrUz9hNgdP0PtWn9r029&sai=AMfl-YQa3GTb6rRkF2VOo37wE0-gpke4Eyg3z5NodANkdTQfMjDwBnjp1zd10DUHDmLVXpzmmwQ4Zt-5H9KcWZxktGzx7VUo5C26-eV8h0JXxA&sig=Cg0ArKJSzPlQL4qJSM7SEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Apr 2022 17:54:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 581A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq6HIT7_NE5GhEj7t42MdFr2GT0y1EkidpEZK3jb-9HBAye_bgxvyV5ggNQ8yR88eHPn_sHWQ6OTTMpsZfwY5qrlKuxpozty0gQeRZyIocjInaSbhs6KvZNJ3vx7jzXoKTOmokX8WJf0NhLvmYbOOL9YSIy5NvRSbO7ha71Rt3WI2DE_WFaXVMKQP_m9SJd1zl0R47u7hpsnu7mbAkDxBi373yvqhPCVKQRwfJ-BJ7L4OQYkD-COXO2kigDYK6XWTkCnxZy7GaJQaJvkQlL1rPbEwOhUnouE0GyVT7BZQojpB8-O9H3FIzRilNEeOArUABvTFMYg&sai=AMfl-YQ3TpbLaclY1dw6ySJjXfh7bgz88t7NEXRXwZFXK9Km-fK2b9P3DVwhGnFNDJI5GaYiKR-lWvMrGj8FYukeIb7fdLdyuNw2lLUzO7KOiw&sig=Cg0ArKJSzJnuEN9IHuzfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
u
b.t.tailtarget.com/ 		54 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
978735293b9cac9f73f8a37e53afb965351f7e205dfa2b5165001e4d20787835

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rum
dsum-sec.casalemedia.com/ Frame B160
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Apr 2022 17:54:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B160
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykc8cg3yIt5p2HBIVOEhQQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Apr 2022 17:54:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B160
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
24f9d8ad-ae07-4cfc-b5dd-38dabcf69137
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B160
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLiHtLsBMAE&v=APEucNXdTnUntlbEqfbF3m5CrWaIwVA3yjq6a57g76Y6XLJY1C8vuEm7TuAXm1VPpm_VFZS6dT5LgebpCz2Fe3CboPgJBF9qtFZpR_N3AUONxoawHcAQG_qVB18kFB34BTxqCVVB8mzJFT-gRlM0je6DOqs0DQCuGm1ZopmzDdVPVitsxwh-1-Q
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
366bf2bc-416f-42a9-b98e-911854a5ca2c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4DEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Apr 2022 17:54:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4DEA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykc8cg3yIt5p2HBIVOEhQQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Apr 2022 17:54:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYOKl6HlncGT0l1qNFEQa8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4DEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b981919b-b0d5-4f69-8fe8-c8289f95c055
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3pPWr-YTxqTdRxDLDZJ2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4DEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNVD-MOr6O_sz41XxOhqSLVmpfl6pK2GfW6BtQ0QxKRRfs3qtG-3b5aRLp0KunGZfuFmsvm51x5mPiiU25Ye3q_otzhmuQMH9c7dCMsLbS4dJJHSRE_MFYhdOtEPel6fRRyvMXjIGDQMISXwr78aSWPnVfZVgb3xJtyjkKFxnHwv6z0b5sg
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
803ecce3-7a2b-4407-904b-bd1f682e7321
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA1MjAwNjAyOTkxNDYxMzE2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EB2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
126130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:52:48 GMT
expires
Fri, 31 Mar 2023 06:52:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 07D0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
126130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:52:48 GMT
expires
Fri, 31 Mar 2023 06:52:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 5660 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae5170f9eda6c524808efc94aafb6113685bf4a8bd5ca07bd061f1c3420cd984
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
10-9
content-encoding
gzip
server
Apache
etag
"9e885678d01ed856ecc4cfa0074cbf31"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 01 Apr 2022 17:54:58 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-19
expires
Fri, 01 Apr 2022 17:59:58 GMT
log
qsearch-a.akamaihd.net/ Frame 5660 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=22009589&other_prv=9&jar_err=&current_day=5.0&adtyp=0&req_id=6986821410311089461&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=21.0783&exp=&second_bidder=*&search_res=64&floor_bucket=0.00&gpid_format=&seat=&size=970x90&f_seg=&prdp=0.3384&local_wr_url=0.0000&ogcbdp=0.9400&dfpbd=0.3384&server=1&ogerpm_wd_bkt=0-1&model_version=202203221229_generic_appn_2-cid_0&viewability=0.7000&dmm_r=0.3770&cut=64&dmm_l=0.0790&as_cache=0&tcyerpm=&sc=NW&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ricmais.com.br%2F&bidrestime=1648835697367&cc=DE&strg=harmony&ss=&current_hour=17&time_stamp=2022-04-01+17%3A54%3A57&model_key=generic_appn_2-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.9400&ct=Bergkamen&akey=&mnckfl=0&bdp_bucket=1.00&algo=&dc=eu_be&splid=22009589&dim4=exploration&dn=ricmais.com.br&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.60+Safari%2F537.36&buyer_id=&dmm_m10=1163394&bdp_wider_bucket=1&acid=b7a4881efa0a4d86831a0e07d24316ae&infl=&o_ver=NT+10.0&br_ver=100.0.4896.60&bdmm_m6=1.0000&bdmm_m7=0.7450&bdmm_m5=1.0000&ver=8.11.0&totalTimeBucket=3&visibility=0&totalTime=3344109&dmm_m1=2022-04-01+17%3A54%3A57.371726089&e_rpm=0.2960&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.7450&cid=8CUH5EN48&bcrid=311932842&rawbid=0.9400&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-5df5fc9cbb-qmw78.BE&dfp_bucket=0.35&adblk=&itype=appnexus&pvid_seat=9&cliIP=764254208&advurl=content.businessinfoline.com%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=65&gpid=&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.94
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-21.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 01 Apr 2022 17:54:58 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 5660 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 01 Apr 2022 17:54:58 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=24244
access-control-allow-credentials
true
content-length
62892
expires
Sat, 02 Apr 2022 00:39:02 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 5660 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:54:58 GMT
Content-Encoding
gzip
Age
3142589
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21958-LGA, cache-hhn4068-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1648835699.722156,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 4727604
it
ams1-ib.adnxs.com/ Frame 5660 		0
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fricmais.com.br%252F&e=wqT_3QLHBOhHAgAAAwDWAAUBCPH4nJIGEOyw1Nrdl6aIZhgAKjYJbxKDwMqh1T8RWag1zTtO0T8ZAAAA4HoU5j8hWQ0SACkRJAAxARvAUbi-PzD1rb8KOJRdQJUJSGBQqu_elAFY4YKUAWAAaLbUrgF4xugFgAEBigEDVVNEkgUG9EgBmAHKB6ABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC-b9a6gIXaHR0cHM6Ly9yaWNtYWlzLmNvbS5ici-AAwCIAwGQAwCYAxegAwGqA0ESGDY5ODY4MjE0MTAzMTEwODk0NjFfc2JpZBoTNzM1NDU0NjEzMjY5MjA0Nzk4MCIJMzExOTMyODQyKgVNMTE3M8ADrALIAwDYA42UVuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjY4qAQAsgQRCAQQBBjKByBaKAEoAjAAOAK4BADABADIBADaBAIIAeAEAfAEqu_elAGIBQGYBQCgBbXavvXgoYv7YMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgANMSTQBq_xAdoGFgoQBREdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi_BkAAyAfG6AXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHntwCiggCEAA.&s=323d379981058658383b98df5582b0872c81cbc5
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
33d82dc0-8f3a-4b87-b46a-5638e921c70b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7EEE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYPQkpvvL9mC82SJKQ1CZzgBTDj3Df3By4pPakrPQlgTP0cnNttBfoKakBxz_4Vy9U_gFkyCBFUzWQF0flD51Gzo5RaSOralEAnvf9Cf6P4MIwuIRYJYG0x9y0IoUd8yrKxeT8ogk7cRLHiH-g11uoGOTFWmUHcf37W6RZvETtzL6CQ3aGuHXc9Zvbk07CrV-2ck-pXVb3TeSkXXhp4r2RPc0mOKhJ2t-Tiw3ZmyOP6NtYqb7Dm8tKq5C8itiHuotza6BoEVvdRMuEErpnpOhS7mYVHHtb4XTc5b4rU0OELbGvL_PNjnQklFUTaJfikUQb-JOngvByFyDm_RXWc-K3s1NP3i0h5jK6oEi24YvQ4GFUvpPF_LV_0hYtmPyFcG09jW2RjK4mYixUFicAtwhEEtmH3q30vpYKx93vbnXAh7bCEGhwu65Z3zaJQZ-zg0ZvTH3K3AjvQErtgmDNcJEzAKzCpzbsy4Zw6kJoRcO5p6vVEMuIiy0xApNEJWE2YG4-qp3JDYFTDAtJMyczjjJOVwbmGrvhadYJEgADws_3FK8ovA3UQXacapGLAe-cMu7O2xfOnCSEwtQXpp1Bmifxd6rUOOQsOHHqCGAoJVzPE_0etg6W80WWqwsWqdJhP3PXuB9LcEygOuI7dZt-knawPSbdI6btcl1xiPVoRv4Yox-BgR435sFsDT94i-KKKUUnJKZR8htNX7JFso5QnqAyUJu7Mobl-ZxtKnJ__Pg9API1fkC1iz5pHvfq1Etj4u14HiuDMviZKWI_QWpnpRNh_akKZYGWMWUI7ytZwovMR6KXloUTN2jeLQ-XsVkO7NZpPMRxkyKwAq8daBVT9OsTj8L7mKbIy7x3wtkvpi-gVhb4AyBNFlqoqcdXszZp6aP3QBrgGb-QMFCKcb6Enkt-zblTl7GEC9MCnKIOvTw7P3WLly9oh6CsDIR6OmiMKt-tjQvcT2WPM4kKz0cBahGN8l1qu7DFJG5N8HOPpL45gUh3L2vtl2xblJxvRkTuLYrIbTpOxK0R5A-W_rjm3RDq8wV_vzkZTE9AvD5lT2YW7lfiao2wpVtHv1-D43ajnjDNBC_RHk9ApyyksHI9GXuK6VQxqkUN7s1_yVoi3KLKJnPGv4KJ1QVTl2Dv94tTdfIti0MyPtopGR955HUnba9MFmhgN_7mc4NokxRI4UmhjU49Bx6jXg2_stlhIQxJXqJYh24&sai=AMfl-YQh1dtX0x80lj5tZFDRueG9OLQLWWzD-QH7d5S05UtxYbvlj5XBCWExOSGkeSVwMVMWila90FhtOZbeNgvW_-nGk6EinOGlDpieFonii8tvkE9FaH0BhJ65qQkJrButJYguD0Kna0clHCFcrlNYtZBTxXNSJJbVnqqjJkN_1MBz1riNuwE9A_uhb3qMiv62BPfGySlVSmbEybHAZCIqTBPmDwYJPY-3EYzCrZUgFTc_YZGriyavK0pmQ3S0hnFwuhqPXLjUwrWZU6JUMibwAZkPSomNwMMAD3lbDw7yDLMQ-8nvYz5r4-vw_YpHvok&sig=Cg0ArKJSzONUwmyWRmivEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=168&dett=2&cstd=0&cisv=r20220330.21094&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame A38E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFJ9_hhAQPQRcFyMkVKuhkL5HeR0ZyFeRUOf0OAQ-ydXUovSx54GGlI2fFuZUq2JoFm6BvpwR1Z8H3stUWQPV4ZICqmgRjKJjk2bZzvs9jUqY_GVhGUnTQKgfQXbMw4ROU-1yVEUHS7Rr9pS6hQlZV6i8qA2S1taqC7ko0iK1E8XvIGWOw_RPLMkvWPad0Yk0MqZvullCvQVpJ0q9IblUsQXE72WANk5Gqvccc9SCYgcQSyVZao_3KU668QUzdMO2D700W3e7LyuxoF61npgD9bJUEGvbRn8KVGv1jpgAPXB2PmipZlc6lYIPG242dwNSaWe-2s02d9gSZQO_EUkFm5y7COOYwGJXt3krOwv-uGLcJunnKT8ynO19KYu5E2wczcVoaHkKJK3scIelQWTJaAJwhzvqrWImBvmqG4KhnNd5rdeJuuDNsMCVUM9mDXFD17o64OP03NJ1OdI4CEr74PXsxVC6wsUr2i8SFXmM38rcYvJ_i956vOZXHKrqJoDA4JBODQfO1apbJshHNeSUslOt2yh5yCT2Naq-FhiZmaAbUCR_5DMMb_Km-mwPJhtKvQPKKRHY1pIWEpuTtPpvEEZGJVP3q3N1UGYaBlSUCY4WcoKxOjOIyEY8dOfbUy0WyPrAh2A0Uh7Dv_mruXUn4vHkXMEhhdbacMb_4hahznsHp1NcQJJT2VDtjE2b6Q41UwBteyQlRAYa1227YcKqCwRP42czqq-zR2ZAR8FH7VDYDl0JdhRmXIob0MYVFQeVfuaOJAvfvpjIM5OT-kJB20nHw2WfXaRwHgck8upYyWNagDw1YnoaT3mMu7yNsF9VGjJK9OQHXHEOjOWzRpPg0pKp0RnZbZ02ELZXpfBnlwSTJfXcuf3YKJeZDNDspUiuvyHCq5wHLLXfwQcpkF--Om-QHMvstkqhnIQZWvI1t2Md37ze2ow_rHVOgrbRa9WK243SFHq30hDmfH_ZDlmW1VRneTTCDzzo2iXe3CDba6A9q6p4wCJAXLRVltkb48_LtsDHl9So7b6Jz_RnUkydaFMJI8pQKtYtvzjwJ-MkU8xJLa4jG8Be8XJYDs-Vc9nxddo4p6INV0OmcwQApaiAulgJRemKN-2ZfxdsQ4vMhzbE-ztGCEVJeVYJjy1TKYRVPusiK-un7v6NVzXgg_G2-1gXu-CQCGCdqj2aeFnqMkSQeOIUaEg01bgoyRAkiuI6bQ44&sai=AMfl-YQ5xiqMskEPvb7woZw67qlscEe_TwRgjEZO6cxgidQTpHq1jL7vgo51ckk5qVGOxoNJmFDDkAju7J3JO-ActNVuXqVlnG_TRJMx5xPuTxueC0XpSQZ4Ggb-ZiAdnI70rcT61XZ-Mb71I92fDmcdiqm5iX8ewvzl4xo4sPrAunj76nZ2jZJWcWGRmSwEJf780PVF03WxSIFAWk3-uvcJvhHpmQM8UCCuNytG6SbQ36V97HT5wwPZ4tXeFKksUSFQRLQMQjjjnKIcQvtujMxpXzd3FJttUDpyOkMQ84eCcDojaTb0htlsQycIhUpixak&sig=Cg0ArKJSzPrXicIehSSlEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&vt=11&dtpt=179&dett=2&cstd=0&cisv=r20220330.79637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ttj
ib.3lift.com/ Frame 223F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=PremiumAds_RON_Prebid
Requested by
Host: static.premiumads.com.br
URL: https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-128.fra53.r.cloudfront.net
Software
/
Resource Hash
9ec4ca9b1a37d617b373fe664aa5849bda2a5d823b0dc569f0fde9b373d3cf64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
age
678
etag
"ccfd7852371762063298ecccf8cfd39827eef0ee"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA53-C1
content-encoding
gzip
content-length
2013
x-amz-cf-id
01KwA4m83OMjNkIJU7xI7fnEnj3rXw5cGsxfVIHBCPr9HrgPucqhvg==
notify
tlx.3lift.com/header/ Frame 223F 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.179&ts=1648835697&aid=18507164141078263690713&ec=2409_15064_70_51750725&n=GgDyAtcBCAASFzE4NTA3MTY0MTQxMDc4MjYzNjkwNzEzGAAgASjpEjDYdUABSABQAWAKaABw5ZIQkAEAmAEAqAEAsAHOAbgBHsABswHIAc4B4AEo8AEA%2BAHOAYACswGIAiiRAgAAAAAAAPA%2FmQKkcD0K16PAP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BALwJIADrAKIA9gEkAMAmAMAoAMAuAOXAsADAMgDANIDCzcwXzUxNzUwNzI14AP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8B6QMAAAAAAAAAAPADzgH4AgyIAwCSAwRkM2QzmAMAoAPPjAaoAwA%3D
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 223F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=18507164141078263690713
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
www.google.com/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1648835698563&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=3510219638&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1648835698563&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=3510219638&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7EEE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c9af54b518766a3d9467fcdbac670cee661fa85141f7f1a6c46c61bc69eb67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A38E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119d1fe56ee3907568a9076d1ba1b019f3401f77eb432072f375b0b48c37dce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 581A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb3e8b6a5651333c449682efa20d6c344dec8f362229581feb2f202afec57a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
/
www.google.com/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1648835698558&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=1379373054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1648835698558&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=1379373054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1648835698562&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=1909032071&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1648835698562&cv=9&fst=1648832400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fricmais.com.br%2F&tiba=RIC%20Mais%20-%20Not%C3%ADcias%20do%20Grupo%20RIC%20(Paran%C3%A1)&async=1&fmt=3&is_vtc=1&random=1909032071&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5FDB 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: adv.r7.com
URL: https://adv.r7.com//script/async?href=https://ricmais.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0d5a7fcc16c1b7e34044a24868e0e780c7a19ba41fdc28dd090c72fc494f2bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28246
x-xss-protection
0
server
sffe
etag
"1175 / 315 of 1000 / last-modified: 1648811283"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Apr 2022 17:54:58 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ricmais.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ricmais.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		416 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=408336624607677&correlator=3871705989622310&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=7542%2Cparceiros%2Cricmaisparana&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&adks=2765778493&sfv=1-0-38&fsbs=1&ecs=20220401&fsapi=false&prev_scp=pos%3Disland%26context%3Dprincipal%26cluster%3Dna&cust_params=editoria%3D%26url%3Dricmais.com.br%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1648835698803&lmt=1648835337&dlt=1648835695781&idt=1195&biw=1600&bih=1200&adxs=650&adys=9874&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fricmais.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1132x10508&msz=1092x0&fws=4&ohw=1600&ga_vid=702413586.1648835697&ga_sid=1648835698&ga_hid=1230107972&ga_fc=true&btvi=5&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
35fa2ca59598201824eed7c958a61335cd1daaa3856ae031aeda62a443868552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C21E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=408336624607677&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
smtr
contextual.media.net/ Frame 5660 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&chnm=HARMONY&pid=8POD1F265&tpid=TH72J2U&https=1&vif=2&requrl=https%3A%2F%2Fricmais.com.br&kwrf=https%3A%2F%2Fricmais.com.br&nse=5&vi=1648835698563085821&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&bcpf=B4Nqq%2F4ga8fOnRrolnfOur8x&bdrId=9&katbid=-103&ntv=0&katpre=1&pgid=p0745156934t202204011754&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
493415537718aa22b87e34a2b7ae46daf50a176bbb889d57796e386b16b99073
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-hp5l
strict-transport-security
max-age=604800
timing-allow-origin
*
content-length
28046
x-sc-w
22-zv98
checksync.php
contextual.media.net/ Frame 8882 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f254e61dd3fd23537dbedf1c0afb1728d28d702687ddedd423851cfb3d55804f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5717
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Sun, 03 Apr 2022 17:54:58 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 5660 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=542&&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=487003955&vi=1648835698563085821&ugd=4&lf=6&kwrf=https%3A%2F%2Fricmais.com.br&cc=DE&sc=HE&lper=100&wsip=2886781336&r=1648835698828&requrl=https%3A%2F%2Fricmais.com.br&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1648835698150428927&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p0745156934t202204011754&vgd_pgids=1&vgd_uspa=0&hvsid=00001648835698826007642542084260&gdpr=1&vgd_end=1
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 01 Apr 2022 17:54:58 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 01 Apr 2022 17:54:58 GMT
checksync.php
contextual.media.net/ Frame 1155 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C3014%2C97%2C77%2C99%2C56%2C59%2C38%2C182%2C184%2C141%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc5be1bd37914389ada11438bcbdaae6f1a6f6e402a2a415ac9558acec8c794a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8215
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Sun, 03 Apr 2022 17:54:58 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 5660 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&insl=0&ifst=0&vid=6986821410311089461&s_city=amsterdam&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.940&size=970x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=47061c73&scrid=311932842&itypeid=16&mx_SPRIG=0&viewability=70&renderer=0&be=0&rtime=17.0&adj0=0.0&tmax=150&s_ip=185.33.221.48&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=6986821410311089461&sc=NW&mowxReqId=b7a4881efa0a4d86831a0e07d24316ae_1&ifdp=0&requrl=https%3A%2F%2Fricmais.com.br&bidrestime=1648835697367&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CU62MU8E-487003955-14-5&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.940&ct=Bergkamen&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CU62MU8E&dnt_enf=false&mx_ssBucket=0&vls=0&asn=9009&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ricmais.com.br&dt=O&acid=b7a4881efa0a4d86831a0e07d24316ae&actltime=26&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.338&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=11924&bfs=103&rfc=1&prvApiId=8CU62MU8E&epcexp=false&pubid=pub-appnexus-eu&mx_bsProfile=0&cid=8CUH5EN48&bcrid=311932842&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2316%23%2348%23%2343&chnl=HARMONY&pst=0&reqsize=970x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-eu&__expireat=1648836297625&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=487003955&ckfl=0&lper=1&mx_tgs=728x90%7C970x90&cbdp=0.338&csex=0&pvdTmax=107&ltime=23.0&epc=487003955&prvReqId=50198624851900_326471895_101633514191&zip=59192&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1965840&brsrclk=0&sbdrid=99&rtttime=36&apTags%3C%3E=75&mx_PC=1&wsip=mowx-f8b465956-kl9jb&currsrc_date=2022-04-01+00%3A00%3A00&mx_divid=22009589&geoll=false&debug_ts=2022-04-01+17%3A54%3A57&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=22009589&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=0.69&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-5df5fc9cbb-qmw78.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22009589&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.94&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=101633514&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22009589&opbidflr=0.000&impId=7354546132692047980&rme=adm&bdata=~seller_tag_id%3D22009589~std%3D22009589~itype%3DAPPNEXUS~visibility%3D0~city%3DBERGKAMEN~ref_cnt%3D1~r_ip%3D45.141.152.0~r_sc%3DNW~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D6~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000000~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D970x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.079~dmm_r%3D0.377~e_rpm%3D0.296~dmm_m1%3D0.296~dmm_m2%3D0.105~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.745~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.745~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.003~dmm_m16%3D0.469~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m35%3D13.000~dmm_m36%3D13.000~dmm_m39%3D1389.000~dmm_m40%3D1389.000~dmm_m43%3D0.930~dmm_m44%3D1.003~dmm_m47%3D1675.000~dmm_m48%3D218371.000~dmm_m50%3D10.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.296~vbr%3D0~bid%3D0.940~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D22009589%7Eviewability%3D0.702466%7Ecbdp%3D0.338%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.940%7Eitype_id%3D16%7Eseller_tag_id%3D22009589%7EcarrierId%3D0%7Edcut%3D65%7Edogb%3D0-1~ibc%3D1~&utime=1467&sf=0&cpr=0.27170429650137207
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 01 Apr 2022 17:54:58 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 01 Apr 2022 23:54:58 GMT
checksync.php
contextual.media.net/ Frame 69A5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C3014%2C97%2C77%2C99%2C56%2C59%2C38%2C182%2C184%2C141%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc5be1bd37914389ada11438bcbdaae6f1a6f6e402a2a415ac9558acec8c794a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8215
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 17:54:58 GMT
expires
Sun, 03 Apr 2022 17:54:58 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
ams1-ib.adnxs.com/ Frame 5660 		0
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fricmais.com.br%2F&e=wqT_3QKGBOgGAgAAAwDWAAUBCPH4nJIGEOyw1Nrdl6aIZhgAKjYJbxKDwMqh1T8RWag1zTtO0T8ZAAAA4HoU5j8hWQ0SACkRJAAxARvAUbi-PzD1rb8KOJRdQJUJSGBQqu_elAFY4YKUAWAAaLbUrgF4xugFgAEBigEDVVNEkgUG8OWYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL5v1rqAhdodHRwczovL3JpY21haXMuY29tLmJyL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA42UVuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjY4qAQAsgQRCAQQBBjKByBaKAEoAjAAOAK4BADABADIBADaBAIIAeAEAfAEqu_elAGIBQGYBQCgBbXavvXgoYv7YMAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJTBgAIAAwADi_BkAAyAfG6AXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAHntwCiggCEAA.&s=d0042c4997868b579e3e4e5c9664e6f9de151460&bdref=https%3A%2F%2Fricmais.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fricmais.com.br%2F,https%3A%2F%2Ff926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html,https%3A%2F%2Ff926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:58 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
43c8aa81-b312-4e37-ad42-f8bd9094a874
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 7EB2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:18:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
5781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 16:18:37 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame CABF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 12:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
105377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Mar 2023 12:38:41 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 07D0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:18:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
5781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 16:18:37 GMT
bundle.js
ib.3lift.com/rev/5dec76cf1a860796541e8c215ef2582d0ec40bb4/dist/ Frame 223F 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/5dec76cf1a860796541e8c215ef2582d0ec40bb4/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=PremiumAds_RON_Prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-128.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53e6f2b0ebc02166ae4ac275d7800de963a12fb4f46462222f9c1b689a122a6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:43:20 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 15:42:53 GMT
server
AmazonS3
age
7899
etag
"42bd4cd48b06c91f6f036afc0c873885"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
82430
x-amz-cf-id
pOKK2_fd4lLDjRXgE8vDR2ejsKx0EeBeVKAnEsroqh0XYurkIp701w==
pubads_impl_2022032905.js
securepubads.g.doubleclick.net/gpt/ Frame 5FDB 		363 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
95d902d6868287832fda3e1b75149c1aefee47db33e70f2eb5663c2621eda5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 12:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126411
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 19:27:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 12:11:33 GMT
b
b.t.tailtarget.com/ 		113 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007F723C4762C8062B1902A18C2D&tX=b.52&tZ=217124701
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
d18c2cc74f2ccfcde3e1a762f8eb3c5e96c2bf1febe27f211fcbb2766182b3f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:58 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vevent
ams1-ib.adnxs.com/ Frame 5660 		0
885 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fricmais.com.br%2F&e=wqT_3QLHBOhHAgAAAwDWAAUBCPH4nJIGEOyw1Nrdl6aIZhgAKjYJbxKDwMqh1T8RWag1zTtO0T8ZAAAA4HoU5j8hWQ0SACkRJAAxARvAUbi-PzD1rb8KOJRdQJUJSGBQqu_elAFY4YKUAWAAaLbUrgF4xugFgAEBigEDVVNEkgUG9EgBmAHKB6ABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC-b9a6gIXaHR0cHM6Ly9yaWNtYWlzLmNvbS5ici-AAwCIAwGQAwCYAxegAwGqA0ESGDY5ODY4MjE0MTAzMTEwODk0NjFfc2JpZBoTNzM1NDU0NjEzMjY5MjA0Nzk4MCIJMzExOTMyODQyKgVNMTE3M8ADrALIAwDYA42UVuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjY4qAQAsgQRCAQQBBjKByBaKAEoAjAAOAK4BADABADIBADaBAIIAeAEAfAEqu_elAGIBQGYBQCgBbXavvXgoYv7YMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgANMSTQBq_xAdoGFgoQBREdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi_BkAAyAfG6AXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHntwCiggCEAA.&s=323d379981058658383b98df5582b0872c81cbc5&type=nv&nvt=5&jm=1003&sid=5880457831112114343&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22009589&sw=1600&sh=1200&pw=970&ph=94&ww=970&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:54:59 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
34caa388-d3b9-4dab-97a5-1f82b297248c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
notify
tlx.3lift.com/header/ Frame 223F 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.179&ts=1648835697&aid=18507164141078263690713&ec=2409_15064_70_51750725&n=GgDyAtcBCAASFzE4NTA3MTY0MTQxMDc4MjYzNjkwNzEzGAAgASjpEjDYdUABSABQAWAKaABw5ZIQkAEAmAEAqAEAsAHOAbgBHsABswHIAc4B4AEo8AEA%2BAHOAYACswGIAiiRAgAAAAAAAPA%2FmQKkcD0K16PAP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BALwJIADrAKIA9gEkAMAmAMAoAMAuAOXAsADAMgDANIDCzcwXzUxNzUwNzI14AP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8B6QMAAAAAAAAAAPADzgH4AgyIAwCSAwRkM2QzmAMAoAPPjAaoAwA%3D&b=1
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ Frame 223F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=PremiumAds_RON_Prebid&aid=18507164141078263690713&rev=5dec76c&pr=can%27t%2520access%2520top%2520document&bc=0.206&bmid=2409&biid=4720&sid=15064&brid=264549&adid=70_51750725&crid=-1&ts=1648835697&bcud=206&ss=12&caid=0&unid=0&domain=f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com&ref=&rr=creative&fid=10&rb=0&g=0&cb=70245
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 3C97 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 223F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-128.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 22:10:30 GMT
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
503070
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
fsaaO5_DoShn_rQ1QBYTNavhBapD-1SlClsXIA4zjr2ZJTc-zgWnHg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 223F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-128.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:05:39 GMT
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
46161
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
JXtZ0cJi8wdtDhSMNlbK18vQ-3LrzZYiEPvzqjvHKTUWYiVEr0mF0w==
ctar
eb2.3lift.com/ Frame 223F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=PremiumAds_RON_Prebid&aid=18507164141078263690713&rev=5dec76c&cta_render_method=1&cta_render_text=&cb=93216
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 18F0
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.206/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750725_Qrtbwp_R_I_WAUCTION__PRICE_X-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0_Qrtbdata_Rljj-YrsttI1MjnkUui7EkxCLfc0...
  • https://track.adform.net/adfscript/?bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-M...
987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P_WbtM2lWFbbEY6kM34_Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2;OOBClickTrack=
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a63608feb6dc2823cb808f06d658d76d6c47b7ac0b03b978677a4c5f09b1f9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
833
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P_WbtM2lWFbbEY6kM34_Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2;OOBClickTrack=
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 18F0
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2123232730093984153&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=f94db942-b5f7-48c4-9628-ad858073d0fa&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
aop
eb2.3lift.com/ Frame 223F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=PremiumAds_RON_Prebid&aid=18507164141078263690713&rev=5dec76c&pr=can%27t%2520access%2520top%2520document&bc=0.206&bmid=2409&biid=4720&sid=15064&brid=264549&adid=70_51750725&crid=-1&ts=1648835697&bcud=206&ss=12&caid=0&unid=0&domain=f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com&ref=&rr=creative&fid=10&rb=0&g=0&cb=77861
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ca
tt-9964-3.seg.t.tailtarget.com/ 		83 B
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=102776233
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
2c6fee983f81df313e87f330ee4504359f64a554315bd41a9408425e8cc8e479

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame CABF 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W00-9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 18F0 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.206/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750725_Qrtbwp_R_I_WAUCTION__PRICE_X-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0_Qrtbdata_Rljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ__tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P__WbtM2lWFbbEY6kM34__Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/XTpK6c0fzYZFlgwl2lf_HQ1LuHnerRfBubbwsnl4TRo1SDis-3BnmX2Lnx9okqnQkRRxR_8gAXxXj1sJGBNZO_fwdERPXNW5rlIhwrRwZzRRxJTCkPHLEc7KPA-EOYNLJOZzc9ZIcY_psH-IjlFGhD55_hMAbZaT-F1O8Dh6ESezrDuneqIbGHEOVIGALZ1MJj0FwMZVrAyqxZ9gT-7HyVbs-EP_0kWrd0RS5CWU22Tz_mnS0TV0eTE_xvQzLSaLNBFKDGdzdk3qzaKG2VFmQQS0SP2Ns5abm0TIpI09Y5aV3qO5Gu_UamNbwzge3iviKI3JRniSbA1wziEtX0S1fxxhlySnaJJmR7VWPGRtonlLDbNZ-pSX64KdlWPp5lyWom_4-gDEWxWsscqw_C2W4sGtb2bsu91yxH5JHz_luiE4OhmrYGX-M86dOiiw5Nmc3g_YnTQ2_3pB7PMMvfP_GqbjXdcR4ba3Ga_0ByGz_na-1QHuNprpLsSwxkD1TJ7oXkdeBBLo-Aaf_j-GTWVhKPjd7VngP6Hctz-aJ00sWkQy-FNBn2Gw9kZ4XphAX-EhcqAfRThOb-6kT1sWGx2HRWVlomZUWTqimfQrVQ-v5FtujeskQgPIzbFVdy6aJ8NhRwkbZEJdyUBziMpT2Do9yvFDInjQqm0FYsUPy4F6SR1ecYOCJ0eeKT0FH5wGVzEDo8-pYH7v8Hm8lhlVg1b64TOMxrCO3iNTiseZb65rTJ-UGL-VKBsKBqLTVpadEnB3eunxOzV36rnaAwo4ADqu2Q0jSUcnwTF7G3lMoDoyGiMMaakjqZ-kwzVylG4fm2VCdogeG9PBgyzfdKFDEKCh_X6X9jwHEmFZYbbmfv59VMWGqAd7abgvgWW_mUa6C3zKM4tJmmXhIrgw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 02 Apr 2022 21:02:35 GMT
truncated
/ Frame 10C2 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 10C2 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 10C2 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Origin
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:54:59 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EB2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJGzrcTxHYrffNYLO3gOm4La4AgAAAAA4AeAEAg&bg=!6uml6a3NAAZku-1yRLs7ACkAdvg8WmIqsBSvnzked1TJdT2HSstRFOJQdh1PcwBpJeEBdnVYm-7BLAIAAAFFUgAAAAJoAQeZAxqnQFridWGbKsSgNudjws3KKaeokM-WiHYqPO8upSd0B1ZaaxVitoBGxgxNN7W_3ofiJa_Y77n8s--VxIfVYiPaHIoqS_ek0SRaq0cWHRQyWePrf01Ej-RLWIpliUK09ncP9LUqgbH5TRbFfm7d0jywOb4f0iyUvkrXlxOrfVb2FSSih6BDWYgGbV6QhopvsiiJs49T0b9rm3WVsVFQ1n-5i6M9ECIVWT6WQpr9xMV_0PiTKXSyLQ1fggbomBd1opnC9QD1gb9J1_GPih0s64q2S3JKftTO8OQ2uGvjCYYsRfyuXoTXi-4Ps_IQOe-UhmccdY4TA4BQEA6TqHmrfkCvPQ_6DNRaKmLllVrIvW5D7cdAH28LIpXJLzNjDkXyHOe3VE-8RaMOVpSanYNSOz-CcEelzD1Sc5DqEruLbt7uWuXoXkZfh8crUSD5Pp88a2iK3NRBv55Ki5nhbPdswF5QhLcWDrePY-KoQzc-tLQpVt-U9LyOrphsafckfMzH5EjFgxGzVDn0ZXCg7OB5lMnSftCQXZ-LnIvuMOSdEl5aVSedYQqdrxsJ24ImlL5gSG-nR3050q7NQb73m_tLuh8kKOtWMkaj_wBL87cPsY-AolUIJYkcD0Xpvy81khAQqzXTdGtacO9bo_tNZqy-Y3rVhBLpNgNAoCRUAYCiM_OVAHUbZvfCvXP2ZibWxX9ypdfSeUd9gY24iAQmLga9B-0_2OFIYV74HYpnyuJgz_ed9eM3XtwHd5K_9kCseyKwSArXebixxWhd4CKnjuIaud4O2Du9MlllgoItRIW3c54C-V_9YTcFm0_Cy4x2pzA6mQS3DKBgP1IhzhKLRJyTyA25ESiYsJ2Uvuiu6LgV47fLY5M24YRoBHjL4QSPrmMeZQYBCOx4-Qrmob33fqLDAu7PIbLPuxXAKRxLLOfSELw3wEfDby9R-fd1l5iX2e1P3TjNUo_A09Q4zsIe927ufYMnpe5oDUClgdlYK3-p6ipFrKyULzVY6gFHbICem_fQzkNtTKi6TRNJBBuiWJi1N7LEWp4Ts4OA1E_CoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 01 Apr 2022 17:54:59 GMT
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAvymlIFM29DNKSI8KpZjnc&google_cver=1&google_ula=862479430,0
70 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAvymlIFM29DNKSI8KpZjnc&google_cver=1&google_ula=862479430,0
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAvymlIFM29DNKSI8KpZjnc&google_cver=1&google_ula=862479430,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 18F0 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=51750725;rtbwp=0.22042-B0Xeh68Utd-ULUUiOp1alayn68jpwCuB0;rtbdata=ljj-YrsttI1MjnkUui7EkxCLfc01vjBQPwJE3r15QHBCgpZ_tep2e0rFU80T61fQtPHFlwWVWwRxccFuhpLfQm-FQ8a-MZZxYc6WA0P_WbtM2lWFbbEY6kM34_Bh-MDGP6YI0as6Pr2ckjjcnANuRfyveDFy5jDXcMlHw1u5iCwmHynaVolsfYUuRASEZw1nGM8gCszMGVBodOxc2CfdQw2;oobclicktrack=;js=1;adfxid=1x;7765;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fricmais.com.br
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4404a2bd9a64c692ac4fc1716a1cd1143887050defdbbd46f4cfab25eb63e567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2284
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07D0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIksicTxHYrbfNYLO3gOm4La4AgAAAAA4AeAEAg&bg=!AgGlAUXNAAZku-1yRLs7ACkAdvg8WhewvoopbU8GtxjPbVG6QlNVXILfboMg-ZepKFaj97rV9k0zawIAAAFOUgAAAAJoAQcKABm6mPdBzW7uouFrBAox22-CROyiC0O_J0IEmQMsRgNIH1zQPlIwmI1iUzz6RZU1sgjLc5IesHJZxlzWNvHR2ljIrqdMnn6lPDObC8H7l2c0Y0Z7TLbh7l788mLCUkdOH5DEO_rBerNUBP2t4IJ8neWjW4Xa3LQVRA10A9dsTEasCa2dbFUaAuDUKi7TEZ6bHCGdOk6_a-9YTlaEoSwT-5VbT78TbJje_swmdhy6vqqsY1SBMYDgS3LIa2i-XGsRB4mcx9TqMTVsFK3OPJb-kPbki3yKz_ABR4r47iWwM1AHD9TD3nubUJ3-UAhvsCQycQ8FgAIzRibOJbD9PredVoV-P5j2sChr960E3RvGoDCw6TjDISYsRzlA13QzB5vBJuHAUcby0mOyJlyouz3uraXe2lCFSz-r0zNW7CoTVhylRnfU6NZEe1ptTtZqICnMEthK_bOfjdHU9zSbM94asx8ed-DMJ43m6HiW_Y1-KnRXrTKBnBmUk5ZvE08JlGc-_J5gVeRu1FrdXSJTj8X69alunzPtx5h47vI6xPUVEWS_oasebirazPLS66xBoljGjFqISKUIDp9NtFt5ljk1q1zvHsbHSUrsvCsT1FAnLrsTXnmkKhN2C-6ao1Uc11j2YkhxZKZbkCqYb_bqpNL59AsX8k2wr8qXBHdmQysXOT0V7L7pWUDfpnU4gFa-p9iqZn5xi1GXGJ9SUa-NlSb90JB2blLk6JEInHiO5Ag7q0llA0P8Y4HTqPpS9Qo-p5gkqU0Ila81xY-Ad9c15JvDGQ2XQmVFUOQ7Ll93TGdChJ1bxs_iFmbHbdJVfPQX8SlETNhOpAY84vHKlTXQp2YkIJuxkDI1-FhCDBTiAm61uaVPqGM1cugJddysOJJegv2TVbAjmSaQwv1TVK6mAbBkaOoazS2sjWszZHNVflpGCg5nIQIvFW70bgsdlJ-OL-fOz-HclTmbeRwUI_VWSSK50ZzaJsyeGuiyPSmn2qg3s1Ig4pcbnV79JmhH4fxAMwD7ZKkiF-_-G1tQLgt2u-NSXpZCrj4dnxrpjO5PEJLCF4Q3u68IFQro5TKeoNfzG9jL1CkPNyktDnwjFrD5Gt2ZrDHq9imlIAT_uW8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame 10C2 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5965&&&vgd_l2type=sca&v=1&gdpr=1&geo=50.1%7C8.63&dlper=20&lper=100&lpid=&tsid=15040&q=&prv=&type=&ps=&hint=&td=SrcTagSwitchMarketplace%257C%2540%257C&cc=DE&wsip=170785067&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=243&fdkt=350&vgde_kbbh=ffoNu9&kwd[]=Schlager-Musik+online+h%C3%B6ren&kwt[]=350&kbc[]=175849&kwp[]=1&kid[]=329461323&kbc2[]=rps%3D0.14%7C%7Cps%3D0.762%7C%7Crpc%3D0.32%7C%7Clvl%3D1.50&ktd[]=274894815488&ktrkt[]=Schlager-Musik+online+h%C3%B6ren&kwd[]=Online-Musik-Streaming&kwt[]=350&kbc[]=175849&kwp[]=2&kid[]=326741607&kbc2[]=rps%3D0.08%7C%7Cps%3D0.762%7C%7Crpc%3D0.51%7C%7Clvl%3D1.50&ktd[]=274894815488&ktrkt[]=Online-Musik-Streaming&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+60&kwt[]=391&kbc[]=1261981623&kwp[]=3&kid[]=326741322&kbc2[]=rps%3D0.26%7C%7Cps%3D0.547%7C%7Crpc%3D0.35%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+60&kwd[]=Musik+online+herunterladen&kwt[]=350&kbc[]=175849&kwp[]=4&kid[]=329492657&kbc2[]=rps%3D0.30%7C%7Cps%3D0.762%7C%7Crpc%3D0.28%7C%7Clvl%3D2.01&ktd[]=274894815488&ktrkt[]=Musik+online+herunterladen&kwd[]=Klassische+Musik+online+h%C3%B6ren&kwt[]=350&kbc[]=175849&kwp[]=5&kid[]=329492618&kbc2[]=175849%7C%7C%7C%7Crps%3D0.83%7C%7Cps%3D0.762%7C%7Crpc%3D0.24%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Klassische+Musik+online+h%C3%B6ren&kwd[]=Rock%27n%27Roll-Musik+online+h%C3%B6ren&kwt[]=350&kbc[]=175849&kwp[]=6&kid[]=329546345&kbc2[]=175849%7C%7C%7C%7Crps%3D0.85%7C%7Cps%3D0.762%7C%7Crpc%3D0.00%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Rock%27n%27Roll-Musik+online+h%C3%B6ren&cid=8CU62MU8E&vwid=1648835698563085821&vi=1648835698563085821&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_refdomain=ricmais.com.br&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785067&vgd_nrrv=22475&vgd_nrrmf=1c808&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1648835698150428927&sttm=1648835698826&upk=1648835699.23126&hvsid=00001648835698826007642542084260&verid=3111299&sbdrId=99&vgd_ecrid=311932842&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POD1F265&&abpl=2&&kbbq=%26asn%3D9009&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8Ovff99iXWi~Q7Ovff99iXWi~875EJvK00I4tPb~e8Q8G8j875v9~N875vR4DZCKc4I~LJkMNz7vu~LM8EvHX.uHu.uXf.9~LMQNvIp~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvi99i~G-M1uv9~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhvF~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9h~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvu~OYYMOfivk1jQJ~OYYMOA9v9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv9999999~G-M8z7YOv9~G-My8zQxv9~G-MLQEvv9~G-MQ8lJvih9-i9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9hi~OYYMLv9.Ahh~JMLEYv9.fiF~OYYMYuv9.fiF~OYYMYfv9.u9X~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhv9.hHX~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.hHX~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.99A~OYYMYuFv9.HFi~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAAvu.999~OYYMYAHvu.999~OYYMYAXvuA.999~OYYMYAFvuA.999~OYYMYAivuAWi.999~OYYMYH9vuAWi.999~OYYMYHAv9.iA9~OYYMYHHvu.99A~OYYMYHhvuFhX.999~OYYMYHWvfuWAhu.999~OYYMYX9vu9.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.fiF~eGLv9~G8Ov9.iH9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovff99iXWi~e8JB1G8j875v9.h9fHFF~NGOEv9.AAW~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.999~myG8Ov9.iH9~875EJM8OvuF~QJjjJLM71yM8Ovff99iXWi~N1LL8JLVOv9~ONx7vFX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=210909&vgd_scsver=168&vgd_l2ch=0&vgd_rensize=970_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001648835698826007642542084260&subBdr=99&bdrid=9&fp=Nqe6AmvzaFoI13vv3q2Kyg0xwH2iCZSGfRHNwRWDpO9S6KgQPUysw01Yap37-LOyw2Nnc8l50dRm_-1O3Gbj5XTOSUZaBODzqUsOYnxZLw4wTB0VRVv3YKm4YP6g5pBLuu2bugOCQ34%3D&cme=WW75pf-3elEjRwnbSI0WDBo7hD-6tOO4p2zHPZYEPo0h6_GlRN5hMMKsUm_v_keKRdQeB5IG0eNqUcw6q4-pqM2Fhcx01av56FCTUfH0L_RHDyXDRJ4w020GuN5pK2m5-xN4q_woISvHOrw-SEXdU_687Ik5y85qreQQEUrbjGpr2y2huVhJNpUriLJOvp4s3hsm76EmC0_LTlI_FMh40r8gboM7KspSHETD-aS-Ky8%3D%7C%7Cxrl5Md8q4-8HZCXp3otuDhps_mGEDlvQMEG2lXl0Xik%3D%7C7LOhTdGd6YbBcpfy68OCy-DNuSGkbVxXET8Zb6FPYW-YqThieE-mYmm5r8TSN2_Rz7rdAqN2ygNPVsmYbmBDRMHZYN0w2ac2GEBBVQyqgHOFcf198XT3nxGvfD6DH7cQveHVKC2NNGpRUDoYQanw2H_eh67IEi3QdL1tQRtDQPljhaDSja-c-g-czlC21PRQPQ0yA3R2qRiVQAcSX5oJ3l7taJCLyfyuO3rXFB3agic%3D%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD5qicWyon3k-niY5oY4kYvE5cm5unYVgeU%3D%7C&rc=0&rand=1648835699284&acid=b7a4881efa0a4d86831a0e07d24316ae&matm=1648835699285&requrl=https%3A%2F%2Fricmais.com.br&vgd_ltime=683&vgd_ltimesrc=1&vgd_l1hcsd=N9%7C2152&vgd_l1ch=1&vgd_lhl=3108&vgd_pgid=p0745156934t202204011754&vgd_adprefflag=01&vgd_csip=rtb-common-5df5fc9cbb-qmw78.BE&vgd_sbSup=1&vgd_nrrs=22475&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fricmais.com.br%2F&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CUH5EN48%26adt2%3D101633514%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CU62MU8E%26cpcd%3D4dFCXIGN5CVqke7kU6nSlA%253D%253D%26crid%3D487003955%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26kwrf%3Dhttps%253A%252F%252Fricmais.com.br%26lw%3D1%26matchstring%3D%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8POD1F265%26requrl%3Dhttps%253A%252F%252Fricmais.com.br%26size%3D970x90%26tpid%3DTH72J2U%26ugd%3D4%26vif%3D2&vgd_end=1
Requested by
Host: ricmais.com.br
URL: https://ricmais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 01 Apr 2022 17:54:59 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 01 Apr 2022 17:54:59 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1648835698947_764254276&tJ=CA15447,CA15795,CA15771&tQ=par-ricmais,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F723C4762C8062B1902A18C2D&tX=b.52&tY=1&tZ=503074476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:54:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EEE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-Gqs3ulzWpXKp2U_WtppLXf8LubXnP_OdHb1hhgyyiRg1l2cRLNeHiEqZcuGlkE_u68oCWJW6OVy188GENFeijM4LB4oOyGn3VqM4&sai=AMfl-YTJAJJ3LJYeVUnae3QttXdjOlb3uMYpIWZ_nJn2grLqGYJZXQXvcGV-QgpedXXQ37RpUH8h3esIha-et4_7bv2gK6_u6m-Lwv-Gj27e7A&sig=Cg0ArKJSzDXMsTRqbHmDEAE&cid=CAQSLgCNIrLMluBdfcVw6WNvsLMueaXXgXcFJ6At-QZp1cPLi3eAi3htjJc3NYLsGzQ&id=lidar2&mcvt=1000&p=234,436,324,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=502024572&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648835698358&rpt=340&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=408336624607677&bg=!hYalhsLNAAZku-1yRLs7ACkAdvg8Wt3JRFpshTX5yeL18oilrk-IKvDlqu37BXsPuf0AMx02ta9IrgIAAAFbUgAAAAJoAQeZAuD6dLzj1vTNXgxeLJZHC3GcnB95DI9fAuA0X5rjPA2owT-VlNBGzc6SzLIJtlZI09YCVLfzBTfaXxQSiHFotp8IcG5SJ954xov5Hd_ijSdJ8YiIO2wV9KQnLPggCRk5PJuLvwF49j9qFfSm5lZyQD6n997lE8mlXvWEUsfFMJpG5WwPajjIAD3R4moCOIxIfhOG1w5rLtMwVqkkbWzMoWXPz07suIsQkXpLcaqsczQBSNd5ziOEntT0b2RBzVB8rN0oJ79h2St7wqhzpLege4nHuyHF_tEHH1B-dZmrb0WMr_-8U6aOjneVU-yh7gmcFEAR-6rlfdYvw8W1tQ4sre1vorROIhjD_V-80DMLGQHiHSC1FsaqMHkFAUICHjATh8-haCLCX6g4sj2MhbG4vlVC0jQIQAXobCs-OuhwvUxgiRDjG-PdhCHnyclngwx7HYcIEYVhvyvPShfdvJyOWz0FDEpgMRHBI2KDho08kJauY_WOtPiC3vAnUhtInbaDH_IddjhmDCgozF219y-XtwkWbcmSLKV9q2jZM7xtPFQNZE2x9KTI-HcAuAs2fOsdb-bs9UPyEaJ0E9pjdPB4ad_3TcFv1HJD4Y1Iu_CZQkEbV8PJPV-UJAdtUGCG5Fwq1JM9NofbsQwMBCcywAulWA3Tv822L57fErcASGP2pHqdk6oFJhhYtAWMocSxvIX7vT0L0828vcW8G6Xntn3d2cdoLDhrIVNDHj0cbcUYVx-iGH-3bhRlJ_bfqSof56cUAZh6e4nkH8WBxMHKU_sjQChg_pvT3yiB0ZnGfOviLctlgahcwzJTy4xaMhfPm9NSd3sFHQ5pJcq-wLfABaSRi15lpGZFporv-osS9At9NptbLnIuPmJo6VIac38cz444D7wkX9O0PO80Myzg9jcQeCFaCKOrypXVci0ItROyoZi36RDypINpZCOWbiSPJvKdbfK-0awSEKGGLn1vlD6M3mDs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
sync
eb2.3lift.com/ Frame E767 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=77786
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5dec76cf1a860796541e8c215ef2582d0ec40bb4/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e450ba30da4e0b8e243f3e4aa61b5d02e4c22bce80bc0a5e3d9c7cd43d2403f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
461
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 17:54:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generic
match.adsrvr.org/track/cmf/ Frame E767 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E767
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E767 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E767
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ4NzgzMzMwMjY4NzEzMjkyNDg2
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame E767 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=948783330268713292486&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:54:59 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 169D29EE31784F2EA9DA6526839B0081 Ref B: FRAEDGE0920 Ref C: 2022-04-01T17:55:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbm3oyCKumsony9gwCfg==
xuid
eb2.3lift.com/ Frame E767
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/948783330268713292486?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D0Vy1nBE2oTmBrkXUuJ5xDp7jrFR9IRbGix7Cd5AjQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D0Vy1nBE2oTmBrkXUuJ5xDp7jrFR9IRbGix7Cd5AjQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 01 Apr 2022 17:55:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D0Vy1nBE2oTmBrkXUuJ5xDp7jrFR9IRbGix7Cd5AjQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame E767 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=948783330268713292486&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.34.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-34-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:54:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame E767 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=948783330268713292486&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4696288DAECA4836984AE3F07803B5F1 Ref B: FRAEDGE1415 Ref C: 2022-04-01T17:55:00Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame E767
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=948783330268713292486
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=948783330268713292486&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=948783330268713292486&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K9C7SHNZPJ8G00XTNRTD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=948783330268713292486&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E767
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77786
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
syncframe
gum.criteo.com/ Frame 4772 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ricmais.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5136
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 17:54:59 GMT
server-processing-duration-in-ticks
2132
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:55:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 18F0 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 02 Apr 2022 21:08:54 GMT
sid
mug.criteo.com/ Frame 4772
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ricmais.com.br&sn=ChromeSyncframe&so=0&topUrl=ricmais.com.br&lsw=1
  • https://mug.criteo.com/sid?cpp=KT-ctHxqRmdSdkdubHkyalpnU3hKaStTMHRxVEU1UXRVWGk5Y2dsbGM0ZitkcXl4YjRVUXpJVDRpTTgweDNmOWxpZlN3dHVwRU5lVElCUXlJK0ZkdjRQdHRqNWswc3NlbTcrK2hzRnBzMjdNYUZHUk83cHlmUGcxRm54T2...
428 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KT-ctHxqRmdSdkdubHkyalpnU3hKaStTMHRxVEU1UXRVWGk5Y2dsbGM0ZitkcXl4YjRVUXpJVDRpTTgweDNmOWxpZlN3dHVwRU5lVElCUXlJK0ZkdjRQdHRqNWswc3NlbTcrK2hzRnBzMjdNYUZHUk83cHlmUGcxRm54T2o4TG5LUVFtWnp5RWVqa0F4dzFUdlE1SXRVQU1CT0RmTlM3VDFmUHc0Q0FDQjdYWlJVeW5Iek84WGFvblFYaCtQSXJ5VmE3MUdqbjFYeFV4SFlKa2NYYWVNS0xXZjVGM3FNR0pSUVUzN3pyUSt4NWdOZnlHLy94V1hMam5XQ3NwOUQ3eWVwU2orR01tZ1hqem05cTVhelBQZmRRSXc2UT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ace4d64bfab50e073f361bf68aea90dfc8db7ddc97b9a1e9197a0dbbdbfab5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5519
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=KT-ctHxqRmdSdkdubHkyalpnU3hKaStTMHRxVEU1UXRVWGk5Y2dsbGM0ZitkcXl4YjRVUXpJVDRpTTgweDNmOWxpZlN3dHVwRU5lVElCUXlJK0ZkdjRQdHRqNWswc3NlbTcrK2hzRnBzMjdNYUZHUk83cHlmUGcxRm54T2o4TG5LUVFtWnp5RWVqa0F4dzFUdlE1SXRVQU1CT0RmTlM3VDFmUHc0Q0FDQjdYWlJVeW5Iek84WGFvblFYaCtQSXJ5VmE3MUdqbjFYeFV4SFlKa2NYYWVNS0xXZjVGM3FNR0pSUVUzN3pyUSt4NWdOZnlHLy94V1hMam5XQ3NwOUQ3eWVwU2orR01tZ1hqem05cTVhelBQZmRRSXc2UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1734
content-length
541
expires
0
/
track.adform.net/csimpr/ Frame 18F0 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=51750725&csi=mU-pRT3vY8RQ0IIMLAFhsrlWaIP15qEEQIyxv2L49M8JDwKV3Zer3J1l3QiX6u3PclIwKbU148QBy0bCJX2blGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41371948.jpg
s1.adform.net/Banners/41371948/ Frame 18F0 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41371948/41371948.jpg?bv=2
Requested by
Host: f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
URL: https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
667b6bf076e296e4c0dcf03def1f9b8e43622a739e0efe75a57a8042007c211f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
last-modified
Tue, 23 Nov 2021 15:00:01 GMT
server
nginx
etag
"619d01f1-24a9c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
150172
view
securepubads.g.doubleclick.net/pcs/ Frame 581A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKgRvOrsM7pf5EUqcW14L7u0mzO_nO77n66-ivnDsWaqhq_dADRtxWOs_Zf0hkPsyt5ZrBloArtNe3fMJ7_VTELWaF_qXPac5y35S9f_1bIuV0xulva577RtSuyrzCLc6nlq7WewxwP1tyCmoo4YCqcb_J3KMQjhlgSsXjjvwQVgBlxME4JKGiZVyFCNRKtOmaFtxJMkLlvq06tFEBLp3oKm8ShHesRaZetbFsVzP_SHBNg8HG3EhVz6NxMz6_SInIu7wyamewSIZhfVGEIOCTm1uqL-eiKMstgjvSt6qHteOm8ApqwmRTA7AGyyknnQM49Q5r6Qdg&sai=AMfl-YSnnLbco34o17oF0R9iwy0eTabIXST8ADZ9VEnypDSZdOFTzxQIyvp431-lkh1pHHOQmskNvFeDw-WQMDko3uk5sEkx49ON2S4agp5YFw&sig=Cg0ArKJSzBEkFtyvKGF3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Apr 2022 17:55:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fricmais.com.br%2F&domain=ricmais.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Cf8tEnw2Q0RDMU1wMW9WM01ZYy95cVJhck85Y3pVT0JsVnpTNzJGTjFpRm9YRmhLNjFlbnZ1d21hK0JsS1JicmRKb0hNc2pWbEZIRzBlVFcvQldJcEpzSWQ2ei9XdGc5Um9YcnpuNVIwSStOL3JpOHAxMVQ4QlBtWmk5Q3...
454 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cf8tEnw2Q0RDMU1wMW9WM01ZYy95cVJhck85Y3pVT0JsVnpTNzJGTjFpRm9YRmhLNjFlbnZ1d21hK0JsS1JicmRKb0hNc2pWbEZIRzBlVFcvQldJcEpzSWQ2ei9XdGc5Um9YcnpuNVIwSStOL3JpOHAxMVQ4QlBtWmk5Q3BHWXFqS2xQVi9mL3YxKzloV0w0aTVWMHNMU2pkcEF2c2J6QTZQYnhuL0dMZHF3QVY3a2tiNmR0c3M1K2pJcjBydUpZSDFBOTRHelcxNTh4Wm5WMFFNK0pXQjc0M3lxY1ZHQitnYy83cGRQTnpDRnhGM1JSNSt4V1ZLU0ovblVpSVRjQnljaCt6bDUvQ3BNYmRUbVhzK0U3TTFKaHB5NHh0R1RaQVN1U1NJUWZiUW5pNENZWT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2f49ac03adf0da2d47341973387a95f780b92dca98b8e82289cd025688777df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3287
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
location
https://mug.criteo.com/sid?cpp=Cf8tEnw2Q0RDMU1wMW9WM01ZYy95cVJhck85Y3pVT0JsVnpTNzJGTjFpRm9YRmhLNjFlbnZ1d21hK0JsS1JicmRKb0hNc2pWbEZIRzBlVFcvQldJcEpzSWQ2ei9XdGc5Um9YcnpuNVIwSStOL3JpOHAxMVQ4QlBtWmk5Q3BHWXFqS2xQVi9mL3YxKzloV0w0aTVWMHNMU2pkcEF2c2J6QTZQYnhuL0dMZHF3QVY3a2tiNmR0c3M1K2pJcjBydUpZSDFBOTRHelcxNTh4Wm5WMFFNK0pXQjc0M3lxY1ZHQitnYy83cGRQTnpDRnhGM1JSNSt4V1ZLU0ovblVpSVRjQnljaCt6bDUvQ3BNYmRUbVhzK0U3TTFKaHB5NHh0R1RaQVN1U1NJUWZiUW5pNENZWT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1771
content-length
567
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fricmais.com.br%2F&domain=ricmais.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ricmais.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Apr 2022 17:55:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1763
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1788 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 01 Apr 2022 17:55:00 GMT
ETag
"623de86a-cf34"
Expires
Sat, 02 Apr 2022 17:55:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame B339 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
cf793988f53d9d4fc1b7d48196d0c9bbc128723d90303efe8f2a9bad8b8936d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
521
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 17:55:00 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 25F3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 17:55:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0502 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1648835697091
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2788397559477685773&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2788397559477685773&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2788397559477685773&dongle=d407
pragma
no-cache
date
Fri, 01 Apr 2022 17:54:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame B339 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=948783330268713292486
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame B339 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=948783330268713292486
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAF-zk7EjnkAADVS_J5_DA&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAF-zk7EjnkAADVS_J5_DA&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAF-zk7EjnkAADVS_J5_DA&dongle=bzwx
Date
Fri, 01 Apr 2022 17:55:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=da07d978-b1e4-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=da07d978-b1e4-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=da07d978-b1e4-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Date
Fri, 01 Apr 2022 17:55:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
da07d979-b1e4-11ec-9746-d710e3bebab8
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=6fcd6d83-befe-4ef0-8f32-7f83c2b98074&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=6fcd6d83-befe-4ef0-8f32-7f83c2b98074&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=6fcd6d83-befe-4ef0-8f32-7f83c2b98074&dongle=31ac
Date
Fri, 01 Apr 2022 17:55:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=Ykc8dAARZ2OOdAAy
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Ykc8dAARZ2OOdAAy&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ykc8dAARZ2OOdAAy
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=Ykc8dAARZ2OOdAAy&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ykc8dAARZ2OOdAAy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1648835701.811798,VS0,VE0
x-served-by
cache-hhn4081-HHN
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=Ykc8dAARZ2OOdAAy&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ykc8dAARZ2OOdAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=905200602991461316&dongle=4d58&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=905200602991461316&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:00 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8db46d7f-0f5a-421e-be93-c4985b4fc8ee
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=905200602991461316&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f92c3b86-d3ef-4bff-49c5-c3a5cbdbb2a7$ip$45.141.152.68&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f92c3b86-d3ef-4bff-49c5-c3a5cbdbb2a7$ip$45.141.152.68&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f92c3b86-d3ef-4bff-49c5-c3a5cbdbb2a7$ip$45.141.152.68&dongle=4430
Date
Fri, 01 Apr 2022 17:55:01 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame B339
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f&dongle=3995&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f&dongle=3995&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 01 Apr 2022 17:55:00 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Apr 2022 17:54:59 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cf8tEnw2Q0RDMU1wMW9WM01ZYy95cVJhck85Y3pVT0JsVnpTNzJGTjFpRm9YRmhLNjFlbnZ1d21hK0JsS1JicmRKb0hNc2pWbEZIRzBlVFcvQldJcEpzSWQ2ei9XdGc5Um9YcnpuNVIwSStOL3JpOHAxMVQ4QlBtWmk5Q3BHWXFqS2xQVi9mL3YxKzloV0w0aTVWMHNMU2pkcEF2c2J6QTZQYnhuL0dMZHF3QVY3a2tiNmR0c3M1K2pJcjBydUpZSDFBOTRHelcxNTh4Wm5WMFFNK0pXQjc0M3lxY1ZHQitnYy83cGRQTnpDRnhGM1JSNSt4V1ZLU0ovblVpSVRjQnljaCt6bDUvQ3BNYmRUbVhzK0U3TTFKaHB5NHh0R1RaQVN1U1NJUWZiUW5pNENZWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Apr 2022 17:55:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1149
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 25F3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:55:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18303
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Fri, 01 Apr 2022 23:00:03 GMT
async_usersync
ib.adnxs.com/ Frame 1788 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:00 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
db462095-b3f2-4567-9984-bb2967ec528d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 25F3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=locpbDzxT6e4EV1YQXqIdg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=locpbDzxT6e4EV1YQXqIdg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=locpbDzxT6e4EV1YQXqIdg
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JTGHB2RS9F1TZ3BH4H4F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=locpbDzxT6e4EV1YQXqIdg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 25F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
setuid
px.ads.linkedin.com/ Frame 25F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1GQ7A9D-1E-BHLX
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1GQ7A9D-1E-BHLX
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:00 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8348CA7700104F8DA254E71D75725062 Ref B: FRAEDGE0920 Ref C: 2022-04-01T17:55:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbm3pAKhg/k9L3qYeY3g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1GQ7A9D-1E-BHLX
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 25F3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0pdbApukTHGNvzTkEUgAxA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0pdbApukTHGNvzTkEUgAxA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0pdbApukTHGNvzTkEUgAxA
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KCT78XB5M6PNDFP076MV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0pdbApukTHGNvzTkEUgAxA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 25F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFHUTdBOUQtMUUtQkhMWA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFHUTdBOUQtMUUtQkhMWA==
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFHUTdBOUQtMUUtQkhMWA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 25F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2I5ZDkwY2I2NTJlMWU1MTg1MTdkOTMwODFkMjUyODJhZjY5NzE3ZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2I5ZDkwY2I2NTJlMWU1MTg1MTdkOTMwODFkMjUyODJhZjY5NzE3ZQ
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2I5ZDkwY2I2NTJlMWU1MTg1MTdkOTMwODFkMjUyODJhZjY5NzE3ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 25F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Qfr7Cc067xyqqURm1mz6Tcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6599176773678877437
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6599176773678877437
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Fri, 01 Apr 2022 17:55:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6599176773678877437
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 25F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
async_usersync
ib.adnxs.com/ Frame 1788 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:01 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
433648e1-34fd-409e-8029-fd91c350a5ed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
universal.min.js
tag.navdmp.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68abb180139391d184e19c20f88ef9eb58a75c4bc5a6042de8e74ee2402fce4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 17:36:15 GMT
server
cloudflare
age
631
etag
W/"623dfd8f-35f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6f533180afaa01f4-ZRH
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:44:30 GMT
tag.js
a.teads.tv/analytics/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
111e1637a25a85887a205cff8350cf6c6d2e34c224bd4cc462d24da93fd98ec0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
KZP49DU5PJjEyAdj9SsZEomLsKA7p3px
content-encoding
br
last-modified
Mon, 21 Mar 2022 09:29:58 GMT
x-amz-request-id
833XCM86242G6D9B
etag
"936712b48d00e8cbcbae5a726b10b3af"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Fri, 01 Apr 2022 17:55:01 GMT
content-length
4652
accept-ranges
bytes
x-datastream-cache-status
1
x-amz-id-2
IsYA8vntj0b5d/QHYMJUhRm1sBMoePJ27vbSkkePuDI6WlXb70zbcgDD4WX5i3CV9UbwiGfetDs=
video-loader.js
cdn.avantisvideo.com/avm/js/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f4c0e542-cfba-4767-a28c-3fa71b1571c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 02:33:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 09:58:31 GMT
server
AmazonS3
age
55304
etag
W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
1i7XCv36uOOt6hYLDlEDu0j-SV1qWmDML-GndNmW2cpwMpHxulazUg==
abc.txt
static.avantisvideo.com/data/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecc02922e0798d3506107ec57a202be0d69a50db9c543654bdd55763ebee18de

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Apr 2022 07:19:29 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 06:41:44 GMT
server
AmazonS3
age
38132
etag
W/"0c791a1ba36e4ae87dd9accac46b1746"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://ricmais.com.br
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4QUwZcJ2_8xTbyyNg4MOKQfZ-mMDmAULvxqYqNhsvhL8Kys6B6m0pQ==
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
46575
tag.navdmp.com/u/ 		706 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1950fe5697646d88798b21ffcc72287ee8f2834dbad51a9b77d226fc2c218f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 23 Nov 2021 14:41:01 GMT
server
cloudflare
etag
W/"619cfd7d-2c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6f533181084a01f4-ZRH
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:55:01 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame C153 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
35625
content-encoding
gzip
content-type
text/html
date
Fri, 01 Apr 2022 08:01:17 GMT
etag
W/"72b7eb0ed3b552f546f4240f3e4e9f26"
last-modified
Wed, 08 Dec 2021 10:46:21 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id
yPg2mislgvEB8z-Nab0rOWbHExypLFToEgB_em1bDWiLnJoQHN9dlw==
x-amz-cf-pop
FRA6-C1
x-amz-version-id
mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
x-cache
Hit from cloudfront
fpc
at.teads.tv/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=6f6425e&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ricmais.com.br
Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Fri, 01 Apr 2022 17:55:02 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame C153 		238 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6fd90b750de0f6da108e26f2b76f71ff8f379416342a3bc27345e3a18bdc5c09
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
238
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 17:55:02 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
U8di0M_ay-0AA5gF_tP2kgEMf7t2TubAPRnqgIkN15I0FSlIfJKQXw==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 01 Apr 2022 17:55:02 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id
6FSgISZSgfCs8Q12wdDPLw8K8J0yxZyNoOyPt5VRPQHYhHPYSMCRVg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
usr
usr.navdmp.com/ 		359 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=46575&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb17f01f04150f1685312b27176f5d0e66ca6aa669a9d8c3bada0f756c6f798

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
public
date
Fri, 01 Apr 2022 17:55:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f5331821a5001f4-ZRH
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:55:02 GMT
req
cdn.navdmp.com/ 		6 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=107bdce5ea3bdc909dae845e3810%7C0&acc=46575&tit=RIC%2520Mais%2520-%2520Not%25EDcias%2520do%2520Grupo%2520RIC%2520%2528Paran%25E1%2529&url=https%253A%2F%2Fricmais.com.br%2F&upd=1&new=1&h1=RIC%2520Mais
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5331833c0f01f4-ZRH
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=70797551082
  • https://sync2.navdmp.com/sync?prtid=2&id=70797551082&google_gid=CAESELot80vURPGA0ACm6owPOFo&google_cver=1
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=70797551082&google_gid=CAESELot80vURPGA0ACm6owPOFo&google_cver=1
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5331837c6401f4-ZRH
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=70797551082&google_gid=CAESELot80vURPGA0ACm6owPOFo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f
43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6f533183fd3d01f4-ZRH
content-length
43

Redirect headers

Date
Fri, 01 Apr 2022 17:55:02 GMT
Server
MT3 4320 2f2dfe5 master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.navdmp.com/sync?img=1&mdia=c87a6247-3c74-4b00-ac8a-dcbbd4868a4f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 01 Apr 2022 17:55:01 GMT
cms
cms.analytics.yahoo.com/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ef29376c37c5f0de7c9d0eb73b145dc5953c62385748741b4231b3d973621b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 21:34:06 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 09:32:15 GMT
server
AmazonS3
age
73257
etag
W/"3c81e8c04ad0f34b20184e45337442a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
T.5GQGxq6STVouLgTD.4wXGqZc6C.FGi
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
UwHmGVmU7FM4nCeMB2Dpsadp-90HPBWwlOsr7j04Lu5NXr1fmNdy8A==
t
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/6/desktop/generate/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/6/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fricmais.com.br%2F&eu=true&country=DE&hour=17&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e0b4cc6b7e37697a0d71419861c5cdbbdcacede16a8e15cb98f2a7beee966d4
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://ricmais.com.br
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
E_aeNDgvXPeJPoJpwYVgmpkZVj23nSAUVqgjB-VpZDPmkuaAuV2L6A==
t
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/6/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/6/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fricmais.com.br%2F&eu=true&country=DE&hour=17&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ricmais.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://ricmais.com.br
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 01 Apr 2022 17:55:02 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id
BAjhLMZf5jNqU6Z1UuU6r3RCbBKXjRPGJw1fCnmdDEg0B5TP_6ob2A==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.182.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-182-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
3.video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84fe329bdc4d406074a69062b2dc53fdc1cc81661cd2f444842627df6f23c6f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
6JJN3cReTXpxesUTwSX3DN0.XCwcVpum
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 09:32:14 GMT
server
AmazonS3
age
79074
etag
W/"b35b8481fc5a4833f64848de42a1b35c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
date
Thu, 31 Mar 2022 19:57:09 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cigFtjPR7pdeqd_UuRbzsfkjVsdWY-FQt2ksseM-Mj8ucInF2rIONQ==
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:55:02 GMT
X-GUploader-UploadID
ABg5-UyHJtlvgymttvR0WkJJmUqu3UQ8t4blYCJ41_EbdS7EHjn4J-WiSEyrlrsjfiac6czA7M7BhHCW98rYLPhBovI_-OFfgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Fri, 01 Apr 2022 18:25:02 GMT
aniview.js
player.aniview.com/script/6.1/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=6&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtloiG9y_bN-ymHE_TAeP1aTK6dVSlimZ1sg8m4we4nhf-j7J3qIz44no7nNCt2jUFzDmrhX3DZ9TfVnPposMhXaDVufg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9411
last-modified
Wed, 23 Mar 2022 07:00:03 GMT
server
UploadServer
etag
"d952c27305bb6bc0fc2717491c99c381"
vary
Accept-Encoding
x-goog-hash
crc32c=5TKo1g==, md5=2VLCcwW7a8D8JxdJHJnDgQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018802920987
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9411
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:00:02 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame A699 		364 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtaRE-_doNm3ulxH1xZmXzOjLHWBOKixWa9YVjtCNVK076_Ct2ecYI7CdJfflNfUhD8BhrShY3e4nSIKp4OGbE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104575
last-modified
Wed, 23 Mar 2022 06:59:54 GMT
server
UploadServer
etag
"02948485f0faba4c05b4a0eb92dd6f40"
vary
Accept-Encoding
x-goog-hash
crc32c=uG63EQ==, md5=ApSEhfD6ukwFtKDrkt1vQA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018794693190
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104575
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:00:02 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=ricmais.com.br&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.12&apppkg=&fv=3&proto=https&pid=5e6a51c868076262c752a076&cid=5e6a526eab54413bec34d2a6&stagid=&stplid=&e=inventory&vi=100&cb=1648835702945
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fricmais.com.br%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e6a51c868076262c752a076&AV_CHANNELID=5e6a526eab54413bec34d2a6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ricmais.com.br&AV_DADPOS=3&d36=6.2.12&responsive=1&sver=2&avtoken=702944&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1648835702975
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.120.178 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a60ed0033c139ceacda997fbddb2b7bd95451d11215860cb39d03459a001ba1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 21 Mar 2022 04:08:23 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.182.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-182-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Apr 2022 17:55:03 GMT
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame A699 		333 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ffbba010d8b2a59b00c92ffe2dcd7d70bb9565edbbdd998f1df06e8e06b3a421

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdutz_qczWAdpxzHbv8rOOEjdOv_7Z-UfE_ZnP--B98sTCZ5l7raedGa9riFsaBWQhfxU6Th4_hV6oCNVKhvabM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101837
last-modified
Wed, 23 Mar 2022 06:59:30 GMT
server
UploadServer
etag
"26b8dd7a2abe2a4394dc3d482a4507e4"
vary
Accept-Encoding
x-goog-hash
crc32c=2aMe6A==, md5=Jrjdeiq+KkOU3D1IKkUH5A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018770007457
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101837
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Apr 2022 18:00:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ricmais.com.br&rs=ricmais.com.br&sid=62779&t=1648835703&cip=45.141.152.68&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e6a51c868076262c752a076&test=&aafaid=&proto=https&uid=1648835703023-934070905784-007725-003-001237&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=56518827893&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e6a51c868076262c752a076&nid=59918a0e073ef4782e4e347f&pcid=5e6a526eab54413bec34d2a6&ncid=5e6f4158ea74d512b44efe11&pasid=5e6f4197ab5b5f38927e6206&e=request&cb=1648835703295&asid=60ca308ad0b8416c96158ab7%2C6074527221a4502b945245d5%2C6231f3ef6c8a637058274369%2C61c335968ddd5d7148567325%2C623882a546029f18126c4949%2C60114fe87a26b5449a5e6868%2C600fd166b5135d7a5d2ae184&ofpr=%2C%2C0.62%2C0.17%2C%2C%2C0.21&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ptv
ib.adnxs.com/ 		30 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=24657313&referrer=https%3A%2F%2Fricmais.com.br%2F&us_privacy=1---&cbb=8835703295&imp_id=7b065664-b6d8-425c-af3a-1e3a662b3eb1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3aaed1160aefc157a07c0c17f8283d86f092fb6b77ce47211e4941be06f4f9e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:55:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f3fdc502-f891-489d-a9ca-1a3a2a139a6f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		27 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20946842&referrer=https%3A%2F%2Fricmais.com.br%2F&us_privacy=1---&cbb=8835703295&imp_id=7b065664-b6d8-425c-af3a-1e3a662b3eb1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:03 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cab8e223-222f-4cec-907d-93733aecf5fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ricmais.com.br
date
Fri, 01 Apr 2022 17:55:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d4867d13391783737b9a80fa495690e7e6cb56e8eb8bbfce1fd69110d9d27632
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 17:55:03 GMT
X-Proxy-Origin
45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
75ee3b6d-b8bd-4bc9-8677-70c10e580359
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ricmais.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.177.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ccb8ff6181fcfe7625d0d4249afb4f0f6fdca1c356f24a150b5368db0b6cc63

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 17:55:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://ricmais.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ricmais.com.br&rs=ricmais.com.br&sid=62779&t=1648835703&cip=45.141.152.68&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e6a51c868076262c752a076&test=&aafaid=&proto=https&uid=1648835703023-934070905784-007725-003-001237&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=56518827893&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e6a51c868076262c752a076&nid=59918a0e073ef4782e4e347f&pcid=5e6a526eab54413bec34d2a6&ncid=5e6f4158ea74d512b44efe11&pasid=5e6f4197ab5b5f38927e6206&e=bid&cb=1648835704101&asid=60ca308ad0b8416c96158ab7%2C6074527221a4502b945245d5%2C623882a546029f18126c4949&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
anwrapper-1.1006.0.js
acdn.adnxs-simple.com/vx/static/w/ Frame 57BD 		174 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5091dcc281c0f1b55c61c40aa4cf2ad40a407882bfccee8c345b5c3529a2fce5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 17:55:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 16:27:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6203eb6a-2b93c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
50704
Expires
Sat, 01 Apr 2023 17:55:04 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.182.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-182-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Apr 2022 17:55:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A699 		375 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e6a51c868076262c752a076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127864
x-xss-protection
0
expires
Fri, 01 Apr 2022 17:55:04 GMT
pack
rb.adnxs-simple.com/ Frame 57BD 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.215 -, , ASN (),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash

Request headers

Referer
https://ricmais.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ricmais.com.br
date
Fri, 01 Apr 2022 17:55:04 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
vast
bid.g.doubleclick.net/dbm/ 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame D3FF 		52 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 01 Apr 2022 17:55:04 GMT
ETag
"623de86a-cf34"
Expires
Sat, 02 Apr 2022 17:55:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame 7AE6 		592 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
586672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Mar 2022 22:57:12 GMT
expires
Sat, 25 Mar 2023 22:57:12 GMT
last-modified
Fri, 25 Mar 2022 22:49:52 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame A699 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Apr 2022 17:55:04 GMT
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame DC76 		592 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
586672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Mar 2022 22:57:12 GMT
expires
Sat, 25 Mar 2023 22:57:12 GMT
last-modified
Fri, 25 Mar 2022 22:49:52 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A699 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ricmais.com.br
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 17:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E40E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:58:58 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9BBC 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ricmais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:58:58 GMT
async_usersync
ib.adnxs.com/ Frame D3FF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bid.g.doubleclick.net
URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AXACRVrnEq5GFMBMkFPaCpzZoIdMmeD7dtqIHfeDWQZck-izFpDvilalY87_TbWUQvppBf&dbm_d=AKAmf-ByovUVDDA8jlBSlcbNKGZq17GftDIGDwdZ2vQTOgmqZ1DGS9oX6aLgwSllNS3VUfW5ctmGAqMXT7h77J1icDcazOQ2oo6Bjc05TmD_5-ellBOdI4VckNd4kb2E2Fj9VrMvktmxeL9o5LhlUdhvtBQ6yFaOuyyRLauB0O_XzD1xQPspAzChS5i-lY_7kbIjYiawDekca96KLF4oNMoCkzoGAMYI2D3SRulQLnUPIRcKd9tF2J5du3Q8tXVhJxFd6CsFhP0ml_LAYG-rYSo1HcIKio1CQy3ljVrm1Az4FYLIeJaQAypBDPzxUuJeiOZDY_Efm04Iw2TYF-O0NgZ71diRMmUm4mtQ0E5N_f2j6nth0un4tbO6RIiHJP2XD1Vd8gWevpo7wXVtDChI7KVZt_NB6XPRwqOB1AJPv-KOPi_9BfZYrgW7roJXrDw8uARlu3m15E2_LqXq96ao2mR_PLWPBdDDM6zzhdw5quDoXmyvdhVxFbQ1LGTcxFZXjfIArPRHNcB5ppKxiDPZtRKvYBCQGaUgB73vcVCFko7FapJzEwlyHU9-pE1aeAPraOrVwjhchbIHvHvPo5HIEcQO7xG8LH_CH5X1Iyki_i51a43TWAowz3WRNsA0UxfabO_dT4Ht1tn4AjShL19Kg7Za87VrzeS90HHk22jOHSWov21Ye3hBZGa8VAekDcr8yobXVluQ1izoC5j_dMtcPwODPlhPEOjNRxBwI7WOXMwOTlsLPKc29z7fLbU7nvEMJOhA1jB7Q9mxxTpGAInLoYebzUwXx4lWOjX5sq_llCKizSsfTiViJ0kHmcGZxh53JPi_00AP-NE048z0Y1pOMSyCD32ONpQH84XW1UhVqCp1a30r7VIxqFx88hxuFjzUNiPGLhBDKMEEy0mKPKrahfJvyX-xnc-9kKxpJp68PDjpXKTItOi5W_rXLXT93z9yKTxQM2snfI-h1hpdQauY3jTj2t83yQZ0RlaraK1HDJ7ufLfciJYvl1FE80GgLPlIVXduBblcf2LAcbvFDqOsoVz04Q06401NrZcEu-4h1GP0TD_QM0bOBY-0Qq-N8mRDsZTuxBWl96-Z9xHdahqwOaVfj4cFfiQfWqCSY29Wfu2Zvc3mH9gfhu5Ch4ueW30Ikt0oXoVFy5qbyIklekxf4EmypZeUMhmFLs5pdL1PhmbS1-d4TJRX7G8bE4GJUib_Y-krQN3GSOCxiMvhMiQbKRrsyF-7jDzoErUyczt1mEaPwWLLF0I09kGaBwfGF5qZlumQpIIChZaqLk1bo0ntCJzUlUQ4tFESnKWPWO0IgFRxraWBsufItyDR0AxAr05Yp8__up2-gNlcKxEytvZyjfw0ZnkrxuxUox2XUMxp8cXTgjEcuUevLPPzubcwclZG-beXHGCKP-SHTyPWNIkZq8g_Sr8tycLoLkUezFYKReF7MwZTfWBIs6ZFkGSNX7i_c0EA6ORL9V1dF0MZ9AicFogmsSpU4BuNZ2YfWnTThOFdbs8SRZ-z-KqLuQP4XypKaGgaVC7fDBDDo-NnUbKgs-BYBuMs0I0Xt6w5Kr4XeTpuRI9v8aMltYVBnMw_pNC8vw_7BLdEZ6blgx0iLwSXNOHG0twrMvQN-17SKtgIRJejKfcMWwmMFWSjz587_Nb84C0R--UD-G01N4NguXqndBWK-WMDYZioC8R_eZ8Shi8jS6XreR-LDydcN2tPGHLoVe4aiQMrqqzKotsSjrkkqz2wVLsXeDuxHJOT_RgFpeNbgIJXRIx4o9m7ZWvaSftNcOFGL9wqqJa1pMAQXvSEX6sDqJJwlm6g68qSlP4sSGqxIjfSYeC3DesQ6aNAe2FtldUa0S36YN75OPfMh4P-QT7CMVIG6fG-XtxYHHIf8-mA2F02NgwFs14BZg-5CEiRwu9R7NFd9mR7sBMQ6jd-XR-n4kxSQNVPmnU2ONVfo9IeAo0pn00IeazqMvCxcgY6pMQz7aPRr64jZS6_8Cd2IXo3mLSVJ8dY1SsOziUS0aM5h_BDLQib0Duol1_ExJLz_GNNZKAV5q6qBe5N1Zr1uWksHD2Bf1pOp8nK2_AsEP8zazqc1Ja-XX7tIYVpA3yfsFYiYj7gu-rJmWPw3GkGK6N1XGA_LSLfR0_dQonpJ9DlMsTeOm6yekBKZPaZrh1UvuzVbOg3iIh0Y7iQUM0aX8tzHfMRg9DOr-BLWwI4jD2zBOavK73MWlNdKJIrAFM_-_NkO8umCnCOKuV79g60kXSPok7GOTzb3ntdcMn6y2FBaNpf0YOuO7WTEYDHvOcfHKEW_BnNhjganPdhgZTLHRp1C22M6qaeYzQluzyJIxJ45623DJcVsxwSpI_kGsEQeH3_DEext4gJe0P0FdR7LP2XJYEHHCnyEgic0a_Mdy4d--JKn8JRMkyQ7DlsmDK8b-EN7-Qt5Bj5EQizkW2mx932cHrjAlqtMAmQcaGt08lVkBqRgjeEhGWiBJv_RofQHPrP56gUSeSZadzDPhyqDtjE-kSeDc8R4H81WcX1lU0nWCxGKRWyfRkd5hA5ajmOK8ROhSNz4jinFGYHXD0wOrO9qyqDCx2f7LwVAyPNUa0xJEcFwczaV6NeYPynlXHIa335h69w4s2a1MAbAuREXfZ9Xklh2B-RmxB_8e2k7JIeyDZnO1bATCkpYyv4WWUGVd10BEfPR0fWU5xyggnGBJCrixEtnhYiN-prVCqYDyTbcMhCD5qClHchR8tdwo97i0Lu3hwMgJua3cOJpHHNeNqPKSkllat9T-8uorzp8mtD8ToeprjFxsRMTVKZyyTl5_7OAexDORfGY_MvNlQ2xydy3yl3_Y9P4UCZzAvY6XAGCCa_2RsqQJwFpGrNNhG_lsWLpsGWeGwMB2O9ALl3QQgSF5vNkzh8afDs_-oMkIcEVwhj3VlZgUK4mI_IDqnMwSp3GkIqKThIPnshSctxKUDNWvFqjOfJxTHxkEYew2IYHSvzBQjipoL5KgjHUMMBbKtjsSFVZadZRUipp0pM0j3jfylMGFdj5VWN4zEYiuEEKXid_zguAeQ&pr=10:3.201756&cid=CAASEuRocE0G7LyUQZz7WIjHCtsBPw
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| pToolsCookieManager undefined| initAutoBlock object| gtagMapping boolean| disableAds boolean| disableInText function| gtag object| dataLayer object| googletag function| $ function| jQuery object| google_tag_manager object| r7 function| googleMCMCallback object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wpcf7 function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| wp function| sprintf function| vsprintf object| uiAutocompleteL10n object| lazyLoadOptions object| NetdealEvents function| dcf876 function| blockOrExecuteCookiesInit function| blockOrExecuteCookies function| blockOrExecuteCookiesGeneric function| handleExecuteScript51 function| sendTransaction43875 function| disableAllCookies function| enableAllCookies function| closeConsent function| replaceAllPv function| acceptedAllPreferences string| pvtReloadPage function| overlayT2345Save function| overlayT2345 function| overlayT2345SaveMobile boolean| blockGroupAccept function| acceptOrRejectGroup function| acceptOrRejectCookie function| doNotSell function| removeClassByGroup function| clearSelection function| isSelectedItem function| readGroupContent function| maZeckTheKing function| checkAllChildzz78 function| fetchHtmlAsText function| z400lp function| deleteAllCookies function| insertCustomStyle function| exec_gtm function| lpf234 function| clsBnnerAll function| clsBnner function| checkExpiredTimePrv function| clsBnnerPref function| doReloadAutoBlockPTS function| shmTCdPrvTzu function| createCookiePrvt object| ElementBanner object| cookieconsent function| portalBanner object| gaplugins object| gaGlobal object| gaData object| bootstrap function| SPMaskBehavior1 object| spOptions function| showColunistas function| Popper object| FB function| customScripts function| PremiumDisplay object| _pbjs object| _ppads object| _pppubtv object| _preview object| _taboola boolean| r7BarraLoaded function| LazyLoad object| topMenu object| menuItems object| singleContent object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| catVisivel1 object| catVisivel2 object| catVisivel3 object| catVisivel4 object| catVisivel5 object| catVisivel6 object| catVisivel7 object| catVisivel8 object| ggeac object| google_js_reporting_queue function| _pbjsChunk object| _pbjsGlobals object| ADAGIO function| udm_ object| _comscore object| COMSCORE object| _ttprofiles object| TTTagManager function| TTTagManagerError object| _ttq undefined| google_measure_js_timing object| Criteo string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder function| constants function| NetdealBuildNumber object| netdealStartSession object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| onYouTubePlayerAPIReadyAfterLoaded object| NetdealJs object| NetdealPurchaseStore object| OneSignal object| SpayceJs object| NdJs function| spyJQuery function| onYouTubePlayerAPIReadyNetdeal function| onYouTubeIframeAPIReady boolean| dontInitNetdealJs object| jQBrowser string| n string| nq object| cmds object| _ttconversion object| ttcNamespace object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| TTBase function| ttBaseE object| _ttqHolder object| r7ad object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 function| Navegg object| naveggReady object| nvg46575 function| parcelRequire object| teads_analytics object| avntsWebpackJsonp number| avnts_player object| avntsQ function| avPlayer object| storageAni

55 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9cmQsv4vCgoIgQIQ9cmQsv4vCgoI4gEQ9cmQsv4vCgoI5gEQ9cmQsv4vCgoIhwIQ9cmQsv4vCgkICRD1yZCy_i8KCQhJELLPkLL-LwoJCAsQ9cmQsv4vCgoIjAIQ9cmQsv4vCgoIzgEQss-Qsv4vCgoIjgEQss-Qsv4vCgoIkQIQss-Qsv4vCgoIkgIQss-Qsv4vCgoIlAIQss-Qsv4vCgoI1gEQss-Qsv4vCgkIORCyz5Cy_i8KCQg6EPXJkLL-LwoJCBsQss-Qsv4vCgkIXxD1yZCy_i8KCQgfELLPkLL-Lw==
.facebook.com/ Name: fr
Value: 0w5dSpODE3Drdvlfr..BiRzxw...1.0.BiRzxw.
.rubiconproject.com/ Name: khaos
Value: L1GQ7A9D-1E-BHLX
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0b67m62Mw47UHau3iET1N0BmQvWiFCZkJ2XwTgci4QkkHbixT3jwuOBBPP+iKDuTtC4j1FWO90+eFl1BdYHuF4ZGnHqyslY1I=
.adnxs.com/ Name: icu
Value: ChgIkP53EAoYASABKAEw8fickgY4AUABSAEQ8fickgYYAA..
.adnxs.com/ Name: uuid2
Value: 905200602991461316
www.netdeal.com.br/ Name: consumer_id
Value: "BROWSER:ndc4732240930_1648835698021"
www.netdeal.com.br/ Name: consumer_id_aux
Value: "BROWSER:1648835698140_3478fef2504c_1559294612"
.doubleclick.net/ Name: IDE
Value: AHWqTUmd5gQfKSusPdLGgAPYRuoDXbytLFTLi9Sl0dVNK743Hf-B8jYiy3oQTS1w
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGlISgP/HXVJ5BVHRd543UKy
.t.tailtarget.com/ Name: _ssc
Value: y
.t.tailtarget.com/ Name: u
Value: fwAAAWJHPHIySwaiFoYOAgB=
.casalemedia.com/ Name: CMPS
Value: 3184
.casalemedia.com/ Name: CMID
Value: Ykc8cg3yIt5p2HBIVOEhQQAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In5o6Ew8!]tbPl1M>e)ZlrFUfJ+tGXxp2IFzo:Se#b$:>Ed_>pfll==gi-]5*ZXJ!j1e3If)y3KL9D3I?+`Ydd?[
.casalemedia.com/ Name: CMPRO
Value: 1120
.casalemedia.com/ Name: CMST
Value: Ykc8cmJHPHIA
.casalemedia.com/ Name: CMRUM3
Value: 2d62473c722760CAESEJYOKl6HlncGT0l1qNFEQa8
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1648835698947_764254276
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
.bidswitch.net/ Name: c
Value: 1648835699
.bidswitch.net/ Name: tuuid_lu
Value: 1648835699
.bidswitch.net/ Name: tuuid
Value: f94db942-b5f7-48c4-9628-ad858073d0fa
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2123232730093984153
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA15447,CA15795,CA15771_1648835699
.3lift.com/ Name: tluid
Value: 948783330268713292486
.adform.net/ Name: TPC
Value: 1648835699373
.t.tailtarget.com/ Name: tp1
Value: CAESEAvymlIFM29DNKSI8KpZjnc
.t.tailtarget.com/ Name: dc
Value: 1
.t.tailtarget.com/ Name: n
Value: 1648835699
.bing.com/ Name: MUID
Value: 1C76CD9AD72C62103400DCE3D6476313
.criteo.com/ Name: uid
Value: e46f80e9-cb1a-4889-a3ba-66600d58b116
.yahoo.com/ Name: A3
Value: d=AQABBHQ8R2ICENEA6X89q03t2UpgvG57RmMFEgEBAQGNSGJRYgAAAAAA_eMAAA&S=AQAAApouGZLGzrIV-O9VRBjCo3w
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b2f34a4e-40bc-4f75-8b8e-397a33efd464"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg4MzU3MDA7MjswMjGGgNvoZVCdq10v7mwmIanqYe5oudpYts+Tocd4Dl2tzQ==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2554:u=1:x=1:i=1648835700:t=1648922100:v=2:sig=AQFT7ABXFH_DNWM_UrZy_AHqliSCefXw"
.mathtag.com/ Name: uuid
Value: c87a6247-3c74-4b00-ac8a-dcbbd4868a4f
.turn.com/ Name: uid
Value: 2788397559477685773
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ykc8dAARZ2OOdAAy
.bidr.io/ Name: bito
Value: AAF-zk7EjnkAADVS_J5_DA
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: tuuid
Value: 6fcd6d83-befe-4ef0-8f32-7f83c2b98074
.mfadsrvr.com/ Name: c
Value: 1648835700
.mfadsrvr.com/ Name: tuuid_lu
Value: 1648835700
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1648835700
.ipredictive.com/ Name: cu
Value: da07d978-b1e4-11ec-9746-d710e3bebab8|1648835701025
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f92c3b86-d3ef-4bff-49c5-c3a5cbdbb2a7.06Z2bV26MSnz47EjEAJkP6wqa1ge0lyh8VfNX4s9J9M
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-Sw7htPvS_9JxcOly9uypy2NmEQ.CRfrbeljg7kvobXVrBLaJ1GdHV8x5TghO8E%2FZ7YyvRA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AzW3LvtC6EoMjrqnqfbyJh0
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 107bdce5eab93f5db8f17be42210|1|121

4 Console Messages

Source Level URL
Text
javascript warning URL: https://barra.r7.com/tailtarget/profiles.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=948783330268713292486
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=948783330268713292486
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.turn.com
adservice.google.com
adservice.google.de
adv.r7.com
ams1-ib.adnxs.com
at.teads.tv
avm.avantisvideo.com
aws-fr-sync.bidswitch.net
aws-fr.bidswitch.net
b.t.tailtarget.com
b1sync.zemanta.com
barra.r7.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.adnxs.com
cdn.avantisvideo.com
cdn.navdmp.com
cdn.privacytools.com.br
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms-media-api.r7.com
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
d.tailtarget.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events1.avantisvideo.com
f926ebdd9d6377cfe2b00485ce00713f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
imasdk.googleapis.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prg.smartadserver.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rb.adnxs-simple.com
res-a.akamaihd.net
ricmais.com.br
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
sc.r7.com
script.4dex.io
scs.r7.com
securepubads.g.doubleclick.net
snippets.r7.com
static.avantisvideo.com
static.criteo.net
static.premiumads.com.br
static.ricmais.com.br
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.srv.stackadapt.com
sync2.navdmp.com
t.tailtarget.com
tag.navdmp.com
tags.premiumads.com.br
tags.t.tailtarget.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
tt-9964-3.seg.t.tailtarget.com
use.fontawesome.com
usr.navdmp.com
warp.media.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.netdeal.com.br
www.ricmais.com.br
x.bidswitch.net
bid.g.doubleclick.net
ib.adnxs.com
104.111.242.245
108.157.4.121
142.250.185.162
142.250.186.130
142.250.186.98
143.204.215.128
15.197.193.217
151.101.193.108
151.101.2.49
172.217.18.98
178.250.2.131
178.250.2.146
18.156.195.47
18.193.41.238
185.184.10.30
185.29.132.241
185.33.220.145
185.33.221.90
187.108.201.249
190.89.238.77
190.89.239.105
2.18.232.111
2.18.232.7
2.18.233.201
2001:678:cb4:bbbb::11
204.237.133.116
209.54.180.144
212.82.100.182
23.205.235.133
23.216.77.21
23.216.77.25
23.35.228.23
2600:9000:2057:4200:3:748e:7940:93a1
2600:9000:2057:e00:1c:38a0:8a40:93a1
2600:9000:214f:e800:8:9ed9:9c40:93a1
2602:803:c004:200::140
2606:4700:20::681a:8a9
2606:4700:20::681a:f79
2606:4700:20::ac43:4a70
2606:4700::6810:135e
2606:4700::6810:df3
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:698::2c79
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3605:381e:fa43:f4d:caac
2a06:98c1:3121::7
3.123.205.63
3.124.17.200
3.124.34.143
3.64.18.217
34.102.185.99
34.203.25.60
35.172.120.178
35.201.123.184
35.244.174.68
37.157.4.25
37.157.5.142
37.157.5.71
37.252.167.215
44.239.182.76
51.89.9.253
52.200.181.105
52.57.177.81
52.6.241.167
52.94.223.37
54.72.57.179
54.75.174.52
69.173.144.138
69.173.144.165
69.192.160.186
69.192.160.245
70.42.32.95
76.223.111.18
81.17.55.160
010e8dccbfbcbe84e3ca23850b95a5d5f5cbdc22049129c5637b785489825f99
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04c9af54b518766a3d9467fcdbac670cee661fa85141f7f1a6c46c61bc69eb67
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a60ed0033c139ceacda997fbddb2b7bd95451d11215860cb39d03459a001ba1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e57f5918a13e9c93ea39596451443f8a6fbec817b04f09acacf3662f7c12a20
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc
111e1637a25a85887a205cff8350cf6c6d2e34c224bd4cc462d24da93fd98ec0
119d1fe56ee3907568a9076d1ba1b019f3401f77eb432072f375b0b48c37dce0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e8fc071446160d1465f999d00208e73a5bbdfd0aa38f7e52fe66e3309955b4
1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829
1ccb8ff6181fcfe7625d0d4249afb4f0f6fdca1c356f24a150b5368db0b6cc63
1d037b6d428e1c1902e3b88c5ff1cb37468e170c3996033aab39669bc5fc09c9
1d176cce938e3b16601c343eb4a7d88ec8b99688ea4229a291ee73782284a73b
1d7dcbdf573cfe4386abf5cbcebc97caabfd23715785619cba12f51e949c7980
1ef29376c37c5f0de7c9d0eb73b145dc5953c62385748741b4231b3d973621b1
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
245bb9bb6e89fcd3202a97bda2d3f0f2f406e48cc6ebd5b3a7d43b9a5eed21e8
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
28d3815fabab7575483ad5c20b71dfe3b38d963e57c3227707ac0231168f5c56
299048689c196c7dcafdc3280a532e967e679ec771bd075d91e09def26f76d84
2c6fee983f81df313e87f330ee4504359f64a554315bd41a9408425e8cc8e479
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2e0b4cc6b7e37697a0d71419861c5cdbbdcacede16a8e15cb98f2a7beee966d4
2e9ac99fbe40ef4775c22bc48d42ebd40244116b8ded9408f2af838cce9b7fec
2f49ac03adf0da2d47341973387a95f780b92dca98b8e82289cd025688777df0
2fbf3af126d817d4144909558fa5978405da71d1d9cec75ad6734c9cecf63f98
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
306954d16de1c789f34afa5f21dd6ce55d7c3599fd8f825e6f922b0893d218b6
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33d48170131fd2039b694ad2325f0fff0e9141d54ded55321bdb62308fe7512d
349d35f124299f4cc151b9163060b9c5d82206c84bbf2b2a8740fc63c4ae309c
35fa2ca59598201824eed7c958a61335cd1daaa3856ae031aeda62a443868552
36378e17555f7897039ac0bb8d9db4cf97f3b965c14fbd0d192af7b22689713a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af
38e39062f4209fcc8461e7a5599a5cba4004f43f271812ddb7379ec24e61e16e
3aaed1160aefc157a07c0c17f8283d86f092fb6b77ce47211e4941be06f4f9e3
3ab5b6ecec51aaaa253e30fa23b09f5a1bbf932f168752dd1a8b4a66062327ef
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401e9326dbd59e94387e9096b53e96f551fabb0b26905ed76291c06483a6121d
4052d3188ab1fcb118713262f75f5e686ca76a983356cafd11cc3e330999e05d
4404a2bd9a64c692ac4fc1716a1cd1143887050defdbbd46f4cfab25eb63e567
44d53676506f21bed579062b091f0be4a691ecc3ef84e4dc01d1a87c70e6733a
492ea816580b6269c001a4a56bb3a70fccfc5554551ff1d4a95afd2bb522827c
493415537718aa22b87e34a2b7ae46daf50a176bbb889d57796e386b16b99073
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5091dcc281c0f1b55c61c40aa4cf2ad40a407882bfccee8c345b5c3529a2fce5
53e6f2b0ebc02166ae4ac275d7800de963a12fb4f46462222f9c1b689a122a6b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ddf20c364c6f2d7deb5866f9d2525f30c1296f4c7f20af9085198749c40615
5a56529f1a3836b9dee646175520b15edab3b1c4a7c1909d7771b227dda8e09a
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5eb3e8b6a5651333c449682efa20d6c344dec8f362229581feb2f202afec57a7
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667b6bf076e296e4c0dcf03def1f9b8e43622a739e0efe75a57a8042007c211f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68abb180139391d184e19c20f88ef9eb58a75c4bc5a6042de8e74ee2402fce4c
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432
6fd90b750de0f6da108e26f2b76f71ff8f379416342a3bc27345e3a18bdc5c09
714b2f8fc0f1428f312da9a7484469925b034cf6384dbd72f496b65e2fde961f
75bbed9465e0357e20a867f3e835fc000e5de508409e85f0f51424b267dd15ee
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7dfa71c5447cc5fdc4588ee611ac81e793ee4c6daaa9fbbaf195cd744329f0c0
7fc5b151e4cfda6a4b3f5ee7a173468c5fafd5ebe8648de4e40f48503d837cd8
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836d883cd17a9b1eeab42d979dab9bff4758b13dfc807349af016694a039f367
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fe329bdc4d406074a69062b2dc53fdc1cc81661cd2f444842627df6f23c6f1
86408395d0b369ad0ebab70b87a6e5fc4c36189628c7c19635c2354e450e0b13
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
893112444eb6c9c1d685159da5c9cf96c4af46ce77cebff6fcee6ffb87ccb96d
8af3ca0262fce9ac49c9a33de96e1c1fd36d48d1070d76023e0fc41dd380380c
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8e36cf46c1f6bc04666bbf0ebdf6bfba4a694a44d13637aed5777d3636d55756
8f5e97230caa7d2e21d9e18e3b2e09da937e81bca9bcca30f2e4f5d240b1c8f0
8fac2e8fbce9dc297dbc5c9fa7e64c41d8be05df0bc0340eadd01e167f74b927
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91dd5b228e05cf2e795af9e9cba362f6e91a29c620972e547194b51a8b7100f3
938344b0aae263ecc9c186c7f5ab90b10b2d1394f762b13bc8122b8c7a23174b
93e4203d9e755f3af24d6800b4629a588b8fac16fad6cea3a76e1eb2473a189e
95d902d6868287832fda3e1b75149c1aefee47db33e70f2eb5663c2621eda5b8
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
978735293b9cac9f73f8a37e53afb965351f7e205dfa2b5165001e4d20787835
97c88b79a751482a481b67a7981501e9ebe7be62bcad30bed748de21f218ca95
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a629a84c525f68bae66232d9427f4df77c84cbd1d0556e24b254c07a9422e5d
9bd18123f031f83e1291e02875c710cfe37fd805a22d1d47fc9dc2031741ca09
9c79f8e69ab46c938bb87d0d04e0a708c4039d8cc3a3a455ef7945243620b88f
9ec4ca9b1a37d617b373fe664aa5849bda2a5d823b0dc569f0fde9b373d3cf64
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0bf152d57a4df9327e27f2a902b1e8e7c48d0684ea2d227c4338361d1214d1f
a0e7b9f5d60a168dc0a53692a6d3eb45b8cef9071b85eb85cff17f8803fbb57d
a111c5ad56a37b159b5d36c1b49379fa17079a21ed1c9370ab11220eef9022eb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a436161b4133ce535b961cf53a630fa56ff1056670cb53d8045f8cd34fbc1fd1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63608feb6dc2823cb808f06d658d76d6c47b7ac0b03b978677a4c5f09b1f9fb
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7433c70c0c27f9ab46ea42d025561349a88c0344faba8c7d261615186799106
ab9c2ce090d7cbe8b897f15304c610a622465a8a94a661f7d15048598bea7484
ace4d64bfab50e073f361bf68aea90dfc8db7ddc97b9a1e9197a0dbbdbfab5dd
ad8c3eef2cd93cf44fecc1aa3b2202573a2e4f5be8899e0a502f53b0630fd01a
ae5170f9eda6c524808efc94aafb6113685bf4a8bd5ca07bd061f1c3420cd984
af9cc8680c2a103d0cbc601fa171ac82ba8489fe93b576a6e1c9a99ccb59b6ee
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6e0b16425d67244be12fc4828112004f717e3267738490d0044493d3db2a47
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c038142614386defe90276b5757b4d3c0ebe5554093757cf366bffb76833d2df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c5235cbf8944664df0f507cd063884648773b54d269f65776c28e2e2e3f0a6c9
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7c82034d05942708d9b34d82fb3199b70e0faad83e609ee549db028314acb48
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c8ac15e6905978581ba1179f326e1350ea71202cd220e0fda8e7af6756d09680
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
c8fb8290c9b84880c045020c72c7c086d95d1b0390feb8e1c62c8b1a2d88bb91
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
cdca6c6dad0058fa1535632c9545a655f6ab1d63a19672309da564bd17b5b289
cf36cddb867c0661af31587bea3b3724a7ff5a3db5cb935526232ded4f255080
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf793988f53d9d4fc1b7d48196d0c9bbc128723d90303efe8f2a9bad8b8936d9
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d18c2cc74f2ccfcde3e1a762f8eb3c5e96c2bf1febe27f211fcbb2766182b3f9
d1950fe5697646d88798b21ffcc72287ee8f2834dbad51a9b77d226fc2c218f9
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d3a4eda40c81b6af6b8531de4a7571060cf25dec16a41a0080dc020c4f0b9dd6
d48065293e64589b33d9cfedc14fc4bf394570e90c183a912db23605446e9db7
d4867d13391783737b9a80fa495690e7e6cb56e8eb8bbfce1fd69110d9d27632
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d903605db7deeaa8b31fdd665945d3126fe1e33d47978499df23df4f6d416a9c
dc29f5193a688aad285871f68e37e37982602243e563056551cc4f0a4fee1207
dc5be1bd37914389ada11438bcbdaae6f1a6f6e402a2a415ac9558acec8c794a
dd69db050945063e092f3020e3f2d74eede936a5f5e723ff941e92d19bb73bfe
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
de10821a60610177275f7c73fbeafd070a70c4131ec798889b78d6cce4ef1d3e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de99c2063596c67fcd076f06e6e113bfc3882dfc5d4a798e4eafd00ed70e84e1
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0d5a7fcc16c1b7e34044a24868e0e780c7a19ba41fdc28dd090c72fc494f2bf
e1044efc6f9181f24d8dc1ce6a56d990a0af379d5ac34bf9bb1a1f10bf2dc55a
e1dc442c1f428a40dc13733e89246fd0d99571fa2f6d76ffbbc6031389d5f040
e378f88ac542d00d65db8e2d6956d184ea37992b5143ed5e91c38e4f62983985
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e450ba30da4e0b8e243f3e4aa61b5d02e4c22bce80bc0a5e3d9c7cd43d2403f9
e45512e6a8849091f2b483d2e2698b1dc9d29f4b479562886f92119048843cbd
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e73356d7f272c8b109ef3b61568f5502c6f6b7fb698d4446364c9a02965f985b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8f188d5991b472aad22b8d3aa1fa2c021ebe6baf9ba65cd22f802d1f335ec89
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
ea75ea886581f66a9b2ecbe46efa092d8b2aa51525413c796e4aa3008d1cdff2
ebe31f021c4f865342a830f2d65c8e6051b778c9c7f54a7ea7a8370a65b43a6e
ecc02922e0798d3506107ec57a202be0d69a50db9c543654bdd55763ebee18de
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f246cffbe47c99b2d2ca0fd5966733e37aa8c31650a2f9d78932497ec89c7848
f254e61dd3fd23537dbedf1c0afb1728d28d702687ddedd423851cfb3d55804f
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f46ecb430921a486fdefe829af0de888e022ca62df915e7d4fc9abcdd7c8c187
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fa7b512593d1faa62852c4917f86a476dae718be92f1ca59999e08fd05ce6907
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd9ad37eedb9f23edf7807fefe74a6873cf33b8f6feb0ffd26398833e43dc3b2
feb17f01f04150f1685312b27176f5d0e66ca6aa669a9d8c3bada0f756c6f798
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
ffbba010d8b2a59b00c92ffe2dcd7d70bb9565edbbdd998f1df06e8e06b3a421