www.correiobraziliense.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://correiobraziliense.com.br/
Effective URL:
https://www.correiobraziliense.com.br/
Submission: On May 21 via api (May 21st 2023, 6:13:12 pm UTC) from US — Scanned from DE

Summary HTTP 442 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 80 IPs in 14 countries across 65 domains to perform 442 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.correiobraziliense.com.br. The Cisco Umbrella rank of the primary domain is 222601.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on March 29th 2023. Valid for: a year.

This is the only time www.correiobraziliense.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:1f18:659... 2600:1f18:659d:b900:a682:4228:b437:d906	14618 (AMAZON-AES) (AMAZON-AES)
55	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
26	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	52.95.142.22 52.95.142.22	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	99.84.88.4 99.84.88.4	16509 (AMAZON-02) (AMAZON-02)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
3	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.36.27 108.138.36.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:7a00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	99.86.91.3 99.86.91.3	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	99.80.210.150 99.80.210.150	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	18.155.129.84 18.155.129.84	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.164.52.38 18.164.52.38	16509 (AMAZON-02) (AMAZON-02)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.145.49 13.32.145.49	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
9	34.231.83.155 34.231.83.155	14618 (AMAZON-AES) (AMAZON-AES)
7 15	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
39	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1 2	18.200.41.115 18.200.41.115	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 3	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:cc5:dc1b:2834:9d22	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:237... 2600:9000:237d:9e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7780:62e1:f694:ef6b:7146	16509 (AMAZON-02) (AMAZON-02)
64	5.226.179.19 5.226.179.19	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	2a00:1450:401... 2a00:1450:401a:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:62::a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:9ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	35.158.42.58 35.158.42.58	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.157.212.150 18.157.212.150	16509 (AMAZON-02) (AMAZON-02)
2	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	5.226.179.10 5.226.179.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2 2	2620:1ec:4f:1... 2620:1ec:4f:1::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	85.184.96.0 85.184.96.0	47171 (UNIBET-AS) (UNIBET-AS)
1	104.18.28.137 104.18.28.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	104.18.2.163 104.18.2.163	() ()
1	2606:4700:303... 2606:4700:3035::ac43:c1f7	() ()
1	2606:4700:303... 2606:4700:3031::6815:2c18	() ()
442	80

1 2600:1f18:659d:b900:a682:4228:b437:d906 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

correiobraziliense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)

www.correiobraziliense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
midias.correiobraziliense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogs.correiobraziliense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
voosemoferta.correioweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edicao.correiobraziliense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.142.22 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com

campaigns-ad.s3.eu-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-4.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-27.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.91.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-3.cdg50.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.210.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-150.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-84.cdg52.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.52.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-38.cdg50.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-49.cdg50.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.231.83.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-83-155.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.41.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-41-115.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:cc5:dc1b:2834:9d22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:237d:9e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7780:62e1:f694:ef6b:7146 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 5.226.179.19 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
members.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content001.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:401a:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5e6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9ce (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.42.58 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-42-58.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.212.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-212-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.226.179.10 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

members.bet365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::60 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b1.trickyrock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.184.96.0 (Malta)

ASN47171 (UNIBET-AS, MT)

de.unibet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.unibet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.137 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bwin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.2.163 (None, ) 1 redirects

ASN- ()

www.pinnacle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c1f7 (None, )

ASN- ()

admaxium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2c18 (None, )

ASN- ()

pixel.admaxium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	bet365.de www.bet365.de — Cisco Umbrella Rank: 502880 members.bet365.de — Cisco Umbrella Rank: 432789 content001.bet365.de extra.bet365.de Failed	1 MB
55	correiobraziliense.com.br 1 redirects correiobraziliense.com.br — Cisco Umbrella Rank: 190296 www.correiobraziliense.com.br — Cisco Umbrella Rank: 222601 midias.correiobraziliense.com.br — Cisco Umbrella Rank: 385155 blogs.correiobraziliense.com.br — Cisco Umbrella Rank: 920159 edicao.correiobraziliense.com.br	2 MB
46	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337 pubads.g.doubleclick.net — Cisco Umbrella Rank: 424	331 KB
44	googlesyndication.com 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	319 KB
39	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	546 KB
17	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953 eus.rubiconproject.com — Cisco Umbrella Rank: 566 pixel.rubiconproject.com — Cisco Umbrella Rank: 315 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967 token.rubiconproject.com — Cisco Umbrella Rank: 573	16 KB
12	pinnacle.com 1 redirects www.pinnacle.com guest.api.arcadia.pinnacle.com Failed	1 MB
12	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 37353 go.trvdp.com — Cisco Umbrella Rank: 30746 s.trvdp.com — Cisco Umbrella Rank: 31158 p.trvdp.com — Cisco Umbrella Rank: 26147	145 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 373	235 KB
11	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	22 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 835 static.adsafeprotected.com — Cisco Umbrella Rank: 595 dt.adsafeprotected.com — Cisco Umbrella Rank: 569	99 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	2 KB
7	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837 dis.criteo.com — Cisco Umbrella Rank: 575	9 KB
7	media.net prebid.media.net — Cisco Umbrella Rank: 1346 contextual.media.net — Cisco Umbrella Rank: 599 cs.media.net — Cisco Umbrella Rank: 1383	5 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950 s.amazon-adsystem.com — Cisco Umbrella Rank: 273	4 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 9037 www.google.de — Cisco Umbrella Rank: 6080	1 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	6 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	387 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 437	349 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 29395 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758	3 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 899 pm-widget.taboola.com — Cisco Umbrella Rank: 4523	252 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3537 onesignal.com — Cisco Umbrella Rank: 1386	83 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	admaxium.com admaxium.com pixel.admaxium.com	2 KB
2	unibet.com de.unibet.com www.unibet.com
2	trickyrock.com 2 redirects b1.trickyrock.com — Cisco Umbrella Rank: 133629	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	1 KB
2	betano.de 1 redirects www.betano.de — Cisco Umbrella Rank: 410910	544 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4789	651 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	529 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27888	23 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	openx.net oajs.openx.net Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 2602 us-u.openx.net — Cisco Umbrella Rank: 436	395 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3109	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 155	3 KB
2	amazonaws.com campaigns-ad.s3.eu-west-2.amazonaws.com — Cisco Umbrella Rank: 250882	129 KB
1	bwin.de www.bwin.de
1	bet365.com members.bet365.com — Cisco Umbrella Rank: 63372	1 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 80
1	googlevideo.com rr5---sn-4g5e6nsk.googlevideo.com — Cisco Umbrella Rank: 90765	2 MB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 339	648 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	618 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 724	45 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470	586 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1373	400 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2334	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	878 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5348	189 B
1	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3523	2 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 8049	3 MB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 101	162 KB
1	correioweb.com.br voosemoferta.correioweb.com.br	383 KB
0	otherlevels.com Failed cdn.otherlevels.com Failed
0	serving-sys.com Failed secure-ds.serving-sys.com Failed
0	hotjar.com Failed static.hotjar.com Failed
0	salesforce.com Failed pinnacle3.my.salesforce.com Failed
0	sentry.io Failed o417691.ingest.sentry.io Failed
0	zeronaught.com Failed ponos.zeronaught.com Failed
442	65

	Domain	Requested by
39	s0.2mdn.net	imasdk.googleapis.com www.correiobraziliense.com.br s0.2mdn.net
34	content001.bet365.de	www.bet365.de
31	midias.correiobraziliense.com.br	www.correiobraziliense.com.br
28	www.bet365.de	campaigns-ad.s3.eu-west-2.amazonaws.com www.bet365.de
24	pagead2.googlesyndication.com	campaigns-ad.s3.eu-west-2.amazonaws.com securepubads.g.doubleclick.net tpc.googlesyndication.com 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.correiobraziliense.com.br tpc.googlesyndication.com 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com imasdk.googleapis.com
18	www.correiobraziliense.com.br	www.correiobraziliense.com.br
15	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com eus.rubiconproject.com
13	securepubads.g.doubleclick.net	www.correiobraziliense.com.br securepubads.g.doubleclick.net
12	www.pinnacle.com	1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com www.pinnacle.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
10	googleads.g.doubleclick.net	www.correiobraziliense.com.br 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com pagead2.googlesyndication.com
9	p.trvdp.com
7	www.google-analytics.com	www.correiobraziliense.com.br www.google-analytics.com
6	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
6	www.google.com	1 redirects www.correiobraziliense.com.br tpc.googlesyndication.com 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
6	ib.adnxs.com	2 redirects www.correiobraziliense.com.br googleads.g.doubleclick.net
6	www.googletagmanager.com	www.correiobraziliense.com.br www.googletagmanager.com www.bet365.de
5	csi.gstatic.com	imasdk.googleapis.com
5	dt.adsafeprotected.com	49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
5	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	token.rubiconproject.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	region1.google-analytics.com	www.googletagmanager.com
4	blogs.correiobraziliense.com.br	www.correiobraziliense.com.br
3	x.bidswitch.net	3 redirects
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	dis.criteo.com	2 redirects 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
3	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	fastlane.rubiconproject.com	www.correiobraziliense.com.br
3	prebid.media.net	www.correiobraziliense.com.br
3	prebid-us.creativecdn.com	www.correiobraziliense.com.br
3	cdn.taboola.com	www.correiobraziliense.com.br cdn.taboola.com
2	b1.trickyrock.com	2 redirects
2	cs.media.net
2	pm.w55c.net	2 redirects
2	contextual.media.net
2	www.betano.de	1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com
2	members.bet365.de	www.bet365.de
2	static.adsafeprotected.com	49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.correiobraziliense.com.br
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	match.adsrvr.org	49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com eus.rubiconproject.com
2	fw.adsafeprotected.com	1 redirects www.correiobraziliense.com.br
2	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	www.googletagservices.com	www.correiobraziliense.com.br 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
2	www.gstatic.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net www.pinnacle.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	onesignal.com	cdn.onesignal.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sb.scorecardresearch.com	cdn.taboola.com www.correiobraziliense.com.br
2	cdn.onesignal.com	www.correiobraziliense.com.br cdn.onesignal.com
2	campaigns-ad.s3.eu-west-2.amazonaws.com	www.correiobraziliense.com.br
1	pixel.admaxium.com	admaxium.com
1	www.unibet.com	campaigns-ad.s3.eu-west-2.amazonaws.com
1	admaxium.com	www.pinnacle.com
1	www.bwin.de	campaigns-ad.s3.eu-west-2.amazonaws.com
1	de.unibet.com	campaigns-ad.s3.eu-west-2.amazonaws.com
1	members.bet365.com	campaigns-ad.s3.eu-west-2.amazonaws.com
1	www.youtube.com
1	us-u.openx.net
1	rr5---sn-4g5e6nsk.googlevideo.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	ssbsync.smartadserver.com	49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	s.trvdp.com	go.trvdp.com
1	a.teads.tv	www.correiobraziliense.com.br
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.correiobraziliense.com.br
1	go.trvdp.com	cnt.trvdp.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	pm-widget.taboola.com	widget.perfectmarket.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	www.google.de	www.correiobraziliense.com.br
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	pro.ip-api.com	campaigns-ad.s3.eu-west-2.amazonaws.com
1	widget.perfectmarket.com	cdn.taboola.com
1	edicao.correiobraziliense.com.br	www.correiobraziliense.com.br
1	i2.wp.com	www.correiobraziliense.com.br
1	i.ytimg.com	www.correiobraziliense.com.br
1	voosemoferta.correioweb.com.br	www.correiobraziliense.com.br
1	correiobraziliense.com.br	1 redirects
0	cdn.otherlevels.com Failed	www.correiobraziliense.com.br
0	secure-ds.serving-sys.com Failed	www.correiobraziliense.com.br
0	static.hotjar.com Failed	www.correiobraziliense.com.br
0	pinnacle3.my.salesforce.com Failed	www.pinnacle.com
0	o417691.ingest.sentry.io Failed	www.pinnacle.com
0	guest.api.arcadia.pinnacle.com Failed	www.pinnacle.com
0	extra.bet365.de Failed	www.bet365.de
0	ponos.zeronaught.com Failed	www.bet365.de
0	oajs.openx.net Failed	oa.openxcdn.net
442	109

This site contains links to these domains. Also see Links.

Domain
assine.correiobraziliense.net.br
concursos.correioweb.com.br
wa.me
www.facebook.com
twitter.com
instagram.com
www.youtube.com
news.google.com
voosemoferta.correioweb.com.br
blogs.correiobraziliense.com.br
clubedoassinante.correiobraziliense.com.br
flip.correiobraziliense.com.br
www.dapress.com.br
www.diariosassociados.com.br
www.classificadoscb.com.br
correiobraziliense.lugarcerto.com.br
correiobraziliense.vrum.com.br
impresso.correioweb.com.br
buscacb.correiobraziliense.com.br
www.cbdigital.com.br
www.correioweb.com.br
webmail.correioweb.com.br
anuncie.lugarcerto.com.br
vender.vrum.com.br
www.tvbrasilia.com.br
www.encontrobrasilia.com.br
sites.correioweb.com.br
www.em.com.br
www.uai.com.br
apps.apple.com
play.google.com
www.pinnacle.com

Subject Issuer	Validity	Valid
*.correiobraziliense.com.br RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.s3.eu-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-08`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.correioweb.com.br RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-26` - `2023-07-26`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
bet365.de Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-09` - `2023-07-18`	2 months	crt.sh
betano.de Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-30`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
bet365.com Cloudflare Inc ECC CA-3	`2022-12-20` - `2023-12-19`	a year	crt.sh
unibet.com R3	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.bwin.de DigiCert TLS RSA SHA256 2020 CA1	`2022-07-25` - `2023-08-24`	a year	crt.sh
pinnacle.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-03-01`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.correiobraziliense.com.br/
Frame ID: F79FE7F7F57990D7A1F4E98FF5D03777
Requests: 161 HTTP requests in this frame

Frame: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 554221DCCAC96ADCAE491D62669CB4B7
Requests: 1 HTTP requests in this frame

Frame: https://cnt.trvdp.com/js/1577/6685.js
Frame ID: 5C9753CE4E6BFC80FD80D8403D49122B
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 2D99C31EF700EE53EFEAE628D2960D16
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.correiobraziliense.com.br
Frame ID: 3F80590938C09EF6F32BA132C4C2010B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Frame ID: B3DCF7EEDC3F459846FE806275EEEEF0
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E38262DF495190B1C44978EAA32A3C21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2296DE45EAFAD19406C7BE9E8265A73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01E891553F53D5173D4ED45FA8608145
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Frame ID: 107F650D15371C1A401A59792A80D4EB
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Frame ID: 6FD6355DD232744AEDA150F49C9F63BC
Requests: 13 HTTP requests in this frame

Frame: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C25B8D9168C317D281F45E41488BE132
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNVDEdJ8F7GPyXORHBKKLeG5aL1lYPFTI-Rxm_OwqzbdyOJfKKXrs5FrdbFUDzKcxoj_Wl2eizNrSG97q6NHBQrVciWflY3CXSdW2Wm9qEuACtFBUtG4zDi6UxR2a8UKyJJcL-xXThB0RcoeKNXluKW3TiBe7g_iqE2eerPu5V7xg8QaFaI
Frame ID: 2C1623D537211DD5BD50913197EE1563
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: AF55B1D55CB38EB61158DB6FBDD455E0
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Frame ID: DE87D7854AA6703706C80D956468665D
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5FDA591674645068E45F6A7B2D41E512
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FFDDCC17BD2EEE2D8B000946EEC3BB53
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
Frame ID: 054652F0782D715DCAC2904A38612DE5
Requests: 37 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4B816D4155420638755BC605E4E18062
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Frame ID: B8E9E64B97E8D42CEF91687D973C944B
Requests: 5 HTTP requests in this frame

Frame: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Frame ID: 2426455E858D0C517CC474374D3863E8
Requests: 5 HTTP requests in this frame

Frame: https://www.bet365.de/olpc/de/75/0/1/open-account
Frame ID: 5F5F9AEB4B809C6056EB6365298A151D
Requests: 34 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01054176
Frame ID: BE7C15511A39970976680CA104C20612
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.de/olpc/de/75/0/1/open-account
Frame ID: 646A665C16A906682F37B89625F8579E
Requests: 33 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01054176
Frame ID: 8053CD75F8062A0F440A82682E284935
Requests: 1 HTTP requests in this frame

Frame: https://www.betano.de/?utm_medium=2526&utm_source=2&siteid=8989
Frame ID: 15827EFD82D23D4BF275EE4611FECF2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: B810D1C567E1DBAD9F8A2C757060348F
Requests: 3 HTTP requests in this frame

Frame: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01208531&forcelp=1
Frame ID: 851B3877537257AD54C5D727138F328D
Requests: 1 HTTP requests in this frame

Frame: https://de.unibet.com/stan/campaign.do?cmpId=2615360&affiliateId=1&unibetTarget=/de-int/pop/sportsbook/welcome/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_02A09EA210BD4AB89D6D2CB6DF95B897&affiliateId=1&pid=74444021&bid=34664
Frame ID: BBC73359E2384A8EC2799F5133383BD6
Requests: 1 HTTP requests in this frame

Frame: https://www.bwin.de/en/mobileportal/contact?wm=5322937
Frame ID: A3238AEB85D320DED2AD3BD511B05BED
Requests: 1 HTTP requests in this frame

Frame: https://www.pinnacle.com/
Frame ID: 1566FB249186B76DFAA604AB41870B0C
Requests: 36 HTTP requests in this frame

Frame: https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_BA05BC35747246219B195CE92D5D5321&affiliateId=1&pid=74444021&bid=21775
Frame ID: DBF7744B64F501D8CB68D175F5014422
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Correio Braziliense: notícias, análises e vídeos do DF, do Brasil e do mundo

Page URL History Show full URLs

https://correiobraziliense.com.br/ HTTP 301
https://www.correiobraziliense.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

442
Requests

87 %
HTTPS

44 %
IPv6

65
Domains

109
Subdomains

80
IPs

14
Countries

12588 kB
Transfer

25223 kB
Size

67
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://assine.correiobraziliense.net.br/
Title: ASSINE

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/
Title: Concursos

Search URL Search Domain Scan URL

URL: https://wa.me/5561992563846/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/correiobraziliense

Search URL Search Domain Scan URL

URL: https://twitter.com/@correio

Search URL Search Domain Scan URL

URL: https://instagram.com/correio.braziliense

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@correiobraziliense5378

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMPa6-Qow_uHxAg

Search URL Search Domain Scan URL

URL: https://voosemoferta.correioweb.com.br/destinos-nacionais/voe-em-janeiro-de-2024-por-r-109/
Title: EM PARCERIA COM VOOS EM OFERTA Voe em Janeiro de 2024 por R$ 109

Search URL Search Domain Scan URL

URL: https://blogs.correiobraziliense.com.br/capital-sa/2023/05/19/impostossauro-estara-na-rodoviaria-contra-sobrecarga-tributaria/
Title: Capital S/A Impostossauro estará na Rodoviária contra sobrecarga tributária

Search URL Search Domain Scan URL

URL: https://blogs.correiobraziliense.com.br/jusbraziliense/2023/05/20/10-erros-que-comprometem-a-sua-credibilidade/
Title: JUS Braziliense 10 erros que comprometem a sua credibilidade

Search URL Search Domain Scan URL

URL: https://blogs.correiobraziliense.com.br/consultoriosentimental/recado-as-maes/
Title: Consultório Sentimental RECADO ÀS MÃES

Search URL Search Domain Scan URL

URL: https://blogs.correiobraziliense.com.br/marcas-e-negocios/2023/05/20/protecao-contra-ameacas-virtuais/
Title: Marcas&Negócios Proteção contra ameaças virtuais

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=o-DlH-17czw
Title: TV BRASÍLIA Marido drogado delira sobre traição e atropela inocente

Search URL Search Domain Scan URL

URL: https://assine.correiobraziliense.net.br/index.php/home
Title: PLANOS DE ASSINATURA

Search URL Search Domain Scan URL

URL: https://assine.correiobraziliense.net.br/#centralatendimento
Title: CENTRAL DE ATENDIMENTO

Search URL Search Domain Scan URL

URL: http://clubedoassinante.correiobraziliense.com.br/
Title: CLUBE DO ASSINANTE

Search URL Search Domain Scan URL

URL: https://assine.correiobraziliense.net.br/index.php/home/perguntasfrequentes
Title: DÚVIDAS FREQUENTES

Search URL Search Domain Scan URL

URL: https://flip.correiobraziliense.com.br/edicao/impressa/4614/21-05-2023.html?all=1

Search URL Search Domain Scan URL

URL: https://www.dapress.com.br/ecommerce/index.php
Title: DA PRESS

Search URL Search Domain Scan URL

URL: http://www.diariosassociados.com.br/tabeladeprecos/
Title: ANUNCIE

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/app/noticias/2023/05/19/noticiasinterna,44192/receita-federal-divulga-o-resultado-final-da-prova-objetiva.shtml
Title: CONFIRA Receita Federal divulga o resultado final da prova objetiva

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/iconescb?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/
Title: Classificados

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/
Title: Imóveis

Search URL Search Domain Scan URL

URL: https://blogs.correiobraziliense.com.br/vrum/
Title: Vrum

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/
Title: Vrum Classificados

Search URL Search Domain Scan URL

URL: http://impresso.correioweb.com.br/
Title: CB Impresso

Search URL Search Domain Scan URL

URL: http://flip.correiobraziliense.com.br/
Title: CB Digital

Search URL Search Domain Scan URL

URL: http://buscacb.correiobraziliense.com.br/
Title: Busca CB

Search URL Search Domain Scan URL

URL: http://impresso.correioweb.com.br/?utm_source=concursos&utm_campaign=rd
Title: Impresso

Search URL Search Domain Scan URL

URL: http://impresso.correioweb.com.br/suplementos/direito-e-justica/capa_direitoejustica/?utm_source=concursos&utm_campaign=rd
Title: Direito e Justiça

Search URL Search Domain Scan URL

URL: http://www.cbdigital.com.br/?utm_source=concursos&utm_campaign=rd
Title: CB Digital

Search URL Search Domain Scan URL

URL: http://buscacb.correiobraziliense.com.br/?utm_source=concursos&utm_campaign=rd
Title: Busca CB

Search URL Search Domain Scan URL

URL: http://clubedoassinante.correiobraziliense.com.br/?utm_source=concursos&utm_campaign=rd
Title: Clube do Assinante

Search URL Search Domain Scan URL

URL: https://assine.correiobraziliense.net.br/?utm_source=concursos&utm_campaign=rd
Title: Assine o Correio Braziliense

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/?utm_source=concursos&utm_campaign=rd
Title: Concursos

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/page/ultimas-noticias/?utm_source=concursos&utm_campaign=rd
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/page/previstos/?utm_source=concursos&utm_campaign=rd
Title: Previsto

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/page/andamento/?utm_source=concursos&utm_campaign=rd
Title: Em andamento

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/page/inscricoes/?utm_source=concursos&utm_campaign=rd
Title: Inscrições Abertas

Search URL Search Domain Scan URL

URL: http://concursos.correioweb.com.br/page/finalizados/?utm_source=concursos&utm_campaign=rd
Title: Finalizados

Search URL Search Domain Scan URL

URL: https://www.correioweb.com.br/?utm_source=concursos&utm_campaign=rd
Title: CorreioWeb

Search URL Search Domain Scan URL

URL: http://webmail.correioweb.com.br/?utm_source=concursos&utm_campaign=rd
Title: Webmail

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/?utm_source=concursos&utm_campaign=rd
Title: Classificados

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anunciar?utm_source=concursos&utm_campaign=rd
Title: Quero anunciar

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/imoveis/?utm_source=concursos&utm_campaign=rd
Title: Imóveis

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/veiculos/?utm_source=concursos&utm_campaign=rd
Title: Veículos

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/empregos-e-formacao-profissional/?utm_source=concursos&utm_campaign=rd
Title: Empregos e Formação Profissional

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/adulto/?utm_source=concursos&utm_campaign=rd
Title: Adulto

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/servicos-profissionais/?utm_source=concursos&utm_campaign=rd
Title: Serviços Profissionais

Search URL Search Domain Scan URL

URL: https://www.classificadoscb.com.br/anuncio/comercio-e-negocios/?utm_source=concursos&utm_campaign=rd
Title: Comércio e Negócios

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/?utm_source=concursos&utm_campaign=rd
Title: Imóvel

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/busca/df?utm_source=concursos&utm_campaign=rd
Title: Ache seu imóvel

Search URL Search Domain Scan URL

URL: https://anuncie.lugarcerto.com.br/?utm_source=concursos&utm_campaign=rd
Title: Anuncie seu imóvel

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/classificados/?utm_source=concursos&utm_campaign=rd
Title: Busca no mapa

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/busca/lancamento/df?utm_source=concursos&utm_campaign=rd
Title: Lançamentos

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/noticias/noticias/?utm_source=concursos&utm_campaign=rd
Title: Úlimas notícias

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/noticias/servicos/?utm_source=concursos&utm_campaign=rd
Title: Guia de serviços

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/noticias/show-room/?utm_source=concursos&utm_campaign=rd
Title: Show Room

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/noticias/decoracao/?utm_source=concursos&utm_campaign=rd
Title: Decoração

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/galeria-de-fotos/?utm_source=concursos&utm_campaign=rd
Title: Galeria de Fotos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lugarcertoda
Title: Lugar Certo no Facebook

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/imobiliarias/?utm_source=concursos&utm_campaign=rd
Title: Todas as Imobiliárias

Search URL Search Domain Scan URL

URL: https://correiobraziliense.lugarcerto.com.br/imobiliarias/?cadastro?utm_source=concursos&utm_campaign=rd
Title: Cadastre sua Imobiliária

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/?utm_source=concursos&utm_campaign=rd
Title: Vrum

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/busca?conteudo=anuncio&veiculo=Carro&estado=DF&de=Vrum-busca1?utm_source=concursos&utm_campaign=rd
Title: Ache seu veículo

Search URL Search Domain Scan URL

URL: https://vender.vrum.com.br/?utm_source=concursos&utm_campaign=rd
Title: Anuncie seu veículo

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/noticias/?utm_source=concursos&utm_campaign=rd
Title: Úlimas notícias

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/noticias/testes/?utm_source=concursos&utm_campaign=rd
Title: Teste de veículos

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/avaliacao-de-preco/?utm_source=concursos&utm_campaign=rd
Title: Avaliação de preço

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/noticias/videos/?utm_source=concursos&utm_campaign=rd
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/noticias/motos/?utm_source=concursos&utm_campaign=rd
Title: Motos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/programavrum
Title: Vrum no Facebook

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/revendas/?utm_source=concursos&utm_campaign=rd
Title: Todas as Revendas

Search URL Search Domain Scan URL

URL: https://correiobraziliense.vrum.com.br/revendas/?cadastro?utm_source=concursos&utm_campaign=rd
Title: Cadastre sua Revenda

Search URL Search Domain Scan URL

URL: https://www.tvbrasilia.com.br/programas/programa-df-alerta/?utm_source=concursos&utm_campaign=rd
Title: DF Alerta

Search URL Search Domain Scan URL

URL: https://www.tvbrasilia.com.br/programas/programa-jornal-local/?utm_source=concursos&utm_campaign=rd
Title: Jornal Local

Search URL Search Domain Scan URL

URL: https://www.tvbrasilia.com.br/programas/programa-cb-poder/?utm_source=concursos&utm_campaign=rd
Title: CB Poder

Search URL Search Domain Scan URL

URL: https://www.tvbrasilia.com.br/programas/programa-vrum-brasilia/?utm_source=concursos&utm_campaign=rd
Title: Vrum Brasília

Search URL Search Domain Scan URL

URL: http://www.encontrobrasilia.com.br/?utm_source=concursos&utm_campaign=rd
Title: Revista Encontro

Search URL Search Domain Scan URL

URL: http://sites.correioweb.com.br/encontro/?utm_source=concursos&utm_campaign=rd
Title: Capa

Search URL Search Domain Scan URL

URL: http://sites.correioweb.com.br/encontro/revista/?utm_source=concursos&utm_campaign=rd
Title: Revista

Search URL Search Domain Scan URL

URL: http://sites.correioweb.com.br/encontro/atualidades/?utm_source=concursos&utm_campaign=rd
Title: Atualidades

Search URL Search Domain Scan URL

URL: http://sites.correioweb.com.br/encontro/encontroindica/?utm_source=concursos&utm_campaign=rd
Title: Encontro Indica

Search URL Search Domain Scan URL

URL: https://www.em.com.br/
Title: Estado de Minas

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/
Title: Portal Uai

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/entretenimento/
Title: Uai e+

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/correio-braziliense/id862536000

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.diariosassociados.cbdigital

Search URL Search Domain Scan URL

URL: https://www.pinnacle.com/?btag=a_29368b_16581c_&refer=XAFF5905

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://correiobraziliense.com.br/ HTTP 301
https://www.correiobraziliense.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://gum.criteo.com/sid/json?origin=publishertagids&domain=correiobraziliense.com.br&sn=ChromeSyncframe&so=0&topUrl=www.correiobraziliense.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=94iwYnxSVmFnNkRncDRMQjhUNGZmSnZJKzhiOStmUkNuU3Q2YURXTlF0U3d0d09Oem5XUytwMms0OGVxZjJWT05tK2cvcWQrMlBHWm1VazhWVDhxNEpkMnRjcmVlQkwrd3g0bnBURkJLVVRUM2M3SHVQU1VLNC9sTk9JNktSQmtRaXpHZUZaTlZaMlJLbkNNbFJoQitadGZRYzF0eXdHTkVraXpxcE9wTHZRVnRJRVZKRklFd0dOWVZEbThjb0JTVFc5QlN4UHVlVVArZG1wZHE0bnhmUUdEOHQyRk5vZjZuTGRvTXQ4aEwrekZwcnF0bDF0cG1VTER3Tjh1eUFRYkZpc3VHY2hSa1JMNDU1TGdrc2xFZ3Vic3dheHNQSUdUaDY2NDIzOXlVcnZMM1BGRT18&cppv=2

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGpfMJJwfY38P.BfT4.F5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN8QDofne9cWYfeiy6zsjyc&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTM2NTYxODYzODAzMjcyMw%3D%3D

Request Chain 192

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 212

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBm03WoCUjOrL3Mh98yMYPk&google_cver=1&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8ACHU5onoNslW29uQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNTcwMDQxMTExNjIyMjYwOA%3D%3D&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8ACHU5onoNslW29uQ

Request Chain 213

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ6y6OJygrnxLcij14WlMo4&google_cver=1&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ6y6OJygrnxLcij14WlMo4&google_cver=1&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw

Request Chain 214

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMrRRHkLZg-W5P2zKwhLPcA&google_cver=1&google_push=ATf1kGN1q0AnztM5t0aTNohMb0dTCokFElfqAMx9FdiX9dqZm0EVxLDTSclzwr4dQGRxBhxqrJMMza9u4eSLE4_lP_hVvcx7tNEWvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-P70cRsD1CQN0UI_UC2LTHU65lhopaTQ_2m_OTQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 215

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZDyEa5S-hXzUtQoRAgY0U&google_cver=1&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQkGuDwgav1lrt_Hn8yEHV8g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAZDyEa5S-hXzUtQoRAgY0U&google_cver=1&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQkGuDwgav1lrt_Hn8yEHV8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIzOTg4NTcwNzY4OTY1MDc5NA&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQkGuDwgav1lrt_Hn8yEHV8g

Request Chain 216

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH-q_vKFPiZdwdQE4k1tPls&google_cver=1&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8UmrjS0GO9kEuFlIwgl9WtlFNVx1vRcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8UmrjS0GO9kEuFlIwgl9WtlFNVx1vRcQ

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH3MxCLnt8vva9iVKiU8nhk&google_cver=1

Request Chain 232

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cl0wfJmRRbiUfDu6aZXV9w&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cl0wfJmRRbiUfDu6aZXV9w

Request Chain 233

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/RIYggFmval7l4ksxOVUHGw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6EfqUitE2oJMn_af.Qy1hIR.DyCQSAVvaFhC5Q--~A

Request Chain 234

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhYUUwyVFgtSC1FODZG HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH-q_vKFPiZdwdQE4k1tPls&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=

Request Chain 235

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iA3dDeWUSq6Ne6rlGXlZlg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iA3dDeWUSq6Ne6rlGXlZlg

Request Chain 236

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXQL2TX-H-E86F

Request Chain 237

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwMGQyZTk3Njg3YzUyZDJkNmYxMWFmZDM4MTgzOThkOGQ2ZDcyYg

Request Chain 256

https://fw.adsafeprotected.com/rfw/st/1450266/71191499/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012289047&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20169809230&bidurl=https://www.correiobraziliense.com.br/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0heQRx2tfnb-wf7NaZqdMqx&adContainerId=brand_safety_MF9qZJ-9JKqTjuwP-YehgAU&cbFunctionName=goog_wrapCb_MF9qZJ-9JKqTjuwP-YehgAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.correiobraziliense.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:53cee079-8e8c-fe93-63ee-b718dc08024f,c:dh2LPT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-vrzsm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:5,mot:0,app:0,maw:0,fm:tEUTeOY+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19*.1450266-71191499%7C191%7C192%7C1931%7C194%7C1a%7C1b%7C1c,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:21,oid:217e0259-f803-11ed-a2c9-6ef9c5bc1112,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

Request Chain 356

https://www.betano.de/?btag=a_8989b_817c_&utm_medium=2526&utm_source=2&siteid=8989 HTTP 302
https://www.betano.de/?utm_medium=2526&utm_source=2&siteid=8989

Request Chain 358

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=434c30a9-1b07-4197-932f-2c14ed10941b&google_hm=NDM0YzMwYTktMWIwNy00MTk3LTkzMmYtMmMxNGVkMTA5NDFi HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBpdbgLD5lkEWqZTsK1jfJA&google_cver=1&ssp=medianet&bsw_param=434c30a9-1b07-4197-932f-2c14ed10941b HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=434c30a9-1b07-4197-932f-2c14ed10941b&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 359

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=EbP4mKyg1Q0Nyi5

Request Chain 361

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5eb19b83-112c-4607-a39d-cc978f9f20ab

Request Chain 402

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664 HTTP 307
https://de.unibet.com/stan/campaign.do?cmpId=2615360&affiliateId=1&unibetTarget=/de-int/pop/sportsbook/welcome/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_02A09EA210BD4AB89D6D2CB6DF95B897&affiliateId=1&pid=74444021&bid=34664

Request Chain 406

https://www.pinnacle.com/?btag=a_29368b_16581c_&refer=XAFF5905 HTTP 302
https://www.pinnacle.com/

Request Chain 417

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775 HTTP 307
https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_BA05BC35747246219B195CE92D5D5321&affiliateId=1&pid=74444021&bid=21775

442 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.correiobraziliense.com.br/
Redirect Chain

https://correiobraziliense.com.br/
https://www.correiobraziliense.com.br/

269 KB
49 KB

335ms
39ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c722c9d4aa3eb331820aa4b8c3ea7db82f6540116554700b31ec5943a6671885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 33
cache-control: public, max-age=120, s-maxage=604802
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 21 May 2023 18:13:02 GMT
etag: W/"4e1de5591fa9d55a6c862962bc76c81d"
last-modified: Sun, 21 May 2023 18:07:40 GMT
pragma: azion-debug-cache
server: AmazonS3
strict-transport-security: max-age=63072000;includeSubDomains;preload
vary: Accept-Encoding
via: 1.1 varnish-v4
x-amz-id-2: prJ7Dr3a7g/wYMcNu6ko5a+Cian0JreIf97SgtdY2afMVL+NpIpFWmFxIK1hqu9oQvj/YaJgMbE=
x-amz-request-id: 36XKFKZGCDE49QPV
x-amz-version-id: null
x-cache2: HIT
x-content-type-options: nosniff
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-host-orig: www.correiobraziliense.com.br
x-ua-device: mobile
x-url: /home/correio/public_html/_conteudo/home/index.html
x-url-without-qs: /
x-varnish: 17700941 6214442
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 21 May 2023 18:13:01 GMT
Location: https://www.correiobraziliense.com.br/
Server: nginx

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 215ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fef213e96f64a44742910e9b979415cf71b8a63c41b5d5fe73f5308da0578784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25325
x-xss-protection: 0
server: cafe
etag: 837 / 19498 / m202305150101 / config-hash: 12351717780372853951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:02 GMT

GET
H2 200 Lato-Regular.ttf
www.correiobraziliense.com.br/frontend/dist2/assets/fonts/ 73 KB
40 KB 43ms
41ms Font
application/font-sfnt 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/fonts/Lato-Regular.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/fonts/Lato-Regular.ttf
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: KJ41H9BPX4GJCSSN
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/fonts/Lato-Regular.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: Yofd6gbek7JzAnMhNB4Gqe6XH9IMScwSAOMHSl0byAJB5+bH4YL2nirPZWrIyzFsG9+7riyrDZY=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"2d36b1a925432bae7f3c53a340868c6e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-sfnt
x-varnish: 20646881
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 utopia-bold_0-webfont.ttf
www.correiobraziliense.com.br/frontend/dist2/assets/fonts/ 61 KB
36 KB 45ms
43ms Font
application/font-sfnt 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/fonts/utopia-bold_0-webfont.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70462a41aae0604500903ea181d7fe0e541df0b3c19c98601d78d3babb79ba6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/fonts/utopia-bold_0-webfont.ttf
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: KJ4FYGJ6Q565E0VG
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/fonts/utopia-bold_0-webfont.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: 2ZBuEyIUkrhvgQDMSjUTUdlDDN7UaQ3qwVPmQUUPMLKpcDfvXEIkvh5A13u3DhRDCELpBbOF8uU=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"168cb6123be646320e553dbc24dd5ae5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-sfnt
x-varnish: 23045222
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 utopia-regular_0-webfont.ttf
www.correiobraziliense.com.br/frontend/dist2/assets/fonts/ 62 KB
36 KB 83ms
81ms Font
application/font-sfnt 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/fonts/utopia-regular_0-webfont.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

baa1fb78454a3c122d54e240cf8dda53b88c3d7228fa74fc5834352e4ca06155

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/fonts/utopia-regular_0-webfont.ttf
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: KJ49ZJSEBN0FCSPZ
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/fonts/utopia-regular_0-webfont.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: eQpXJJkeFVW/m8S+g2Hn4fz7snGX4CzFg1ZM3KSHoljDBfcb2SgthfMBosBcGZftFZtoVpSRNtA=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"1f550bbb1013967496e649749788dcef"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-sfnt
x-varnish: 1813035
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 prebid7-18-0.js Show response
www.correiobraziliense.com.br/static/cb/ 242 KB
92 KB 44ms
41ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe3d9d2eb7df9ba5ba44e095d146a80bb0848e6f08e3c0af56c8b806e7cdb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /static/cb/prebid7-18-0.js
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: K5F0ECBC3C7V2ZFN
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/static/cb/prebid7-18-0.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: PjFP+DeBPItPj6qP5UztYv6/ZXQrQpJJ9bET2UfgHkI7aNSOppKNqGIVKPVsRxKkj416YFSGNuQ=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Wed, 08 Feb 2023 20:50:52 GMT
server: AmazonS3
etag: W/"f4a0d326f20326b3431fe80ef36e8802"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 2424869
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 home.css
www.correiobraziliense.com.br/frontend/dist2/assets/styles/ 89 KB
18 KB 82ms
81ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/styles/home.css

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf14b9bde0a0d3dbb572605c05f9c778882b37786ca4abeb6ffbb40229be03c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/styles/home.css
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: TVWW2YHDA33D7N15
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/styles/home.css
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: tLp310rDIYcRVVQFYKIh0Raz4YczGG9nGEmZlU58HnmZX6bRlEEGxMJeyj4DJfOPFtpNgMov9Uo=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"d85afbfd50de697909aa784f010299aa"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
x-varnish: 24139285
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 analytics.js Show response
www.correiobraziliense.com.br/frontend/src/assets/js/ 2 KB
2 KB 50ms
47ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/src/assets/js/analytics.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4bf618df733b97742f02914da14cf8dfa6d8775fc298c6dd580690ba913d06e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/src/assets/js/analytics.js
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 66P9MQQ2F0MC78A2
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/src/assets/js/analytics.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: e5btxH/M+FFAPiHyBUQ6OAf6mtMrpUr8xw+XgzSnt4njVvt/I2XzPRKsOXOYrUqFV5Ox7W8GRRQ=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Fri, 03 Mar 2023 17:17:45 GMT
server: AmazonS3
etag: W/"e3c1229166491e1855c3d6ad9f0b7f44"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 31326982
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H/1.1 200
OK 3d8fbc0fe6613685b6be300b24dd70d8.js Show response
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/ 106 KB
106 KB 194ms
60ms Script
application/javascript 52.95.142.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.142.22 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5f785ad6aa25fccbfbf4d727b193e6e2f7b9af84d22ce9a4b8e42456785e06b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:03 GMT
Last-Modified: Fri, 19 May 2023 15:30:59 GMT
Server: AmazonS3
x-amz-request-id: JXC9PDK9DYH2MVRT
ETag: "9c967f8be37b2aa9ecdd3e94cddd3b56"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 108402
x-amz-id-2: Xwg/hU1OLcuIY9VtoXPbggURzH/IAAp5074RYRTG05kev7lJLby0+6+RhhhlGtf+9/UOjhzY2Yk=

GET
H2 200 1_whatsapp_image_2023_05_21_at_13_56_47-28056991.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/ 36 KB
36 KB 126ms
120ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/1_whatsapp_image_2023_05_21_at_13_56_47-28056991.jpeg?20230521135859?20230521135859

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

732e0d6a01f41eaaed6e382bd56660f1e83b35b4ae2b88da56a9627f851d4a72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 70296
etag: "bf237c39d122b75911be8e14b44fa331c7580783"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 36590
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:17:43 GMT

GET
H2 200 1_whatsapp_image_2023_05_21_at_06_11_44-28057069.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/ 32 KB
32 KB 225ms
116ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/1_whatsapp_image_2023_05_21_at_06_11_44-28057069.jpeg?20230521144115?20230521144115

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

8b3ab5cdabbe38d8f2a79c1542d7112097c2db72fb35ff574489984a976c70b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 63448
etag: "ac8adc966d955bc4f3c6106cfc96e6477aec86e4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 32718
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 18:02:08 GMT

GET
H2 200 1_52913506432_79ee28fa64_k-28056970.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/ 62 KB
62 KB 226ms
117ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/1_52913506432_79ee28fa64_k-28056970.jpg?20230521135158?20230521135158

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

503a9f3e35ee583399b99d5ace0f57abaaa2ee20be266bdc7a2bc764a36d18bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 97619
etag: "49fc56e684131e9ee1f91601d040affc91fe994d"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 63166
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:22:06 GMT

GET
H2 200 1_naom_64688b6eec75c-28057010.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/ 27 KB
27 KB 224ms
116ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/600x412/1_naom_64688b6eec75c-28057010.jpg?20230521140428?20230521140428

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

b11d00634a408154a8f42b28c8a5ae610e3e3c0871adf61f8a5f0e9aba326eb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 54517
etag: "54b5dbe8f2a4dd045236f46489dcd6249d192d4a"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 27440
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:19:27 GMT

GET
H2 200 stories.js Show response
www.correiobraziliense.com.br/frontend/dist2/assets/scripts/ 3 KB
2 KB 51ms
49ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/scripts/stories.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92c8a941db83f85adf50a261ab77e6604ab367b9d4173fd8e0c8625aa2b2de7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/scripts/stories.js
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 8A7MFW3MFGRH5WFZ
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/scripts/stories.js
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: VP2DxfpHaZGHSw7qKKmaMwQqSdhaygeYg71681Psb+88su3QVk9aP41n0/tUnu423gwTu/JDOt0=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"b9df36fd951582a3bf1647607bb1638b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 25697577
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 144ms
51ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2777
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7caeca82e879924f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 24 May 2023 18:13:02 GMT

GET
H2 200 header.js Show response
www.correiobraziliense.com.br/frontend/dist2/assets/scripts/ 2 KB
2 KB 55ms
53ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/scripts/header.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7afc50ee6b88385ff5cc080effdb2569799e675cc73dac1796c64f76241031ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/scripts/header.js
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 8A7VYY4P5VD7BQKD
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/scripts/header.js
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: aUEx9HEpA+Ezr2kK8q0HyQQqr7Jd+mO0PzKPNazi9sEPIVC5+E8DOUEPo4ttfOn6COrXZdLghGo=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"f498c7290f3cae95a93036959af8b238"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 24384547
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 home.js Show response
www.correiobraziliense.com.br/frontend/dist2/assets/scripts/ 39 KB
12 KB 56ms
54ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/scripts/home.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c264d5a46618b3450882dacf7cfc9e1225f68cdb0d91bd6623d225882d41311a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/scripts/home.js
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 7XW502T3YT22X7Q0
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/scripts/home.js
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: /aAoCEIcysCdubZH9v3J2CaiS1J5b2r65znh8bhKdWir4BWFlgk+SHWEacqt21bhjXYrmEOaKgM=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Tue, 11 Apr 2023 18:24:42 GMT
server: AmazonS3
etag: W/"d4e69f057e46810be1aa19ce2d92fbad"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 7920945
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
53 KB 151ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HG8CK

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78cd36825ff7fe418bc1cc55c8a8da6393ea6d0ac93cb6c7dede51a8c36c2003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:02 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/ 752 KB
58 KB 145ms
42ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b7ef40603baea776d95bebfcfbcc47f500d09b5dc67983d9530584c93fe8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: N2YWT1eBadPyLn3WvDWvl6XPLeP4YBjs
content-encoding: gzip
via: 1.1 varnish
date: Sun, 21 May 2023 18:13:02 GMT
x-amz-request-id: BZ37FSX6RV191GP3
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 59153
x-amz-id-2: OfNJCFP9cilag4GBQH3SA2VIDL8lA5BGoSeV/FkJwq+EzryM0qaj6hucLDLoSIzEaefDV/XBlYA=
x-served-by: cache-fra-etou8220090-FRA
last-modified: Sun, 21 May 2023 09:42:11 GMT
server: AmazonS3
x-timer: S1684692783.558853,VS0,VE1
etag: "5569d5537256112f10662651c77d49dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 sprite.svg
www.correiobraziliense.com.br/frontend/dist2/svg/ 670 KB
431 KB 57ms
56ms Other
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/svg/sprite.svg

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4968f26260243054c9eb54b92312011b4d64f3cd31e8a8d0675fa40451e76a7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/svg/sprite.svg
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: SK06MS2S9VB1S93C
age: 24
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/svg/sprite.svg
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: VorDRHbI6FiQib/B/H0VTyAyxofDHAIkKwkZIvlgyRY4iXlX9w3/liZ8I5h0JBxvpwUJknKK3Vs=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Thu, 16 Mar 2023 17:53:24 GMT
server: AmazonS3
etag: W/"072aef61eacea75ef7c5fca1093966fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
x-varnish: 8953009 4690259
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 menu-topo-2.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 638 B
1 KB 48ms
46ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/menu-topo-2.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b04740d0cb302bc4b87213cb0fb760e6101102cbde2363bc9d730012f24cd49b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/menu-topo-2.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: YJSQB054MA2XNQ31
age: 50
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/menu-topo-2.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: hZ3diYox8v6jGmhIBACccG34Cv1yQbz6qh8dx5Rva4rbgFDXCgGjB2APqWI2t44m2PMpldotSoE=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:17:50 GMT
server: AmazonS3
etag: W/"c05a24f4e8c23dbcd84ca2d8b18e6994"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 16224923 15113076
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 Lato-Bold.ttf
www.correiobraziliense.com.br/frontend/dist2/assets/fonts/ 72 KB
39 KB 115ms
114ms Font
application/font-sfnt 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist2/assets/fonts/Lato-Bold.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist2/assets/styles/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/frontend/dist2/assets/styles/home.css
Origin: https://www.correiobraziliense.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /frontend/dist2/assets/fonts/Lato-Bold.ttf
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: CZVNTA887BBSB3BE
age: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/frontend/dist2/assets/fonts/Lato-Bold.ttf
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: B/kE/DJLnCiLnWlA+1BWVrOm/RBC9IS9d5lB7KHF3If9DgKREFiURSclaxEu+UcSRehSZhGHjFI=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Fri, 03 Mar 2023 17:17:45 GMT
server: AmazonS3
etag: W/"85d339d916479f729938d2911b85bf1f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-sfnt
x-varnish: 22659659
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-cache2: MISS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 blogs.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 9 KB
5 KB 108ms
108ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/blogs.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88264cc85290ba1390977a33b7d7d0b95a6376b9f58ef4e63125d6d24f89b061

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/blogs.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: CEPSQFN0HZVWJTAA
age: 358
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/blogs.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: d4w/DlEnnPy19Tx1tPGfSgRUzMNby4ebVo32TPwnIJ1Ry+51vR1WvZKk/yC5LALXbAYKktGe7Mo=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:50:25 GMT
server: AmazonS3
etag: W/"1fbebe87be96ce83ca18bf0e5bb0ecbc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 11190604 17280939
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 edicoes_off.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 2 KB
1 KB 105ms
104ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/edicoes_off.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6504580c858d25818d21ac70192c4d9cca5d7383ab898c5c261361bd24bf49fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/edicoes_off.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: VJJGFXAGNWQ24S71
age: 916
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/edicoes_off.json
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: ZMCW4JNeO4g4RG4DAdzo5KF5GmhqAmrmlScp7L7n9TKitHMpdBORbE79OSrzyICghKIQb9YIy7w=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:17:50 GMT
server: AmazonS3
etag: W/"66057dd1cb138d42d659ebbae8d70a87"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 13018962 13257631
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 1_mc_pipokinha_1_1024x768-28056913.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/360x240/ 15 KB
16 KB 76ms
66ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/360x240/1_mc_pipokinha_1_1024x768-28056913.jpg?20230521125304?20230521125304

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

3449f985e44741beefb8b89e5c7ea532eda1ec14ff7b2a2b20d65176c70860b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 23650
etag: "5d6b0141e8a5447f6fbce4395877ae25b6a2acf3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 15696
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:28:44 GMT

GET
H2 200 1_incendio-27957874.png
midias.correiobraziliense.com.br/_midias/png/2023/05/05/258x177/ 6 KB
6 KB 78ms
68ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/png/2023/05/05/258x177/1_incendio-27957874.png?20230521142452?20230521142452

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

1d3bc1eacd70d4ebc057ad05881d22f1f99e5f8da065661ad96fdb6d0faaf3d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 57804
etag: "35c07587d8cfd9352986dcffb33ee087c3551106"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 5764
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:28:44 GMT

GET
H2 200 1_91fc6350_f330_11ed_92cc_b3a9bf1f67e9-28056835.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 9 KB
9 KB 54ms
53ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_91fc6350_f330_11ed_92cc_b3a9bf1f67e9-28056835.jpg?20230521115310?20230521115310

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

675ed5a678c701a3927b202dec21e30bb122d09fd74c0243b43f5c8a35b3d097

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 16406
etag: "2d4d443a5c6378a938571b64fca18a84a4b114b4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 9360
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:28:44 GMT

GET
H2 200 1_06___paixao_cangaco___samuel_calado-25915953.jpg
midias.correiobraziliense.com.br/_midias/jpg/2022/06/21/400x526/ 26 KB
27 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2022/06/21/400x526/1_06___paixao_cangaco___samuel_calado-25915953.jpg?20230519181740?20230519181740

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

12dcea7b87048d5f0103dfd0f76b97dc8a683e1a1a1054706639896dc404240a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 53625
etag: "c54e4f0a235766d71d9f6bf69614e759c1a881ed"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 26994
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 10:54:41 GMT

GET
H2 200 1_pri_2205_homofobianofutebol-28053783.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/20/400x526/ 37 KB
38 KB 46ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/20/400x526/1_pri_2205_homofobianofutebol-28053783.jpg?20230520205023?20230520205023

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

3934b3194f53f13297a3a5908e4c29042dd5c1b34e45620bddd5953b6ad7ffd2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 54073
etag: "464fbf94d7b8cc2466adbf4cd741907ca2a101f9"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 38288
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 12:49:39 GMT

GET
H2 200 1_credito_carlos_costa___01-28047805.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/400x526/ 30 KB
30 KB 48ms
47ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/400x526/1_credito_carlos_costa___01-28047805.jpg?20230521111738?20230521111738

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

55bb15fd3a921a64737a16200554f8fec4a780613099ba1acf3480f8822c8789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 55673
etag: "5fb4da31a16062b5d0fe7258808ebf0045b89d3e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 30626
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 15:05:37 GMT

GET
H2 200 1_mj0705_40-27970973.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/07/400x526/ 37 KB
37 KB 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/07/400x526/1_mj0705_40-27970973.jpg?20230507193358?20230507193358

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

bf664e97b9718d1bdf93332ead28209fb5affbf20dd03bf90032874f3b77d864

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 57350
etag: "fb44761632cab85fef43f6701f9f0ee3d21e79e1"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 37566
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 10:54:42 GMT

GET
H2 200 1_cbifot191020130564-18803082.jpg
midias.correiobraziliense.com.br/_midias/jpg/2013/10/19/400x526/ 14 KB
15 KB 39ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2013/10/19/400x526/1_cbifot191020130564-18803082.jpg?20230520170704?20230520170704

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

fa665d202d2f051faa142099a471b8091476fe4a5cebc10e34e872976e018054

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 15255
etag: "d6dc88d54982d6e1e84393cbb741a220f06c1abe"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 14770
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 10:54:42 GMT

GET
H2 200 como-estudar-para-concurso.jpg
blogs.correiobraziliense.com.br/papodeconcurseiro/wp-content/uploads/sites/14/2020/10/ 313 KB
313 KB 483ms
60ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.correiobraziliense.com.br/papodeconcurseiro/wp-content/uploads/sites/14/2020/10/como-estudar-para-concurso.jpg?20230521074844?20230521074844

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

nginx /

Resource Hash

53138a915f9f3deaf73671cc916203ee99c10844c181441c62e4a142938a13ae

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
last-modified: Wed, 07 Oct 2020 13:19:49 GMT
server: nginx
etag: "5f7dc075-4e32d"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 320301
expires: Tue, 20 Jun 2023 18:13:02 GMT

GET
H2 200 1_14052023ea_01-28045749.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/258x177/ 5 KB
6 KB 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/258x177/1_14052023ea_01-28045749.jpg?20230521111138?20230521111138

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

2abd0114b716ff304b8b46f57b2ee0c1723ceea5a1088c6475816949ee5e37de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 10938
etag: "c04f956d675e93ed200c8ed2bf2824fd6979b47e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 5562
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:28:45 GMT

GET
H2 200 1_5c46d4b0_f110_11ed_9a06_e785d872e15c-28056875.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 18 KB
18 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_5c46d4b0_f110_11ed_9a06_e785d872e15c-28056875.jpg?20230521121929?20230521121929

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

828a04af2baf687519dbb94dc7d71a5818447a7a80d35e0755d43faca5920a6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 21833
etag: "08f411c47a54452f3e4e388db7beaf76e8f509b6"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 18002
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:28:48 GMT

GET
H2 200 captura-de-tela-2023-05-20-170521.png
voosemoferta.correioweb.com.br/wp-content/uploads/sites/4/2023/05/ 382 KB
383 KB 454ms
42ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://voosemoferta.correioweb.com.br/wp-content/uploads/sites/4/2023/05/captura-de-tela-2023-05-20-170521.png?20230520171044?20230520171044
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6b6688a87e98de3c67336fa95975425fe96ee1542cb24dc0ada2ecce2ea520e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
last-modified: Sat, 20 May 2023 20:06:15 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64692837-5f930"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 391472
expires: Tue, 20 Jun 2023 18:13:02 GMT

GET
H2 200 1_whatsapp_image_2023_05_12_at_16_40_59-28003610.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/12/360x240/ 7 KB
7 KB 39ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/12/360x240/1_whatsapp_image_2023_05_12_at_16_40_59-28003610.jpeg?20230521135157?20230521135157

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

652c7e2896407f197a067b881ae4cdf2c78e84d0addad71bf09fa2f649c3c11c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 13907
etag: "b3d34e11dbccc7ac1bba55938d2bf73ddc8fa9e3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 6664
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 16:53:13 GMT

GET
H2 200 1_whatsapp_image_2023_05_19_at_10_27_48-28046050.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/360x240/ 7 KB
7 KB 42ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/360x240/1_whatsapp_image_2023_05_19_at_10_27_48-28046050.jpeg?20230519103906?20230519103906

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

31a3404d6ddd56047e68f5489b475c80e607d6d5c897431c5d8731c2d02acdd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 16210
etag: "66812544f0a96b70002b31c19c1672f9ba2eea2b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 7302
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 16:51:43 GMT

GET
H2 200 1_whatsapp_image_2023_05_16_at_18_42_20-28033098.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/17/360x240/ 10 KB
11 KB 44ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/17/360x240/1_whatsapp_image_2023_05_16_at_18_42_20-28033098.jpeg?20230521111654?20230521111654

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

8ae57f6d2c50857bdbeb9503496872bf0242e66e6238a52b673d31390ebdfbce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 19426
etag: "61f04f44e7b1dbc7cf69fa26366db6ccd9021e04"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 10578
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 15:05:10 GMT

GET
H2 200 1_stephane_2-28022320.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/16/360x240/ 9 KB
9 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/16/360x240/1_stephane_2-28022320.jpg?20230521111825?20230521111825

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

db3cf1ecdf4ffd203c43b5dcaea776c6ba063d25572870f30368001639c1d4e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 18735
etag: "9dadc7e90329aecdb50db985ddaac4a09dda920e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 9184
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 15:05:10 GMT

GET
H2 200 1_whatsapp_image_2023_05_19_at_23_02_08-28053633.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/412x283/ 21 KB
21 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/412x283/1_whatsapp_image_2023_05_19_at_23_02_08-28053633.jpeg?20230521111355?20230521111355

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

4e9400fd039b341862541c28e77e5149f6b50c1314392114f7dacc5ce4e49364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 35518
etag: "6b9223e8b018aa2b6839cea3aa9ddd726156aa35"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 21384
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 14:19:18 GMT

GET
H2 200 1_020822mj_35-26154876.jpg
midias.correiobraziliense.com.br/_midias/jpg/2022/08/02/412x283/ 22 KB
22 KB 44ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2022/08/02/412x283/1_020822mj_35-26154876.jpg?20230521111108?20230521111108

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

5f61351ffe14bf908458c2e5538a490b835f212ab4d55e8f1e02bceccce57f10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 35225
etag: "896a61b1d088f9f44ba24d8863fe274073ee479b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 22360
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 14:17:18 GMT

GET
H2 200 1_whatsapp_image_2023_05_21_at_08_33_32-28056509.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 10 KB
10 KB 42ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_whatsapp_image_2023_05_21_at_08_33_32-28056509.jpeg?20230521111137?20230521111137

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

b556d600c209b70b2d0e87863a6e094590cdc1889bc4c06bffc44822ac417dab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 16844
etag: "e3c76f861f4b3fd5d71093e8688c04e7c5033588"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 10276
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 15:05:10 GMT

GET
H2 200 1_whatsapp_image_2023_05_21_at_10_48_02-28056663.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 11 KB
11 KB 43ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_whatsapp_image_2023_05_21_at_10_48_02-28056663.jpeg?20230521111951?20230521111951

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

0aafa9bb84eab3ced4bad3187da256499e3f64c473e53242fd66d347175816f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 14783
etag: "e16dc020535baf05055ab5bb5371b48dcd26942b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 11138
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 15:05:10 GMT

GET
H2 200 1_whatsapp_image_2023_05_21_at_13_54_14-28057029.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 10 KB
10 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_whatsapp_image_2023_05_21_at_13_54_14-28057029.jpeg?20230521141544?20230521141544

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

2be055db0576f0da227bbc6af4dc541f5d8a201c03525ff9be4556011c91c50b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 14790
etag: "f2481766693b451eb075af73b6c6e18e71ef01c6"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 10272
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:51:40 GMT

GET
H2 200 1_whatsapp_image_2023_05_21_at_11_32_33-28056720.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 13 KB
14 KB 44ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_whatsapp_image_2023_05_21_at_11_32_33-28056720.jpeg?20230521114139?20230521114139

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

ded94a1158c0f6ceaedd2db79f51c759fc6dd4986a30177da103c33b4477ba53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 17801
etag: "3ddaa1e2590a605f12b58ee6e2b5be3444956bea"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 13760
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:51:40 GMT

GET
H2 200 1_52913506432_79ee28fa64_k-28056970.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/ 16 KB
17 KB 45ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/21/258x177/1_52913506432_79ee28fa64_k-28056970.jpg?20230521135158?20230521135158

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

a9a571f248c079ddb6b85fcc9de133be14373793753515fd987440482efb369a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 26375
etag: "5b5c23178e3508d2eefd4249ce7c7bc6f57d98a3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 16818
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 17:50:40 GMT

GET
H2 200 1_whatsapp_image_2023_05_20_at_11_14_18-28054028.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/20/258x177/ 7 KB
7 KB 42ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/20/258x177/1_whatsapp_image_2023_05_20_at_11_14_18-28054028.jpeg?20230520114205?20230520114205

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

4b4c123ae964e6731f6ee84ebc36490b1b1127775f44490239fcc567c0273b60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 11961
etag: "9196dcbb03314695d2ec4b3d293f2cfef9b5fb1b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 6656
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 20:10:26 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/o-DlH-17czw/ 161 KB
162 KB 141ms
42ms Image
image/jpeg 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/o-DlH-17czw/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVyhLMA8=&rs=AOn4CLDwdiy5QPNeZe9NitJO62UPjw001w?20230519150919?20230519150919

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6804cb2e54656a9538a8665f49871cd25342149186058f15dcff3ad8010fa663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:11:09 GMT
x-content-type-options: nosniff
age: 113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164956
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 May 2023 18:16:09 GMT

GET
H2 200 1_newsletter-27851359.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/04/19/258x177/ 5 KB
6 KB 41ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/04/19/258x177/1_newsletter-27851359.jpg?20230419144644?20230419144644

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

355b8cd9741e0990e9244605a3365358934825cc75043e82c8ff1f61c2dd87b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 10458
etag: "39c05f9e634e772b7fcddd4b281286f692ff5e38"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 5528
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 18:10:52 GMT

GET
H2 200 1_whatsapp_image_2023_02_02_at_17_18_00-27369177.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/02/02/258x177/ 7 KB
7 KB 43ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/02/02/258x177/1_whatsapp_image_2023_02_02_at_17_18_00-27369177.jpeg?20230202172156?20230202172156

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

58d38d88bba476fe08a41af7d228b147045124ce216bf8967bcf3df34389c8c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 11815
etag: "3f41c382c2f525a5804355951548f9af632fe7fc"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 7050
x-xss-protection: 1; mode=block
expires: Mon, 17 Apr 2023 12:36:07 GMT

GET
H2 200 1_000_9x662j-7376472.jpg
midias.correiobraziliense.com.br/_midias/jpg/2022/01/26/258x177/ 4 KB
4 KB 49ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2022/01/26/258x177/1_000_9x662j-7376472.jpg?20221202212235?20221202212235

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

b586d8f9bbff7965cbecfcc8a2835cad788188f261e168afb7642885fdce7250

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 9583
etag: "a2925f13da2f6acaad7dab2cfe3a6e1a617bcce3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3812
x-xss-protection: 1; mode=block
expires: Mon, 17 Apr 2023 12:36:07 GMT

GET
H2 200 1_se_pa_um_podcast___velozes_e_furiosos-28049923.jpeg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/393x270/ 24 KB
24 KB 42ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/19/393x270/1_se_pa_um_podcast___velozes_e_furiosos-28049923.jpeg?20230519175350?20230519175350

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

b40c3fa7275e6516ddc40d36bf8c0a1e14350ed26cb91df69dd64c65b5b64823

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 36069
etag: "c3496e0e5c6fd454679cff8327b52ad1b6c2aa28"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 24690
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 01:51:34 GMT

GET
H2 200 1_istock_1385106140-27976052.jpg
midias.correiobraziliense.com.br/_midias/jpg/2023/05/08/393x270/ 12 KB
13 KB 42ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2023/05/08/393x270/1_istock_1385106140-27976052.jpg?20230508182209?20230508182209

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

36a0d7b8173ca0de19c9ed5284012559cbd609bd5144cba959f250e2acfb31cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 21824
etag: "363ce64e24f5d86b16949c12f4298281d83a2b9e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 12738
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 21:31:22 GMT

GET
H2 200 ultimas-vitrine.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 11 KB
2 KB 68ms
66ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/ultimas-vitrine.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9d3b87cd2173d0cd06047a9fc1d21a0f5884ff8c3e7b75f93688af5325e523b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/ultimas-vitrine.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: VJJH6JJ6T38WHVNE
age: 918
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/ultimas-vitrine.json
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: 5N5DmBJncujYOoXbVVtYZoZ6fBSFj14grfbt0uErBqIfTjeWAtiIIxkOLHqjqeLFSaBwQ1UkQug=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:17:50 GMT
server: AmazonS3
etag: W/"051528f153b8d91633ec7ac448819d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 17279971 9656229
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 ultimas-geral.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 80 KB
12 KB 68ms
66ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/ultimas-geral.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1076b4c195c7afa25c4d5977379cf55a85e855a546995df4b76e0d889821d583

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/ultimas-geral.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: SH7SWW444NDCVDKW
age: 154
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/ultimas-geral.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: w3LS8aRdksHgdeFBE6XkLnAfAbTsQ6cirXzWw3RWBGIqERj63Ni3U3FN6ImTWnmcvz9EibokKvc=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:16:36 GMT
server: AmazonS3
etag: W/"3f6ef20d80be4172cece5045beb7d4a0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 3603743 11360758
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 top-geral.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 55 KB
9 KB 69ms
67ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/top-geral.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bfa903c2517735d74df7f6fa7692b5ef65dc8fd5fad2be07234fb775616a2c7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
x-amz-version-id: null
via: 1.1 varnish-v4
x-url-without-qs: /_conteudo/jsons/top-geral.json
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-amz-request-id: SH7V15AQHWGAVAV0
age: 154
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-url: /home/correio/public_html/_conteudo/jsons/top-geral.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2: X3hwzbFBaMlgCg5kzoCQONETCcDS3IF5/av1fLnLIzDhNKP6Sh2Mf2zEzb+EyF+U9J0Om0WwMCU=
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
last-modified: Sun, 21 May 2023 17:16:36 GMT
server: AmazonS3
etag: W/"26597d3f08f140822c5437489fe3d495"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
x-varnish: 18649782 16098014
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
x-host-orig: www.correiobraziliense.com.br
x-cache2: HIT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 152ms
41ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/src/assets/js/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 17:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4082
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 21 May 2023 19:05:00 GMT

GET
DATA 200
OK truncated
/ 208 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dd4fce3d2c7713162f428e67f8e079c60a3a6f0e2515acd91b0827c416e6bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 46 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 150e0e4971227347e3dcf48f5e8bf99ea7ab318c00d6693f1be1778e471b4798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 408 KB
126 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128722
x-xss-protection: 0
server: cafe
etag: 7615930951174331818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 May 2024 10:36:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
618 B 168ms
74ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

112f050682454f720588e5251831839e4a7bdafc9bf06cf5457fa63c0980848a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 593
x-xss-protection: 0
expires: Sun, 21 May 2023 18:13:02 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 58ms
56ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2778
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7caeca83a986924f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 24 May 2023 18:13:02 GMT

GET
H2 200 E3B10F08-C88D-4B73-856E-52B809C7DBED.jpeg
blogs.correiobraziliense.com.br/capital-sa/wp-content/uploads/sites/59/2023/05/ 117 KB
117 KB 235ms
50ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.correiobraziliense.com.br/capital-sa/wp-content/uploads/sites/59/2023/05/E3B10F08-C88D-4B73-856E-52B809C7DBED.jpeg

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

nginx /

Resource Hash

80bc50a58ea569d7e3d06715156d6b85e34ebd9ed955156dae429d8ba0266c2f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
last-modified: Fri, 19 May 2023 04:25:56 GMT
server: nginx
etag: "6466fa54-1d451"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 119889
expires: Tue, 20 Jun 2023 18:13:02 GMT

GET
H2 200 Design-sem-nome-e1681612753241.png
blogs.correiobraziliense.com.br/jusbraziliense/wp-content/uploads/sites/66/2023/04/ 35 KB
35 KB 211ms
57ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.correiobraziliense.com.br/jusbraziliense/wp-content/uploads/sites/66/2023/04/Design-sem-nome-e1681612753241.png

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

nginx /

Resource Hash

732cfb9e8195124d0de68f42d1986f23f136204a635b742f6a21b5d2fa410747

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
last-modified: Sun, 16 Apr 2023 02:39:14 GMT
server: nginx
etag: "643b5fd2-8a65"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35429
expires: Tue, 20 Jun 2023 18:13:02 GMT

GET
H2 200 R.jpeg
blogs.correiobraziliense.com.br/consultoriosentimental/wp-content/uploads/sites/40/2023/05/ 36 KB
36 KB 212ms
70ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.correiobraziliense.com.br/consultoriosentimental/wp-content/uploads/sites/40/2023/05/R.jpeg

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

nginx /

Resource Hash

ee3e792af06bd2d0f3f3c77edacf4aced24d8eb3a47424968339b0f49ef952a5

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
last-modified: Mon, 15 May 2023 02:40:03 GMT
server: nginx
etag: "64619b83-907a"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36986
expires: Tue, 20 Jun 2023 18:13:02 GMT

GET
H2 200 AvantData_2022_0028.jpg
i2.wp.com/blogs.correiobraziliense.com.br/marcas-e-negocios/wp-content/uploads/sites/65/2023/05/ 3 MB
3 MB 147ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/blogs.correiobraziliense.com.br/marcas-e-negocios/wp-content/uploads/sites/65/2023/05/AvantData_2022_0028.jpg?fit=2941%2C4412&ssl=1

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0bd3d8c980f640512d98fcbf087d156cd51f187b6f90dd94773d7318c7383d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Sun, 21 May 2023 18:13:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 May 2023 09:27:20 GMT
server: nginx
etag: "756034a05227d49a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blogs.correiobraziliense.com.br/marcas-e-negocios/wp-content/uploads/sites/65/2023/05/AvantData_2022_0028.jpg>; rel="canonical"
content-length: 2905404
expires: Mon, 19 May 2025 21:27:20 GMT

GET
H2 200 69229.jpg
edicao.correiobraziliense.com.br/correiobraziliense/2023/05/21/140745/thumb/ 45 KB
45 KB 146ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edicao.correiobraziliense.com.br/correiobraziliense/2023/05/21/140745/thumb/69229.jpg

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Azion IMS /

Resource Hash

7f8856ff1ff89286417c0f54c072a31382ff8de05574200e95d54fe7f1029429

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
server: Azion IMS
x-original-image-size: 29212
etag: "9c85247d632891ab86fc187bd69be05bf4981bae"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 45794
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 04:06:20 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/diariosassociados-correiobraziliense/ 3 KB
2 KB 144ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2dae33970747c9ba465766199c26b2c12be9e074431ab67ae12db83f337b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: w3FcFGFt1fyNDPAT3bnfnY1s6QRgh1Zv
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 21 May 2023 18:13:02 GMT
x-amz-request-id: D41TKHCXY2BN4TJD
age: 179
x-cache: HIT, HIT
content-length: 1160
x-amz-id-2: lvKMUMQMo2+7uxVHiU1sRDXZt9r4HLl29JvVYTGuLI4/tS7evilcUpVfP4QrFvXP/7fIT/EjONo=
x-served-by: cache-bur-kbur8200027-BUR, cache-fra-eddf8230082-FRA
last-modified: Thu, 11 May 2023 10:31:37 GMT
server: AmazonS3
x-timer: S1684692783.919050,VS0,VE0
etag: "59668a2ada684a4643e3af824f95ea94"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 impl.20230520-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 765 KB
160 KB 54ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230520-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 29c4f57a15a1c5993ad6026133559df94b56d21b43ce84cf21cbd5441e96fe13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: xt.QhelAXNqePRQYpl3Ozib8S0M74UnY
content-encoding: br
via: 1.1 varnish
date: Sun, 21 May 2023 18:13:02 GMT
x-amz-request-id: N4NNRY3B830EXX5Q
age: 3981
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 162970
x-amz-id-2: DOeMc6Ni+2XnQ5P1evpzj9HdJWiuAR7/95108VehTAid3l6L19ub9JX/lKY2nd0Sx0v9jYxkD+k=
x-served-by: cache-fra-etou8220090-FRA
last-modified: Sun, 21 May 2023 09:06:35 GMT
server: AmazonS3-br
x-timer: S1684692783.714735,VS0,VE0
etag: "4aba35c5023fac7d7585da293def200c"
vary: Accept-Encoding
content-type: application/javascript
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 12136

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 129ms
41ms Script
application/javascript 99.84.88.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-4.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 06:03:54 GMT
content-encoding: gzip
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 43749
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8xjMJKw94l14s3tK9Ix5idMLSwXWOj1SROvczjGZgHJQzQgKC1ESZQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
82 KB 70ms
68ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VSQN11XK2K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HG8CK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f30458a9b37774dabda685afb56abdad505d42afe33f4cb6573fe4abe1908bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:02 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 34 B
189 B 146ms
44ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=gynC83fhhUJjhRu&fields=region,countryCode
Requested by: Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 32c55316ebfc3e6786779fa4bf7861d51750d1cf19ae6ac9de20b24b054505e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 21 May 2023 18:13:02 GMT
Content-Length: 34
Content-Type: application/json; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
359 B 148ms
50ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-9264035-1&cid=1350940105.1684692783&jid=1728988708&gjid=1098024674&_gid=747914680.1684692783&_u=IGBAgEABAAAAAEAAI~&z=321267051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 May 2023 18:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
157 B 48ms
46ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1463674454&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=1787225055&gjid=1215673942&cid=1350940105.1684692783&tid=UA-81883435-1&_gid=747914680.1684692783&_r=1&_slc=1&gtm=45He35h0n715HG8CK&z=1312681626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 44ms
42ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1463674454&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1728988708&gjid=1098024674&cid=1350940105.1684692783&tid=UA-9264035-1&_gid=747914680.1684692783&z=977868803

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 18:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 44ms
43ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1463674454&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=25%25&el=%3Carticle%20class%3D%22article%22%3E&ev=25&_u=IGBAgEABAAAAAEAAI~&jid=&gjid=&cid=1350940105.1684692783&tid=UA-9264035-1&_gid=747914680.1684692783&z=262692534

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 18:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 44ms
43ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1463674454&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=50%25&el=%3Carticle%20class%3D%22article%22%3E&ev=50&_u=IGBAgEABAAAAAEAAI~&jid=&gjid=&cid=1350940105.1684692783&tid=UA-9264035-1&_gid=747914680.1684692783&z=1336348204

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 18:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 45ms
43ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1463674454&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=75%25&el=%3Carticle%20class%3D%22article%22%3E&ev=75&_u=IGBAgEABAAAAAEAAI~&jid=&gjid=&cid=1350940105.1684692783&tid=UA-9264035-1&_gid=747914680.1684692783&z=1381213211

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 18:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 45ms
44ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1463674454&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=100%25&el=%3Carticle%20class%3D%22article%22%3E&ev=100&_u=IGBAgEABAAAAAEAAI~&jid=&gjid=&cid=1350940105.1684692783&tid=UA-9264035-1&_gid=747914680.1684692783&z=1173368598

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 18:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/ 5 KB
2 KB 51ms
51ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baebef129478521986b3226c2cb8b21b16898d0ca819cafb70588b59458e9f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1312
cf-polished: origSize=5582
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a05a0c9a-1914-45e4-bf9a-f4c5ef410164
x-runtime: 0.028805
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"9066443909df4aab4cb4cb2288c22858"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7caeca84aab3924f-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 21 May 2023 19:13:02 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
192 B 392ms
129ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Sun, 21 May 2023 18:13:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 234ms
135ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUASCJ0O
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01d04cfc92500acfa8741bbe6479d2b4437246ae0258c42e219b62e7d139ef91

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 21 May 2023 18:13:02 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
957 B 144ms
45ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b7f6b7375a8d4e8fe84de41e4965a070cdddf1866bc8f74f62b54f2f42a2e57a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:02 GMT
AN-X-Request-Uuid: e21a56df-c5f8-4181-9904-e185488954a0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
982 B 238ms
124ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16558&site_id=134068&zone_id=633424&size_id=55&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&kw=not%C3%ADcias%2Cdistritofederal%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAnciaetecnologia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Ccorreiobraziliense&tg_i.page=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tg_i.domain=correiobraziliense.com.br&tg_i.pbadslot=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&tk_flint=pbjs_lite_v7.18.0&x_source.tid=2a405ae7-bdba-4f45-ab65-f716022a9ac5&l_pb_bid_id=88991215145bfc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&slots=1&rand=0.584680948350123
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 629d996ecc549295fab020cf2316cc576913c59220c0042cb886cda92431bbc0

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
191 B 380ms
132ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Sun, 21 May 2023 18:13:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
743 B 260ms
152ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16558&site_id=134068&zone_id=633424&size_id=15&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&kw=not%C3%ADcias%2Cdistritofederal%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAnciaetecnologia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Ccorreiobraziliense&tg_i.page=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tg_i.domain=correiobraziliense.com.br&tg_i.pbadslot=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&tk_flint=pbjs_lite_v7.18.0&x_source.tid=5330e72d-cb34-43ef-a02a-a610cc7fe30c&l_pb_bid_id=1204ee06335ad5e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&slots=1&rand=0.037949842679381396
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 219d20b74d9ae61b2fab4ec48c5a5c5da954ac29dd3090e078d3ee47aa6dfd81

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
762 B 259ms
175ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUASCJ0O
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a0e9a2b848973785f4f400dd77966e21a131139420a66e06830e09f9bfeba7a9

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 21 May 2023 18:13:02 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
958 B 165ms
51ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6a541ce13f06a25840bd4d5553c81c69ccfdfa9b9185d38047cdc695d1943e13

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:03 GMT
AN-X-Request-Uuid: 0f7b6367-d731-4ba9-8f62-1dab63f3395a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 162ms
54ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 156ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 154ms
42ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 May 2023 18:13:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 24818
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230126-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 143ms
40ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:11:08 GMT
via: 1.1 google
age: 115
x-guploader-uploadid: ADPycdvvpHHmD_njvQXN915ahq7Y5zeTtoBAjs5Zl4AZnXq6M2v3ykQGibVVpaQchdDk-xtHthWMN-o4asiPkIVuurorQ20GjNCz
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sun, 21 May 2023 19:11:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 156ms
43ms Script
text/javascript 108.138.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 05:55:32 GMT
content-encoding: gzip
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 44252
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: zmE0PcZWwhaCM6eELWCcSDpc0hU5AjLtzI0yQRrBug-8GJo5_r748w==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 153ms
58ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E4WC8ZW8FRBSGGPP
age: 3305
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7caeca861c2718cf-FRA
x-amz-id-2: TMsGokgS315E6FqOBpK9yhlvLe7KChSKw0QjhrjgzOykJJ1NA1RdC2F8KGuLwT24kR5DpOJ39SZBKc9KV8oH4w==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 159ms
41ms Script
text/javascript 2600:9000:2250:7a00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 02:36:56 GMT
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 56168
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: Iv-qqaYKXxwu1Iw10Zx3ZhjKYe7-KzupnTA5VeoPwrKrezdGfmMFMQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 156ms
43ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:00:55 GMT
content-encoding: gzip
age: 184328
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 18 May 2024 15:00:55 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 207ms
96ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 May 2023 18:13:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 770 B
428 B 156ms
155ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=96427992079881&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=739165561&didk=1892278484&sfv=1-0-40&ists=1&prev_scp=formato%3Dpatrocinado-1x1%26pos%3D0&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684692782897&lmt=1684692460&dlt=1684692782329&idt=477&adxs=0&adys=12687&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=1600x12687&msz=1600x0&fws=0&ohw=0&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ae23d8dd10f04553d5daf46deb56c99f165997a9e55dee3a0d88539e569ec9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
32 KB 250ms
249ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=317928162949197&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=1074340921&didk=4161235142&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684692782904&lmt=1684692460&dlt=1684692782329&idt=477&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a094dd1c1c8390ffdf850f77aef8e316ba2cf09747bc217611f8afc7c7bbe88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33226
x-xss-protection: 0
google-lineitem-id: 6219261759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422413001
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 128ms
127ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=3546210545675679&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=2372507249&didk=115140372&sfv=1-0-40&ists=1&prev_scp=formato%3Ddhtml-1x1%26pos%3D0&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684692782907&lmt=1684692460&dlt=1684692782329&idt=477&adxs=0&adys=12687&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=1600x12687&msz=1600x0&fws=0&ohw=0&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17eb3aeae1c23bd286091c2910bb4951439880a8ce87626ca6d4bb4e221ede05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4747
x-xss-protection: 0
google-lineitem-id: 6149134489
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411459999
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5542 6 KB
3 KB 180ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 18:13:03 GMT
expires: Mon, 20 May 2024 18:13:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 36 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de908e93aea0cafaa888a7bac1484a103fc232571a8d409b0913acc3c4f82c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12839
x-xss-protection: 0
server: cafe
etag: 429275192381491579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 May 2024 10:36:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 58ms
57ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-81883435-1&cid=1350940105.1684692783&jid=1787225055&gjid=1215673942&_gid=747914680.1684692783&_u=YGDAAEABAAAAAGAAI~&z=1883622053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 May 2023 18:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 235ms
137ms XHR
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc231e978a78dcba552776d2ffd408110346d288ae8ab4fe06a520d0b55e6a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47477
x-xss-protection: 0
server: cafe
etag: 1353478255910355719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:03 GMT

GET
H2 200 card-interference-detector.20230520-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 40ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230520-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9efeacd096bd192e4653b3b6b845b49677612e6ffb1a116ad36b4a19aa52d3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: M6r5t9slnaQ_mhn3kmFi4vwyK3UbZgDB
content-encoding: gzip
via: 1.1 varnish
date: Sun, 21 May 2023 18:13:02 GMT
x-amz-request-id: GQ21KXW9BPJZDCZB
age: 30635
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2178
x-amz-id-2: vGQnHMNwYmHzhU6N1gYEHPlCrrYtC25btxobM7SVcbsxgSWjVhNYSaGD6hZN5/Ro9lfBmArFqJE=
x-served-by: cache-fra-etou8220090-FRA
last-modified: Sun, 21 May 2023 09:42:28 GMT
server: AmazonS3
x-timer: S1684692783.968085,VS0,VE0
etag: "89a11919b21308e25127c4e0f7ff5da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 21295

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 130ms
42ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230520-1-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 352602
expires: 60

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 168ms
77ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-9264035-1&cid=1350940105.1684692783&jid=1728988708&_u=IGBAgEABAAAAAEAAI~&z=162041784

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 173ms
80ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-9264035-1&cid=1350940105.1684692783&jid=1728988708&_u=IGBAgEABAAAAAEAAI~&z=162041784

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 137ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VSQN11XK2K&gtm=45je35h0&_p=1463674454&cid=1350940105.1684692783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684692782&sct=1&seg=0&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSQN11XK2K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6685.js Show response
cnt.trvdp.com/js/1577/ Frame 5C97 477 B
842 B 209ms
67ms Script
application/javascript 99.86.91.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1577/6685.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-3.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fed2f3efe0426abe647fb44c860daf8aa7e5b25bb33c1b3450c4060b4511d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:54:55 GMT
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 15:13:07 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 1052289
etag: "40ae1e48e32844cbdd24358df5382760"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 477
x-amz-cf-id: oWcmtj_4b7BjmTWP_yiFIYaeMEov93vl0s_Ohqz3JzGSCwbEqHxjqg==

GET
DATA 200
OK truncated
/ Frame 5C97 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 194c0a6abcb4bdee9a9308e1294482e8c4b13f1251b686cebc985c31af1cee9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C97 0
29 B 86ms
86ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNiGtAUBGacRmbbHeHysjX7nT14sWus3yrKer-gSueJd7ujDfRKy-7y8xWPNBBXbxYxd0xVMP6--TNCbdXCVOIYkgCrpJoGAZvbr6WO5ny8a8finrSEwX4PJ_HqcmQH5_CwhLG2xwO2ysyu7CpoPJRDvdRXDVryDy3N-gFpbfkY3_D1p_lB3TCKXODWL4GNSHRTaHhhYHRguLEkXu7FPBF5Q8WtEQohK84hsm4DFlEkvEB9lZYver3PMhfNI4ULcxN3EnJ6oR_l6x5Tas2DI_7AXEPI7Jy8MzmQCTy065BVAzoZpEq6e5pOt8HOgRWw4SVrdyaXXRfZVOa7LrMlbiKNeN8j5RRlqTPOOPaVgGWtgnnz_VDUDV1pvjYMDzU&sai=AMfl-YRrM_EvXPzcsUa_wrnr0c1BXldAR0xcABuwfvojJ85VvEdmJCNQsenX-Mqfue_a8IhjaBgaHgHiu1Ozk8XFxmoX_etjAOvFvAVpFa2lHFiuA8MjQEQQ7KJumCFeyK0NwurryEbEUcHUAehuIdY&sig=Cg0ArKJSzNK6z5DRFDLkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 18:13:03 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 57ms
54ms Image
text/plain 99.84.88.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684692783126&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&c8=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&c9=
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-4.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: cTb2ebcHsutpEDl9KLqDuSBhqtnDhwiaCSYr-NdBf6iGx4VQs2je_Q==
x-cache: Miss from cloudfront

GET
H2 200 pmk-20220605.5.js Show response
pm-widget.taboola.com/diariosassociados-correiobraziliense/ 115 KB
31 KB 46ms
43ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/diariosassociados-correiobraziliense/pmk-20220605.5.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62c8db1616f0d79e468a60934d2cccee703916418ddf295fb1ff2ef03837c6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: fEt1a3cTEarlSuPhQIgiYgh0uJPUXpFF
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 21 May 2023 18:13:03 GMT
x-amz-request-id: 0CJKVX9HASXA5JZJ
age: 891678
x-cache: HIT, HIT
content-length: 31838
x-amz-id-2: kkgQw0iq4eGaSZr9XcvYa8ezlaSOqvNjdrg1zE8lf0CEZIcZWRkylaLET3ksVYG/+xkB7UVbIfE=
x-served-by: cache-bur-kbur8200106-BUR, cache-fra-etou8220090-FRA
last-modified: Thu, 11 May 2023 10:31:34 GMT
server: AmazonS3
x-timer: S1684692783.150389,VS0,VE2
etag: "8b1a54961440a300038ef41da4c12714"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 879, 1

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 58ms
57ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5750d3f44599f0a0c54a74102838155b78e44ced2aa546dfca28d563883ddc59

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 86047b27fd967e2a81f87a4a742c6df7
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 165ms
55ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiobraziliense.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 21 May 2023 18:13:03 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 90fe08baebaba58febff2a3481882559

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
338 B 139ms
42ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Sun, 21 May 2023 18:13:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
345 B 194ms
72ms XHR
application/json 99.80.210.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.210.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-210-150.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a9e608e9bdf2d6a57a4446504074c8be222fcbd1a6c147598fa56e0c65774036

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache
x-server: 10.45.30.242
access-control-allow-credentials: true
content-length: 60
expires: 0

GET esp
oajs.openx.net/ 0
0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 57ms
57ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2776
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7caeca86f97f3624-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Jun 2023 18:13:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2D99 4 KB
1 KB 142ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 17:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 18:13:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D99 205 B
649 B 130ms
40ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:49:40 GMT
x-content-type-options: nosniff
age: 1403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 May 2024 17:49:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D99 604 B
694 B 131ms
41ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:40:49 GMT
x-content-type-options: nosniff
age: 1934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 May 2024 17:40:49 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 2D99 20 KB
8 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 17:35:55 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3F80 15 KB
6 KB 49ms
47ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.correiobraziliense.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 18:13:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 361088
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 51ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 57ms
55ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 577ms
576ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=1755823290178151&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1190x250%7C728x90%7C970x90%7C970x250%7C980x250&ifi=4&adks=4112734997&didk=2219890384&sfv=1-0-40&prev_scp=identificador%3Dpublicidade-rasgado-1%26implementado%3Ddinamico%26pos%3D1&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie=ID%3Dbd3900a8978da11c%3AT%3D1684692782%3AS%3DALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q&gpic=UID%3D00000c18da6076f2%3AT%3D1684692782%3ART%3D1684692782%3AS%3DALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw&abxe=1&dt=1684692783277&lmt=1684692460&dlt=1684692782329&idt=477&adxs=205&adys=946&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=1400x250&msz=1372x-1&fws=4&ohw=1372&psts=ABHeCviBxT3l5mngaCeOodu7pOSt_jC9ph0Q_L3wq9C6K-ajLXIqiGDEW6HlGNNO6V46Ay4hYUbYZ0N6JOKyfyWnlLE%2CABHeCvh-5qTlXJj-vmVk0Btf7h4XXSyLWdSvaUVzUWPrjL06eLyA5bZmQfMU2LtO26QRLOGOCjL2KKXIiXjsWQQSOxB9qCq1%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ff84717ce31eec69733afb3232c32a567a70a6fce7e26fede4526a1a0990384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10904
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
49 KB 467ms
466ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=3349634945881381&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=5&adks=234606839&didk=1213427005&sfv=1-0-40&prev_scp=identificador%3Dpublicidade-anchorads-1%26implementado%3Ddinamico%26pos%3D10&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie=ID%3Dbd3900a8978da11c%3AT%3D1684692782%3AS%3DALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q&gpic=UID%3D00000c18da6076f2%3AT%3D1684692782%3ART%3D1684692782%3AS%3DALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw&abxe=1&dt=1684692783291&lmt=1684692460&dlt=1684692782329&idt=477&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&psts=ABHeCviBxT3l5mngaCeOodu7pOSt_jC9ph0Q_L3wq9C6K-ajLXIqiGDEW6HlGNNO6V46Ay4hYUbYZ0N6JOKyfyWnlLE%2CABHeCvh-5qTlXJj-vmVk0Btf7h4XXSyLWdSvaUVzUWPrjL06eLyA5bZmQfMU2LtO26QRLOGOCjL2KKXIiXjsWQQSOxB9qCq1%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828ab284d9344f5e857b9912f918eba455b9153e56105cfdd9d41c2cb8036967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49846
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6685.js Show response
go.trvdp.com/init/ 6 KB
6 KB 168ms
53ms Script
binary/octet-stream 18.155.129.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6685.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1577/6685.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-84.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56e8976c0fe9aaf71e58f2fdc2109ce5afdcf2b78cc9b8b487df7115b97fcdc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 04:19:33 GMT
via: 1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2023 02:39:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 6443611
etag: "c3fdbe2f244a9f7cf279f50c28185999"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: -st-cKY8ajPqIx6PZJtYImKTW5AOySOBcnwxw4wEepj3UEazUFhyAw==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3F80
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=correiobraziliense.com.br&sn=ChromeSyncframe&so=0&topUrl=www.correiobraziliense.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=94iwYnxSVmFnNkRncDRMQjhUNGZmSnZJKzhiOStmUkNuU3Q2YURXTlF0U3d0d09Oem5XUytwMms0OGVxZjJWT05tK2cvcWQrMlBHWm1VazhWVDhxNEpkMnRjcmVlQkwrd3g0bnBURkJLVVRUM2M3SHVQU1VLNC9sTk9JNk...

454 B
672 B

171ms
53ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=94iwYnxSVmFnNkRncDRMQjhUNGZmSnZJKzhiOStmUkNuU3Q2YURXTlF0U3d0d09Oem5XUytwMms0OGVxZjJWT05tK2cvcWQrMlBHWm1VazhWVDhxNEpkMnRjcmVlQkwrd3g0bnBURkJLVVRUM2M3SHVQU1VLNC9sTk9JNktSQmtRaXpHZUZaTlZaMlJLbkNNbFJoQitadGZRYzF0eXdHTkVraXpxcE9wTHZRVnRJRVZKRklFd0dOWVZEbThjb0JTVFc5QlN4UHVlVVArZG1wZHE0bnhmUUdEOHQyRk5vZjZuTGRvTXQ4aEwrekZwcnF0bDF0cG1VTER3Tjh1eUFRYkZpc3VHY2hSa1JMNDU1TGdrc2xFZ3Vic3dheHNQSUdUaDY2NDIzOXlVcnZMM1BGRT18&cppv=2

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9813cdd068499b5e6921ee12da0368b031adbc920018f262d024e1d6171ad336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1921398
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=94iwYnxSVmFnNkRncDRMQjhUNGZmSnZJKzhiOStmUkNuU3Q2YURXTlF0U3d0d09Oem5XUytwMms0OGVxZjJWT05tK2cvcWQrMlBHWm1VazhWVDhxNEpkMnRjcmVlQkwrd3g0bnBURkJLVVRUM2M3SHVQU1VLNC9sTk9JNktSQmtRaXpHZUZaTlZaMlJLbkNNbFJoQitadGZRYzF0eXdHTkVraXpxcE9wTHZRVnRJRVZKRklFd0dOWVZEbThjb0JTVFc5QlN4UHVlVVArZG1wZHE0bnhmUUdEOHQyRk5vZjZuTGRvTXQ4aEwrekZwcnF0bDF0cG1VTER3Tjh1eUFRYkZpc3VHY2hSa1JMNDU1TGdrc2xFZ3Vic3dheHNQSUdUaDY2NDIzOXlVcnZMM1BGRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 370988
content-length: 0
expires: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame B3DC 22 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame B3DC 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 13:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3DC 170 KB
53 KB 155ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:03 GMT

GET
H2 200 8827100208886452497
tpc.googlesyndication.com/simgad/ Frame B3DC 47 KB
47 KB 50ms
48ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8827100208886452497

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c79ba62a21dcda50a5357593192fd16a8d791f1e2cb51a3b517db0e317676d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:58:10 GMT
x-content-type-options: nosniff
age: 126893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47723
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 19:52:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 06:58:10 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E382 0
176 B 161ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 21 May 2023 18:13:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 287ms
156ms XHR
application/json 18.164.52.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1577&wid=6685&cb=543.1567194175146&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6685.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-38.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: b1702d6ed4432160887777e2713d48a18a9dc4fec4f1caceba33ecb44896613d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
via: 1.1 ce94a1256cdf6d537b1e033f1e5d872e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
x-amz-cf-id: ZKgt5WBs5ccPG2F7wCCqohYy5MdPwJfelfsAyDzvJqk-0YlC4K-7RQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 94ms
93ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93d17db831949a76bca78132ab15f8a476826d47ca1b4da7bd46b150fa3dab4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11064
x-xss-protection: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 423 B
458 B 101ms
100ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16558&site_id=134068&zone_id=633424&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&kw=not%C3%ADcias%2Cdistritofederal%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAnciaetecnologia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Ccorreiobraziliense&tg_i.page=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tg_i.domain=correiobraziliense.com.br&tg_i.pbadslot=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&tk_flint=pbjs_lite_v7.18.0&x_source.tid=9e917497-77d0-4268-9404-a87128dfaa9f&l_pb_bid_id=185e0977a28a116&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fhome&slots=1&rand=0.5570289317079582
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 86e1ab899e8fcc225875d4c787e1047170a3cf60fe09980e923d486c0e3ee718

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 423
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
191 B 128ms
128ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Sun, 21 May 2023 18:13:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
400 B 266ms
127ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 21 May 2023 18:13:03 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
785 B 141ms
140ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUASCJ0O
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 876320ce54f218dd6ef3548e59ead4b4a847d8bf577775217fb35cbca310f690

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 21 May 2023 18:13:03 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
958 B 46ms
46ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid7-18-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6d4f8add7514dccaeba88f91fefc54c94ab39db361eaf14f83077251d80667ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:03 GMT
AN-X-Request-Uuid: 79ef4ebd-b133-40c5-8fe8-c1cd0f2554e1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 18:13:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D229 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 13:30:12 GMT
expires: Mon, 20 May 2024 13:30:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01E8 783 B
971 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

429770683bc96134bb4b57c892caaa6451c5fe447db60ca9fc67fc198977fc88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gm2sGuGFWKWtukAOXB5NJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-gm2sGuGFWKWtukAOXB5NJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 18:13:03 GMT
expires: Sun, 21 May 2023 18:13:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.802/ 466 KB
138 KB 250ms
74ms Script
application/javascript 13.32.145.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6685.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-145-49.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 01 May 2023 04:20:10 GMT
content-encoding: gzip
via: 1.1 9b427fe18ba309a4a1a6bf65fd541cd8.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C2
age: 1777974
etag: W/"bc1129a1d65d16ce761ff5637cdc8f53"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mXeK9fYoE83XCnex_3IF16w8C-9Fzv7OvwF7PqVg_jDTRS0Eo5Egmw==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305051745000/ Frame 107F 222 KB
61 KB 160ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61874
x-xss-protection: 0
server: sffe
etag: "1f10ad03381c56f5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 107F 15 KB
5 KB 264ms
145ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5227
x-xss-protection: 0
server: sffe
etag: "c5726c99a9d8e9d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 107F 94 KB
28 KB 272ms
153ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28894
x-xss-protection: 0
server: sffe
etag: "e449c041a52d1404"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 107F 72 KB
16 KB 282ms
163ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c42a1ee3d12e748570e81eb151243cb6b1e48c9cae6051457de3381f78c7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16667
x-xss-protection: 0
server: sffe
etag: "45a2543d4c06d8a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 107F 5 KB
2 KB 266ms
147ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "40d60bfa9b2b96dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 107F 40 KB
13 KB 267ms
148ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12944
x-xss-protection: 0
server: sffe
etag: "8267429d1a59707e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
DATA 200
OK truncated
/ Frame 107F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8d20d16f3cb6c5bd03261633be858c2e6f45b9f0483bf68ac3c11d32d01dfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 107F 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 3794
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Mon, 22 May 2023 17:09:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 107F 344 B
368 B 40ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 16673
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 22 May 2023 13:35:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 107F 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVlaYV7t5O4fMlhhe_h45N5KZkiS3RoWLTT-vs3e1OPNTHctB3wScv22jVvbE-RdExrrd05sm7v7dLMh6DXUI5GqLZSA
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 107F 0
0 88ms
87ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd7-tL19qZOS7GZvygAe7j5GwDcSsztJwmLCOppARrcr93wUQASC4_9AgYJXqpIKwB6AB2vDluSjIAQmpApJs-AuzILI-4AIAqAMByAMIqgShAk_QKfF1u9kafbGhPbav_zBrdwDhn2mHq0KY2YaCrVgIkCg-V3G84WqrBJEXGnT8263rbx077d2rnHxNMAUByJpapk1CLrVWWC37_0jGPGqIylaCFAgxMFC0XokQ8DbDgD4fTQio3ZwXnHAr89uVoRxEOFgxxw5Cgd6dfDhTEJr7VPge71zQ5NyudcZPMUQfAsfPLkz2BA0Mti_tH8hVHUsD4nkrFLyUWs6T4KHGtdydoY5Px33n7trDEeqRlpom4jU4x2qO93dADiGE3lY65q5AtzFrb8a1iZ5D1OhHWMq10nqwYLFe-VEpSntt6A1px0w11Sfk-YHnPLl80vWX7QMiSrwE2b_go7RIfqpusIV78h4Kj_uCGbe01eyCIcgplNbABNuGlMSrBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfaqLaZA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ6ZDNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItODk2NTI1OTUzNjY3MDQ2NRju0RA&sigh=pUxDizC8eT8&uach_m=[UACH]&cid=CAQSPABygQiDRPT8_3cNoIuQt4qmDvZ5ozP2m3hbQku0-2jqD0-WnU4-St8RBMxFzNTjQtQAZNnGMiEIjVYzIBgB&template_id=419
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 107F 37 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97c6107ec1222df722b2e92b77710a629b5afc75161714d3a8aa71093558adfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame D229 37 KB
14 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 May 2024 10:06:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01E8 0
0 159ms
75ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=939852463761243&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 438ms
437ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939852463761243&correlator=2822843519001799&eid=31074682%2C31068367&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=200x200%7C300x250&ifi=6&adks=1238134650&didk=18613479&sfv=1-0-40&prev_scp=identificador%3Dpublicidade-retangulo-1%26implementado%3Ddinamico%26pos%3D2&eri=1&cust_params=testeab%3D5%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252C%26titleofpage%3DCorreio%2520Braziliense%253A%2520not%25C3%25ADcias%252C%2520an%25C3%25A1lises%2520e%2520v%25C3%25ADdeos%2520do%2520DF%252C%2520do%2520Brasil%2520e%2520do%2520mundo%26tagsofpage%3Dnot%25C3%25ADcias%252Cdistritofederal%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%2520e%2520tecnologia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Ccorreio%2520braziliense%26reload%3D0&sc=1&cookie=ID%3Dbd3900a8978da11c%3AT%3D1684692782%3AS%3DALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q&gpic=UID%3D00000c18da6076f2%3AT%3D1684692782%3ART%3D1684692782%3AS%3DALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw&abxe=1&dt=1684692783894&lmt=1684692460&dlt=1684692782329&idt=477&adxs=1236&adys=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&frm=20&vis=1&psz=300x250&msz=300x0&fws=0&ohw=0&psts=ABHeCviBxT3l5mngaCeOodu7pOSt_jC9ph0Q_L3wq9C6K-ajLXIqiGDEW6HlGNNO6V46Ay4hYUbYZ0N6JOKyfyWnlLE%2CABHeCvh-5qTlXJj-vmVk0Btf7h4XXSyLWdSvaUVzUWPrjL06eLyA5bZmQfMU2LtO26QRLOGOCjL2KKXIiXjsWQQSOxB9qCq1%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1350940105.1684692783&ga_sid=1684692783&ga_hid=1463674454&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

783d5ed4ab597fcb537adf1198eb21dcc9a3ad709e35e3990e1b2c0c82529712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10667
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305051745000/ Frame 6FD6 222 KB
61 KB 101ms
86ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61874
x-xss-protection: 0
server: sffe
etag: "1f10ad03381c56f5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 6FD6 15 KB
5 KB 156ms
154ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5227
x-xss-protection: 0
server: sffe
etag: "c5726c99a9d8e9d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 6FD6 94 KB
28 KB 160ms
158ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28894
x-xss-protection: 0
server: sffe
etag: "e449c041a52d1404"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 6FD6 5 KB
2 KB 164ms
162ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "40d60bfa9b2b96dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 6FD6 40 KB
13 KB 165ms
163ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 10:36:41 GMT
age: 200182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12944
x-xss-protection: 0
server: sffe
etag: "8267429d1a59707e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 May 2024 10:36:41 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6FD6 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 3794
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Mon, 22 May 2023 17:09:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6FD6 344 B
368 B 41ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 16673
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 22 May 2023 13:35:10 GMT

GET
DATA 200
OK truncated
/ Frame 6FD6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53ed220e3efc998087ccf53c89031d2d03f921a4d9146cff7b9487fbed31ae5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11372747762630157267
tpc.googlesyndication.com/simgad/ Frame 6FD6 30 KB
30 KB 41ms
41ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11372747762630157267

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b9a8ed160abe932ab3f602393be98cf69f7da994aa8456ffb3aef2b654992e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:18:50 GMT
x-content-type-options: nosniff
age: 96853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31140
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 07:55:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 15:18:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6FD6 0
0 50ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTL1t0wVxMdQBN1wcQBOFYU2E8CdI6vVYOGzqXnKDCD30p1lp-2HgpQeyP_zwe4C5O890qKtS8gJpZVJGUnbAkDHy0klA
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6FD6 0
0 86ms
85ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CK8pHL19qZNibF5qcgQeb6K-AAcSsztJwu8atoKkRrcr93wUQASC4_9AgYJXqpIKwB6AB2vDluSjIAQOpApJs-AuzILI-4AIAqAMByAMIqgSgAk_Q5LhuRGiETQ-s3x1wNLoaZAQB0HrvsMk4TUsNQV8zqy1ugvhfLOx73t-DAljTxd-djDzIkAOJVwiGKnVqYztpC3OFW2A6OjnSmXzUSQ0g9t1-_4Js4Jue_lN6HJNiTtbr3_huC8xapnMNcjsv3092NXfxzlO9lkkpad_7mBw6jhaOStae9fPJKDmNj4S5UVF12gP2D2mw2pTiRwPyJzzm_p6-45tMUSBT_SDBcladypjh3p2C8822gMLG-8A1Jd6MNtjjAAymZ4jD4g2pdVEh0X8u7IXllxQm6XJiQLTn3RXd8cy-ZYDUCaVuPmEWLn5R9XYjEGmIXpf6_VFnvhkdFQ0zTc2tD6_nf99ecSjLgIR4i9LViXGcZOw31f8VQ8AE24aUxKsE4AQBkgUECAQYAZIFBAgFGASgBgOAB9qotpkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ1ogR0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTY1MjU5NTM2NjcwNDY1GO7REA&sigh=lnKrXJeID5o&uach_m=[UACH]&cid=CAQSPABygQiDmF_68ouuJ9BDCTLRYeo4GBAVzOpRpL9nPv4R91y56UdIG3LCD4YB3Li_n3WZPMDJIhpxArBc7xgB
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D229 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ojySfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6FD6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

53ms
53ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 May 2023 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
120 KB 209ms
92ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122524
x-xss-protection: 0
expires: Sun, 21 May 2023 18:13:04 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 371ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=AGiJQRr1ugTZ1dmdPQK46neAlr+M7Sdea6NfhmNQxChqn+3eB5kdJWH6Y8byMjep91OtQJ69aUL6nTCuTMF8FybnjhY6JkfBlaUKbklDS4Z6OtkZ9Y+i2sYwbioOcjvW31DCbKuw6A493wZ28VFYvJbTxdQO7Je6IR/GkH6SFzWMSWu0axRflXYDuqKZ12qVVFF7bWJInvYLNL2sctrht4Veg5djjikQUcPii14L4nFW8F8xEOoqp9w9zTTdXeGSc9N4Lbs5OsSVOBj3wJbzWw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
server: nginx/1.6.2

GET
H2 200 container.html Show response
49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C25B 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 18:13:03 GMT
expires: Mon, 20 May 2024 18:13:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2C16 624 B
242 B 83ms
82ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNVDEdJ8F7GPyXORHBKKLeG5aL1lYPFTI-Rxm_OwqzbdyOJfKKXrs5FrdbFUDzKcxoj_Wl2eizNrSG97q6NHBQrVciWflY3CXSdW2Wm9qEuACtFBUtG4zDi6UxR2a8UKyJJcL-xXThB0RcoeKNXluKW3TiBe7g_iqE2eerPu5V7xg8QaFaI

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 18:13:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C25B 78 KB
27 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C25B 42 B
63 B 75ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADqg2MEKk1ofHBW3dOYQSa5b_6O1GbbnLma_1Pv0CqilpJ1gmCYR_KqvFetuFQY-Rss2UpnIpgS-ubuPM59_ZkojpsBwup6RgO6uSB1isOUllKTEE

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C25B 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15183853837936921098&x=1&ct=76

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C25B 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 13:26:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C25B 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C25B 0
0 50ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpuE-5k9am2oe3m-7wEezhYJ0d-k3B4MEqEBnwolsuGLG35RTo8CVMoQoyq_mAAhfI3kgZCcJxSpXsgo6MsXQTDwELBw
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C25B 170 KB
53 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2C16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1

43 B
766 B

76ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNVDEdJ8F7GPyXORHBKKLeG5aL1lYPFTI-Rxm_OwqzbdyOJfKKXrs5FrdbFUDzKcxoj_Wl2eizNrSG97q6NHBQrVciWflY3CXSdW2Wm9qEuACtFBUtG4zDi6UxR2a8UKyJJcL-xXThB0RcoeKNXluKW3TiBe7g_iqE2eerPu5V7xg8QaFaI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2C16
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGpfMJJwfY38P.BfT4.F5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1&google_hm=2

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNVDEdJ8F7GPyXORHBKKLeG5aL1lYPFTI-Rxm_OwqzbdyOJfKKXrs5FrdbFUDzKcxoj_Wl2eizNrSG97q6NHBQrVciWflY3CXSdW2Wm9qEuACtFBUtG4zDi6UxR2a8UKyJJcL-xXThB0RcoeKNXluKW3TiBe7g_iqE2eerPu5V7xg8QaFaI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE_FNlRiA1PJLrKyQrvnOY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2C16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN8QDofne9cWYfeiy6zsjyc&google_cver=1

43 B
1 KB

47ms
47ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN8QDofne9cWYfeiy6zsjyc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYzbyI6QEwAQ&v=APEucNVDEdJ8F7GPyXORHBKKLeG5aL1lYPFTI-Rxm_OwqzbdyOJfKKXrs5FrdbFUDzKcxoj_Wl2eizNrSG97q6NHBQrVciWflY3CXSdW2Wm9qEuACtFBUtG4zDi6UxR2a8UKyJJcL-xXThB0RcoeKNXluKW3TiBe7g_iqE2eerPu5V7xg8QaFaI

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:04 GMT
AN-X-Request-Uuid: 61a51222-090e-4dbf-8a99-0d76519245db
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN8QDofne9cWYfeiy6zsjyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2C16
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTM2NTYxODYzODAzMjcyMw%3D%3D

170 B
243 B

53ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTM2NTYxODYzODAzMjcyMw%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 May 2023 18:13:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cca60cfb-48de-4042-89af-9362a77b3690
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTM2NTYxODYzODAzMjcyMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AF55
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

142ms
41ms

Document
text/html

104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 May 2023 18:13:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 21 May 2023 18:13:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server: AkamaiGHost

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bridge3.574.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DE87 708 KB
226 KB 42ms
41ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f29b2ceedb4715f748435499d0ecb6e642d03e40a30c3cefe1633da65937cfe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231178
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 10:38:12 GMT
expires: Sat, 18 May 2024 10:38:12 GMT
last-modified: Wed, 17 May 2023 20:24:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 867ms
759ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 18:13:05 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.802/ 282 KB
21 KB 431ms
431ms XHR
text/xml 18.164.52.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.802/v.php?st=vMshajEkWatqAWGy83DBIw&e=1684779183&ver=5.802&adid=ba2dc&videoUrl=//vid1577.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Fwww.correiobraziliense.com.br%252F&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=correiobraziliense.com.br&wid=6685&suid=1577&env_browser=Chrome%20113.0.5672
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-38.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: ac9607a1ad5f0b983df0483f632801c86843350220ecb5aa35d6ecc3ccaf19be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: gzip
via: 1.1 ce94a1256cdf6d537b1e033f1e5d872e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
x-amz-cf-id: dPlYIwIpaeY0LhlcPOYG0gZiBCQLjgvuXQiaVrFSlRTaOcf0adO9Gg==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 117ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=1OyrxAgYTHRB6ddKZGL3uXeAlr+M7Sdea6NfhmNQxChqn+3eB5kdJWH6Y8byMjep91OtQJ69aUL6nTCuTMF8FybnjhY6JkfBlaUKbklDS4Z6OtkZ9Y+i2sYwbioOcjvWcvXTSxGgfnyNq3rUlp5EQqAvI7M5sVcXOSCXq2BbrI7yqwunql/miHFv5t8qphBesLIVIFKtBeoKjLL/Bzxmh+6PRu5m5od4/IibaQ9R5kXhC91LWHTdQ87S0+/WNSauVWblAzwUdLUmMJ7b6DaO7ZyrNAOFsuGBqdob0kck7sw=&cb=26789721
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
server: nginx/1.6.2

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C25B 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3586252491072&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C25B 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3586252491072&version=m202301230201&ct=76&x=1&cor=15183853837936920000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C25B 105 KB
39 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0Ddsjq0eVsVN4c0AB37hhvQNzlnwZG22XBQPHariNzmBCMuTFulKKkiPO-kt7x9PoqV5sDwfrEgiS0JlfIKuIbDoaD8aYZ-MI0xL5AEKZ7_jaOY4zX1s1gflPrDybuXgK5Mr7PF0dDd0e8hJ6egpRHL4d_qP3uVYE2N_d1IBCJCQmAk8&dbm_d=AKAmf-Da04wZmmmHPfRbjOTWZoyQTKCtGpzX5bCO7QivhAOpcOGeS-wG7a3C46Ha_UP26bhwXPkTS--l8OKzDvF-5xs965a4i-mZDkiE7BNDeQyo0o4Lv4y7yg2o_OBagVrDNk6kStghtU3FeFf8I-avK-wH_5h5X2lPG955p4gWc319cHzgSoaStG16UjjQYXeRcsHDoinaWh1WaLlA4DJ1a1rZNPzUn6W_6HTmC-VhmrkDgbuC2NNFyXEX6FVtzK6bJzXLXYncYyt8miCXTo84tOf6H-nxzFYYaq6Mz9wq52XOf-sroSRauDQnsGhi-lx2ADMDel04MYn84w7aO1ewM-70Qz1_hsUyYsnVEksjCNJ_-DnlElFdyW0SU8DYNWckhwnvI92nUxOXoGcw4P4sZdCkUeR1Z9je42uIkj75F-poOjOpIIH-kWuMQWSzVzV3Ji_QaGx35E412OCv1NifZP1fHznKi60U_JuiiE1kzyPfYxHTur5PRNrkp9hPLe3iNRoDOE7rcOYDxwdTq3V-Hah8_ibiunl4RTbUXixIxzV1Z1IRWrnC1LLDx1pljxd4f0BILTzcvPxaaZ460jWAVKRLm3boIG76c_Q6_M-wCZJaZovW3Rq4qYMVKWQUoR-98K62UAs4FWmEMH_TUT956JFap8xXicIR-RNEP3RYT35Dqk1M_FwT-fqlAka-u5HgbEUeB8ZRaKUGd1DeExFJFySIzaTqHCsj8Gdxea5C1k6jLp9VoRB-Lk0bPQpcNNnAKZrmi_tS6KIv_LOJLPqBJqNmSIikoyUm2aPcQA_CkHErShndRKQuVWc648YKbgukQ5XIgxEyAebM3ZQSxKfGa6FoSEvR7uvKEuKQGSwYSvq3Kqc0_MB-bX8DzNx9vbEa57eWEu2D9BTUpmmG1-cyVw4orJe_aQMmyFdAqmmvUc2JzYaOifYs1nlpIr-MkAMRAwYM6HbzPpLrh5u-Gv3GGgjUSk9997BTKdb1hqVFUyqxYOkeYAw-yI8jaVNEny-Mp3lRU7LlMQt1kFKrESd7h8QRFX5MCa-AwV2Ez6NgDMtnJy3lkByNRW5ynvGut9yD_lklOnA_fPvBPRRXcfBI-VQMMUNWWOxQc7ZZeVhaNPBANVJqewnq-Gb3GrkmCQOu6tUXKooT5dDfiIpIMIlRy-XR_I4H4-lgfEvxNFPA1VOUI7R-GMbpIhBr1mic59Po3cU5sEOds9JljYDQaR0Z2FytvS-xU30VpDbmqKHyeF4biWoGM_jKIjR_Ld5NMmS4i1jJgjLfKLpp3W7vnEEIblqBT12OiNNVrxBOHaLxg8RnKNXHUuPxbNv_AGgfVkKq3t0Dq8pGVNw9eRyZ6loKrAYvZCQhn-TAWuUWhjoxCxMaNShxDDbdcBxY_0wfcIE3xCJXB2yijbgEo06DRTwNKr_PlAhbBRBI7R-aCYrTeFYoFrV8h3E3MmXrS99EP9KVGrfYsUgJPVPBbJ-OoIBf_NLeB9Ykq0ESTOBGDDk_K2UYgf--zmApxHt_bb4pFUcG9DytDzb31Q-PAaShD_Gu-_bqKce1YCQBCFXEtEwGuzrIc1Wwk2ZeghrE7z9g6PV5_1O9OekEguyGam38l7gDuYRx6OIg5ILQ0WZg4TOgXAKEkgV2xMQnx-SwKUkatsdUCXsU3rBGlT7q1840UzSpNrlljD2mr_zGBHAmWNjDLxYuZc_kWbQ8UE_04xNRu7TLD33Npsyly16xg-xQsFbWB2Gu284_Ahq8mthSa3X8F9iUWuApu2OUnZ-SlJhCnSMvK7HOHBa9c8ziuaaUh0zO8mgJ5OLQ6TL0RAv61EhWw91UP8NPSGE3XzYIPb3hfLt4HdFUjttRHGYXMLzUVEVKYUuIglOYzimNJF9QpFK5IXN_eFW22TYmYuEV37bM9C9uoJp6ysvR5w_dPCJPaJNFdkGsNESYs7gTQkHA8sQQ4dQ3Wfmnxs5vT_F_BryD0mt65aOEDmJu_6eNQyQoPrZxVtKh6MgDPONRIXnJFJNr5nlKCUv8m5hXylY403Dx-6xj3bApXy-Q7VzIcbpDdljEmg-vods4evvxYapmcaVFZato6QgrAx3KhHS4gK_CfbOcIfmQiNd1QgDf595iSz5GVfyYPVZbBqe7r6tkEiIx4Ft5KM3ZDtSdpm9zBVs0iOTdRkVFCpNoA6tqd7fiNUUZ998Z6CwSXyN2uHpsCIWynH42fiflPhCRXKprx80mkHnPYn75aVXNePqflPiPeYh1Es3Aed7CKamI1HO9zmzToOZAdeOj0G_dHQ4T3a5h9Zdrxq4xsLx5MkwkX-UhKIF9zq5kAaBaEk4fHBIgb6cmLNcwM88xlrFc92LIN4azCUP5t1CGOmH_9zjzaT44UYcYzQ0s56rFR-9fklnR7j_OVgAAmPFblh_kh2piirmk7gLeflAfjHIScw0j44MZaVnwnQ7zh-O5de9jO_WZHT_QLIY25HlEKQ48DuQsvXbE-N7dxTf5sW4Jnp6NM_1m3V5i7DOm5TGrprcTpX7EpDJby6M1VwGnnxsWZHg7ANEaoBsuVHLmwj-GnUyuRu2-dvyl-vghT2xXeSZ4Fjy2cKeW3DaSBsEsVR2pSGTuHOh8eOGJy77_Fc3L7pqTzlqPaSQi4iuyALNEcaEBXjY2OMZIztXLCpoDtyY2x5y5T3KiPnyI_WHzrmbUM-Myxy6zssHUvjNcAv_7PPl7oEGIF_Juwo_sn9paupen1XLXDzYwwghSJRX61Y7whyjVZgLiDEAA6QZVCXcThfbauNZbGaGOXuj_w-9y7bNUgL38fOw2Xm7qaVMZPSMq_DFgsOmHetyulTmyfmP01ST-rIVgXQYEZvjv1YQarLaU_L8Je65Ceqax61dEwYzCQf5QmDFhp9klFARGQm5_OKw3Wr-M_QGveKxeGoxIB9BV93cgz6bDWm2NGoxIe3EoEMzc6p0aZYe7hvPqenicZFw28DbHBHi3Py9WQy4FtPixEdotXVfMLr7H3s_TUHKTmlIiGFd7H9KwN23yv3lKTXmVmYMpEW6p4kE7Sr3VznIXEcoK1syM0iK455t_mg0O7yubd2Myi5H8Ws7WeSXkeIldqf5f54eTPiPrS-OHnJBDXxtQEGL_UPXcB3-G1EguFnjklmcBLDEV-uC8kGH6RQAlQIZwLnX2FAsFDV_4nfhL_BzzyQCD3ERb3K9Qci3QOjk5c9dxBAHZSRV6z6B50K__0QxRBssX9k-u5SrGNBAHPMWPS4f6DFCUy46K8T78ybRRsfvLUs7BkqQ2MMrcydCXs-IB-R3NnfcG3vtczFYkPDgBoA7im_NdbUMMdapiFqDuedlXhyB8x238E4cWD92JWwgxMmeRBNWd5JjLJffhYlHpRsgA4jWqYqIHBrsKitz51cE4m2qTWAy5-LQyNu_RcFoZMvVnOL6YrmXHcAq-Qu0AAoejU5m61nAzCq9KM_d2_HZPYzvXGkegpu-L-6Q8sbcSO11ngC5TG2rC4RbomMrRXqTz3ob8DsNIwzVS&cid=CAQSPABygQiDo8peq1c9VzGj1Sz2Ahhf4Kd0sR_pvrcUP5pRcF_vrDATZraNaQtQwGlXVATk4VcD5I1zGehBIBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ds=l&xdt=1&iif=1&cor=15183853837936920000&adk=3944675600&idt=144&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab64afe15148ecc6b4e60da8c6b1797c7c1714117b290a0287a1733fa98a592e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39585
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1450266/71191499/ Frame C25B 244 KB
74 KB 228ms
57ms Script
application/javascript 18.200.41.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1450266/71191499/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012289047&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20169809230&bidurl=https://www.correiobraziliense.com.br/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0heQRx2tfnb-wf7NaZqdMqx
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.41.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-41-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38e6086e49545eed6a7da3c03d215ac081ec3e886bc4c49840c4e38cc6891e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C25B 106 KB
37 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
Origin: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 May 2023 10:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame C25B 11 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0Ddsjq0eVsVN4c0AB37hhvQNzlnwZG22XBQPHariNzmBCMuTFulKKkiPO-kt7x9PoqV5sDwfrEgiS0JlfIKuIbDoaD8aYZ-MI0xL5AEKZ7_jaOY4zX1s1gflPrDybuXgK5Mr7PF0dDd0e8hJ6egpRHL4d_qP3uVYE2N_d1IBCJCQmAk8&dbm_d=AKAmf-Da04wZmmmHPfRbjOTWZoyQTKCtGpzX5bCO7QivhAOpcOGeS-wG7a3C46Ha_UP26bhwXPkTS--l8OKzDvF-5xs965a4i-mZDkiE7BNDeQyo0o4Lv4y7yg2o_OBagVrDNk6kStghtU3FeFf8I-avK-wH_5h5X2lPG955p4gWc319cHzgSoaStG16UjjQYXeRcsHDoinaWh1WaLlA4DJ1a1rZNPzUn6W_6HTmC-VhmrkDgbuC2NNFyXEX6FVtzK6bJzXLXYncYyt8miCXTo84tOf6H-nxzFYYaq6Mz9wq52XOf-sroSRauDQnsGhi-lx2ADMDel04MYn84w7aO1ewM-70Qz1_hsUyYsnVEksjCNJ_-DnlElFdyW0SU8DYNWckhwnvI92nUxOXoGcw4P4sZdCkUeR1Z9je42uIkj75F-poOjOpIIH-kWuMQWSzVzV3Ji_QaGx35E412OCv1NifZP1fHznKi60U_JuiiE1kzyPfYxHTur5PRNrkp9hPLe3iNRoDOE7rcOYDxwdTq3V-Hah8_ibiunl4RTbUXixIxzV1Z1IRWrnC1LLDx1pljxd4f0BILTzcvPxaaZ460jWAVKRLm3boIG76c_Q6_M-wCZJaZovW3Rq4qYMVKWQUoR-98K62UAs4FWmEMH_TUT956JFap8xXicIR-RNEP3RYT35Dqk1M_FwT-fqlAka-u5HgbEUeB8ZRaKUGd1DeExFJFySIzaTqHCsj8Gdxea5C1k6jLp9VoRB-Lk0bPQpcNNnAKZrmi_tS6KIv_LOJLPqBJqNmSIikoyUm2aPcQA_CkHErShndRKQuVWc648YKbgukQ5XIgxEyAebM3ZQSxKfGa6FoSEvR7uvKEuKQGSwYSvq3Kqc0_MB-bX8DzNx9vbEa57eWEu2D9BTUpmmG1-cyVw4orJe_aQMmyFdAqmmvUc2JzYaOifYs1nlpIr-MkAMRAwYM6HbzPpLrh5u-Gv3GGgjUSk9997BTKdb1hqVFUyqxYOkeYAw-yI8jaVNEny-Mp3lRU7LlMQt1kFKrESd7h8QRFX5MCa-AwV2Ez6NgDMtnJy3lkByNRW5ynvGut9yD_lklOnA_fPvBPRRXcfBI-VQMMUNWWOxQc7ZZeVhaNPBANVJqewnq-Gb3GrkmCQOu6tUXKooT5dDfiIpIMIlRy-XR_I4H4-lgfEvxNFPA1VOUI7R-GMbpIhBr1mic59Po3cU5sEOds9JljYDQaR0Z2FytvS-xU30VpDbmqKHyeF4biWoGM_jKIjR_Ld5NMmS4i1jJgjLfKLpp3W7vnEEIblqBT12OiNNVrxBOHaLxg8RnKNXHUuPxbNv_AGgfVkKq3t0Dq8pGVNw9eRyZ6loKrAYvZCQhn-TAWuUWhjoxCxMaNShxDDbdcBxY_0wfcIE3xCJXB2yijbgEo06DRTwNKr_PlAhbBRBI7R-aCYrTeFYoFrV8h3E3MmXrS99EP9KVGrfYsUgJPVPBbJ-OoIBf_NLeB9Ykq0ESTOBGDDk_K2UYgf--zmApxHt_bb4pFUcG9DytDzb31Q-PAaShD_Gu-_bqKce1YCQBCFXEtEwGuzrIc1Wwk2ZeghrE7z9g6PV5_1O9OekEguyGam38l7gDuYRx6OIg5ILQ0WZg4TOgXAKEkgV2xMQnx-SwKUkatsdUCXsU3rBGlT7q1840UzSpNrlljD2mr_zGBHAmWNjDLxYuZc_kWbQ8UE_04xNRu7TLD33Npsyly16xg-xQsFbWB2Gu284_Ahq8mthSa3X8F9iUWuApu2OUnZ-SlJhCnSMvK7HOHBa9c8ziuaaUh0zO8mgJ5OLQ6TL0RAv61EhWw91UP8NPSGE3XzYIPb3hfLt4HdFUjttRHGYXMLzUVEVKYUuIglOYzimNJF9QpFK5IXN_eFW22TYmYuEV37bM9C9uoJp6ysvR5w_dPCJPaJNFdkGsNESYs7gTQkHA8sQQ4dQ3Wfmnxs5vT_F_BryD0mt65aOEDmJu_6eNQyQoPrZxVtKh6MgDPONRIXnJFJNr5nlKCUv8m5hXylY403Dx-6xj3bApXy-Q7VzIcbpDdljEmg-vods4evvxYapmcaVFZato6QgrAx3KhHS4gK_CfbOcIfmQiNd1QgDf595iSz5GVfyYPVZbBqe7r6tkEiIx4Ft5KM3ZDtSdpm9zBVs0iOTdRkVFCpNoA6tqd7fiNUUZ998Z6CwSXyN2uHpsCIWynH42fiflPhCRXKprx80mkHnPYn75aVXNePqflPiPeYh1Es3Aed7CKamI1HO9zmzToOZAdeOj0G_dHQ4T3a5h9Zdrxq4xsLx5MkwkX-UhKIF9zq5kAaBaEk4fHBIgb6cmLNcwM88xlrFc92LIN4azCUP5t1CGOmH_9zjzaT44UYcYzQ0s56rFR-9fklnR7j_OVgAAmPFblh_kh2piirmk7gLeflAfjHIScw0j44MZaVnwnQ7zh-O5de9jO_WZHT_QLIY25HlEKQ48DuQsvXbE-N7dxTf5sW4Jnp6NM_1m3V5i7DOm5TGrprcTpX7EpDJby6M1VwGnnxsWZHg7ANEaoBsuVHLmwj-GnUyuRu2-dvyl-vghT2xXeSZ4Fjy2cKeW3DaSBsEsVR2pSGTuHOh8eOGJy77_Fc3L7pqTzlqPaSQi4iuyALNEcaEBXjY2OMZIztXLCpoDtyY2x5y5T3KiPnyI_WHzrmbUM-Myxy6zssHUvjNcAv_7PPl7oEGIF_Juwo_sn9paupen1XLXDzYwwghSJRX61Y7whyjVZgLiDEAA6QZVCXcThfbauNZbGaGOXuj_w-9y7bNUgL38fOw2Xm7qaVMZPSMq_DFgsOmHetyulTmyfmP01ST-rIVgXQYEZvjv1YQarLaU_L8Je65Ceqax61dEwYzCQf5QmDFhp9klFARGQm5_OKw3Wr-M_QGveKxeGoxIB9BV93cgz6bDWm2NGoxIe3EoEMzc6p0aZYe7hvPqenicZFw28DbHBHi3Py9WQy4FtPixEdotXVfMLr7H3s_TUHKTmlIiGFd7H9KwN23yv3lKTXmVmYMpEW6p4kE7Sr3VznIXEcoK1syM0iK455t_mg0O7yubd2Myi5H8Ws7WeSXkeIldqf5f54eTPiPrS-OHnJBDXxtQEGL_UPXcB3-G1EguFnjklmcBLDEV-uC8kGH6RQAlQIZwLnX2FAsFDV_4nfhL_BzzyQCD3ERb3K9Qci3QOjk5c9dxBAHZSRV6z6B50K__0QxRBssX9k-u5SrGNBAHPMWPS4f6DFCUy46K8T78ybRRsfvLUs7BkqQ2MMrcydCXs-IB-R3NnfcG3vtczFYkPDgBoA7im_NdbUMMdapiFqDuedlXhyB8x238E4cWD92JWwgxMmeRBNWd5JjLJffhYlHpRsgA4jWqYqIHBrsKitz51cE4m2qTWAy5-LQyNu_RcFoZMvVnOL6YrmXHcAq-Qu0AAoejU5m61nAzCq9KM_d2_HZPYzvXGkegpu-L-6Q8sbcSO11ngC5TG2rC4RbomMrRXqTz3ob8DsNIwzVS&cid=CAQSPABygQiDo8peq1c9VzGj1Sz2Ahhf4Kd0sR_pvrcUP5pRcF_vrDATZraNaQtQwGlXVATk4VcD5I1zGehBIBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&ds=l&xdt=1&iif=1&cor=15183853837936920000&adk=3944675600&idt=144&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:36:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame C25B 28 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11001
x-xss-protection: 0
server: cafe
etag: 16383942900985251592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:36:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=939852463761243&bg=!AgGlAVXNAAZ8_aWmXP07ADkAdvg8WomIulyXM8jVq77_btYj8AJZiAzNZ7DVj54m2ecuRFqoCAaNZCdvfyz6D50PUY9M_oUnn2MCAAAAf1IAAAACaAEHCgC3MfL45w97IO76HUa5ReeBoXIRjhvsQiFPXlhlF1_N1Q5iRDx7rGgr0oGawZFT1Oj0-86HMmeU4dfi1LI35N_P3TMYyqaWd_1Jy18vSt0K0T44wViAuxNcJUGcLlgZtzRz14RARrScHix4mDfxc1pF-xNOreWL9krS72XX17PRxKgXR3Q9ckLgDIANoLT1FJ-qs0qJ5kZJLrdGpHyiNYKwu7KLH3tEwCVpdUZoCZ1h-38pu7nGwo7kmQKmkpRJjnOdRDc-_Oxa5h2gj0RkkyMz8gTF1thwQcvqYVkGkxfzIvkJAeTw-kf_dKeR7B5MLuShx4Pm4wkBtUB1mR60iKzZbQd_mRWINZEedqBRmQn-rz7ouzEyyLKJdqvhZ_d7BN7P6P-0dmoYjFOL34Gdp_pchSEG0O7e1c3VdR_0tl0IPivhGhCDgtqNlSJco1NmUTajPEnon8KIYI1y-13PQs0MKKVpXk1PpfjL2fv2v9MT0DFxg-YwP68Amzi4bzoZmWLTOpgWerDCD_er67UJRFxixv41OSaE_O0AwUFQOmcauvU9xZJFG-VOcYPwyeOaxEtawWF0MgdvVSsd0nkM3CgSbgXGKGnB_pbVQu8eM3a5HYUM7DMGa9HfaX_fTYyVjumlatwy0a9vLXw9LsmoD23WsJkfk8m-i4ZawDZpTXXc9oeNv0qurH3nhRmOTDPcnsF-z5cH8SoWnqLNF9-tGrN8jE_DV2NUBdJWHm7kdoD0fGKfg_-uaHGv7iRdDAb1QH2sOBvjvFjUgRVOAmktLGlkN_XxA8W7neTeOskPAlhsepK-zRB-C10VXH_r8aqbfrF6QWbersS_mqEqdBY_6DA8fbz_O-f4e0JB70NCoH8Z3k_31365jFzwLFqOnSV451KNrUm5K08kZMas3WA2DMJZOAaUAR-a_Czp5i_FjNKre_fvO3AjqLSEoV5v6U6wOqYb2yIIv3u9_IUAWIWRU_my8TEU2t3O3DlM-A4UZaxM1TdbKltvQJKBY3dWiSpTOVJHUOqm-RE21-KPzTZ5oaa9yDvCqY2fgRkN_oBNRDydqg3vZIAdbe7tYEQCSg7zCDEWkZJVlac102Qd1b8xVU2q_3kqFFjamPMTYYXKq2OP4Yz_s20UcMzQM8_VyxHYG4B0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C25B 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 10:39:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5FDA 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Mon, 22 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C25B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c5660c4bfa68d3ac807772cb920befd3ed8f5c159927a1e14e00444a97f460

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FFDD 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:11:19 GMT
expires: Sat, 18 May 2024 07:11:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AF55 34 KB
10 KB 51ms
50ms Script
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2023 04:27:12 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36866
Connection: keep-alive
Content-Length: 10085
Expires: Mon, 22 May 2023 04:27:30 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5FDA 70 B
265 B 188ms
58ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELidZuSfhTHiNVC-QGZ1vuU&google_cver=1&google_push=ATf1kGNB7vq6a63Kz8fhaOjYjTLdX1B_Sd2WbPUzSSgKqciOOMVwyWdUVNiXrnTsaU6G5FHyNR_nGO18_x7i5rKxXnq3FCv0Ef1DUQ
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FDA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBm03WoCUjOrL3Mh98yMYPk&google_cver=1&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNTcwMDQxMTExNjIyMjYwOA%3D%3D&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8ACHU...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNTcwMDQxMTExNjIyMjYwOA%3D%3D&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8ACHU5onoNslW29uQ

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNTcwMDQxMTExNjIyMjYwOA%3D%3D&google_push=ATf1kGOhWYyV9VgweX9bgb8J5lH4rhczGKRNy2RrbAicBdnSvjarOWSWATxvCBiixV45La7-1oQJDF4n-JzPx8ACHU5onoNslW29uQ
Date: Sun, 21 May 2023 18:13:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FDA
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ6y6OJygrnxLcij14WlMo4&google_cver=1&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0d...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ6y6OJygrnxLcij14WlMo4&google_cver=1&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNK6E6oCWsWEGhLApnXHFy2IopXO7PMyeNSWL49ktkmodFXrlZqPhzSMUP8wX-YH8n0Kr6HxXELbS1BXM3DzbkHx0dLLaXJGw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 5FDA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-P70cRsD1CQN0UI_UC2LTHU65lhopaTQ_2m_OTQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

39ms
39ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 114744
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FDA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZDyEa5S-hXzUtQoRAgY0U&google_cver=1&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAZDyEa5S-hXzUtQoRAgY0U&google_cver=1&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIzOTg4NTcwNzY4OTY1MDc5NA&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbP...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIzOTg4NTcwNzY4OTY1MDc5NA&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQkGuDwgav1lrt_Hn8yEHV8g

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIzOTg4NTcwNzY4OTY1MDc5NA&google_push=ATf1kGPsvvVC241WaMJmxzBLOTTkZaqLQE5LGPRJTgF5-Mj9EUGvA2sY2oWfuOoSdgjFy8kUSdMWbPnQkGuDwgav1lrt_Hn8yEHV8g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FDA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH-q_vKFPiZdwdQE4k1tPls&google_cver=1&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8Umrj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8UmrjS0GO9kEuFlIwgl9WtlFNVx1vRcQ

170 B
188 B

54ms
53ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8UmrjS0GO9kEuFlIwgl9WtlFNVx1vRcQ

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=ATf1kGNhFoXy7cFakelFiBx_7xz8LpvxM4TIal9qZHeq0ZTA1FkfCBsTaDgzvmHWc9J_wc8UmrjS0GO9kEuFlIwgl9WtlFNVx1vRcQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 5FDA 0
45 B 265ms
49ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECz5kqfGvalez9pbb51Vcmg&google_cver=1&google_push=ATf1kGOGca7bSyzYWXxKlxyh-ZyGALDTbFuxaYUVg0QeB9zB2NJ07D1Hx9l0o7v5M7O9fhTTDpKbK4Nmg1xqYE5wBt8rPQIbTDYguA
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5FDA 0
12 B 49ms
49ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxOzGqIho2F-LHBWfg61nvChoQwdr78xoR9qvNNBmOXj9Gsw80benjkPF_0fGPUdlWOn1o

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame AF55 0
239 B 538ms
128ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LHXQL2TX-H-E86F
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame FFDD 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 May 2024 10:06:26 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/ Frame 0546 6 KB
2 KB 40ms
40ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a5cbf71e42d824a8521271667134119ea9cd142df7c4695a2a086330f598195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 184028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1831
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 15:05:56 GMT
expires: Sat, 18 May 2024 15:05:56 GMT
last-modified: Thu, 04 May 2023 19:35:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C25B 0
0 198ms
87ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhkce-wFFdFZqgg0N423TduxKd9NpYlkeMmk03-NzaUHeUSq8dD3V2403rZpXGZF_F5CHDaW_5HVyYIGPJZQluDcCgKzQsVhxgb3FVvihKlBn7N6Wl4gdzEYRHfl8mLT7R9WV8g51E0_QrP37aJUqprOkPGIPMnPMBLI_qlZrFWxqpYuRXd5NPBw-qxRrYPb5ANivJgClJv_asIJnaz5p0RtljSb7wpzZHSIAzuj5DFTlLyDLWvBKyDWo3fNb9zQe_aI9-JRcmzHtxIxIjY-qh7b9l6WTwM_w84e7XCbKSqDTN4hGcJSjwFVBEENtlUIAMb2tF5Z8A2uMygxsalkxl2iWXx1z0VxKBD1N6KjqfvBAg2LoMdJGLxhb6wKRvw9i34kXPQ096vVzLOCyQVDD95ptRdbfVl2WHSYPG3-jNjp7H9ORQc_nMu0hTcpUnwO7fQQICIRYDkziBaRv4eN4I2XnJ8vOSOiTX5ePl0OWrzwbWQRGIgHyErsZbs9BK2R9bYVyZCJAkxFlfh39XVFdEDgfmLDJTXNxTSvXBmFSIICXsJvCEPBnJ44xqmi_rfV-FGfvDfvg-lFNBGM5CbDhbM_MlN7a5qdIcXNLM-VcobF5W1Kke22zE6u9VBbmanC8Ss2EQJwmzHVjM9gEmihcRddOq-2OBnPgaUjG1vrR647naYRuAgfYXkyx4-fbqZmPcdlQFX2oJf7gXkfipc7Gq5H_WfFno6QYixpSjX6Ry7gjpNhy0UJjou-_vxSkKQuzAPG8cBUxh7ztkZpuUxu-XBHQcEClEGzfuyWbCP0iJiDOrYuKo4TXY0WxnvIpCR5sFl-aeQYLyJNkEYerHV_J2mdq9XXwgJucAJXX7IW7mRO4mkOPrIkNXjeW9WR1C0PuQFbjQ94PW--heBO2i-6Ikd70hwcRae6kWVG0YhjVva8C3o279b8-RJb5RhjfwEQZpvDlbOXFsCcuPM2Qbdyx55F_-P4cm50Uz1M9ER6WwjbkWuiXbj0XCHmp7vSPxCbRoDTovzYIUrO_b1n0Gv_-T7UVDoekcHIwpuLx5imyAcdykoqVZ1EvFcq20-Z_qVAXvlczLDPhTCtvrIEcHl0DPQwq0ON-lh5FSc9zLZUAog2UIpaLkvhqbGEc9KEzTEbEtyiikiVbkrrClq1BQs62jO5eqDbYOSSxI81ZxwnRLODpdFH7BCpl578QCEreNIx_ClNNWimllWNmAgx4In4erXEm6e8Vvinogdb0j_bkbOuMjYKfyOp7vsCIS3n1xpa5DthKWj4fzt2ZTb75Ub1B--8puJRECX4tz6txgKCyASdcSB9UrEv1ywepkqntZaUXX8N7ANzhxMbac_3wPJiulpevcx0MNQYNH5r1PqQ1EweiVb53IfAAo9Hz9ceEVeBKl93Y&sai=AMfl-YT-GHWlYx6weNQ6gAxykArcTtUPDLPmj0iF5v0BmOqlFwG_4w3e09-IaOActyP5uyBhTF-nCYTYaj9LNH7eaOpjl5WElpFSfIPJhDmagL3GqtmDlRe056ZO0Xh4wokfD0CsJPWpexqLc3gv3b8HaczRmHsVBFsmWe2dvlBgPb3Z7cyd6e60BYedgVSuifNHYgpVrWe2sI4a060yoDFZQRtDBeEUDjQJalgUr6Sk-gBluS22GkTI9EPW7Md3vM_V53DpO2Sd7N4DQvGk5uo6DhyeTVt1bYU&sig=Cg0ArKJSzOno3jey2i2VEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20230517.42216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 May 2023 18:13:05 GMT

GET
H2 200 style.css
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/ Frame 0546 3 KB
1 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f769f95b84b50c00cd0e3f73498a490b6908e9c0763f5597dd3ee35afa890ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1154
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0546 57 KB
23 KB 1439ms
1438ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 18:13:06 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/libs/ Frame 0546 5 KB
2 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/libs/imagesloaded.pkgd.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1810
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H2 200 animation.js Show response
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/ Frame 0546 6 KB
1 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/animation.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48939a70a648bfa282707584cf2abd010948ed7e3f0cb164132069a7eb033388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1220
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 118ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=c+Yn7V2V58tVTtOLF1gsUse3EcP4Mtyq05rBMsYZ5xykpF/NXyrhlNfjnsFcfINuaj5uaWtlk6Dxxkv9Ibp+PPr+kwIu45DfgPgR9EeRFc838RjBpHklrW1MTFHo0NTdWJGxCWdmab7RsEx4gcajJHs/3O5WSskiuc1WbMFuU36s3beAifBmCri9zODBqzAp3PxKcgugNBvyWyb/GXdPepFH8gl9PSYCw5MvNTyBmb+o0Xxo2nA+0/Us2KDqA0GUGc4aLdEsiLuNaHLVf9psC9sKyxMcBAwV/1VP+m9mVD7qtf4SH6PF1ed+zZeFUcORTSPzTe6YBqwfg7WGhzHTm9N/GFQwdm5+B2xV7XYBb5d2gUu8fOzpbx7X/giEhZun&cb=82022547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 117ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=y9ZcuHxwCDjp7yFxRN6ozce3EcP4Mtyq05rBMsYZ5xykpF/NXyrhlNfjnsFcfINuaj5uaWtlk6Dxxkv9Ibp+PPr+kwIu45DfgPgR9EeRFc838RjBpHklrW1MTFHo0NTdWJGxCWdmab7RsEx4gcajJHs/3O5WSskiuc1WbMFuU36s3beAifBmCri9zODBqzAp3PxKcgugNBvyWyb/GXdPepFH8gl9PSYCw5MvNTyBmb+o0Xxo2nA+0/Us2KDqA0GUGc4aLdEsiLuNaHLVf9psC1qOTIw/wc/gMDi1iPjqJq4re+1ovRlrYqZineGA/dxUTSPzTe6YBqwfg7WGhzHTm9N/GFQwdm5+B2xV7XYBb5d2gUu8fOzpbx7X/giEhZun&cb=28569730
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
server: nginx/1.6.2

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AF55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH3MxCLnt8vva9iVKiU8nhk&google_cver=1

0
239 B

41ms
40ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH3MxCLnt8vva9iVKiU8nhk&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH3MxCLnt8vva9iVKiU8nhk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF55
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cl0wfJmRRbiUfDu6aZXV9w&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cl0wfJmRRbiUfDu6aZXV9w

43 B
479 B

60ms
59ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cl0wfJmRRbiUfDu6aZXV9w

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JWYPJV9N3TWA7KBG8A6V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cl0wfJmRRbiUfDu6aZXV9w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AF55
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/RIYggFmval7l4ksxOVUHGw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6EfqUitE2oJMn_af.Qy1hIR.DyCQSAVvaFhC5Q--~A

0
239 B

43ms
42ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6EfqUitE2oJMn_af.Qy1hIR.DyCQSAVvaFhC5Q--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 21 May 2023 18:13:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6EfqUitE2oJMn_af.Qy1hIR.DyCQSAVvaFhC5Q--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF55
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhYUUwyVFgtSC1FODZG
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH-q_vKFPiZdwdQE4k1tPls&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYUUwyVFgtSC1FODZG&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AF55
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iA3dDeWUSq6Ne6rlGXlZlg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iA3dDeWUSq6Ne6rlGXlZlg

43 B
479 B

129ms
128ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iA3dDeWUSq6Ne6rlGXlZlg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FMKQBAWTWR9620ACZ805
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iA3dDeWUSq6Ne6rlGXlZlg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AF55
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXQL2TX-H-E86F

0
648 B

287ms
187ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXQL2TX-H-E86F
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 357E89A5A3D643D09FAFF680CBE93367 Ref B: FRAEDGE1209 Ref C: 2023-05-21T18:13:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8OBsG9df35HEJftLwoA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXQL2TX-H-E86F
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF55
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwMGQyZTk3Njg3YzUyZDJkNmYxMWFmZDM4MTgzOThkOGQ2ZDcyYg

170 B
188 B

51ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwMGQyZTk3Njg3YzUyZDJkNmYxMWFmZDM4MTgzOThkOGQ2ZDcyYg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwMGQyZTk3Njg3YzUyZDJkNmYxMWFmZDM4MTgzOThkOGQ2ZDcyYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame AF55 70 B
264 B 59ms
59ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE87 156 B
655 B 490ms
365ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C6887%2FVideo1%2FVVVBTRVD_correiobraziliense.com.br&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3756279637019930&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.574.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2439379411&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.574.0&sid=126783D6-584E-4064-A6C7-296584DDA75D&a3p=EhwKDWNyd2RjbnRybC5uZXQYqJ6P_IMxSABSAghkEhkKCnB1YmNpZC5vcmcYp6CP_IMxSABSAghqEsIBCghydGJob3VzZRKsAVAxVkdheTRsR3lEdnpRKzM2Nzc4Zno0RFRVQWE3L3ZJYmtmMFFQT3VDdDRuRHR2bnpaYUt2STROWkd1dWI3cmhCNmdCOTZidWl3aGNNU3pCVkoxd2dlaHJKVDNINEk3S1lqNGdMUU5BOU5Ld3hTNjMwTzJERTFOWmkxcnc4azQ5clJuamw0NmRSL05nMU9xQTRPbW9DNFIybENIcWsxZ0k1R1cwRHlqWUpsTT0YqKKP_IMxSAASHQoOZXNwLmNyaXRlby5jb20YqJ6P_IMxSABSAghkEhkKCnVpZGFwaS5jb20YqJ6P_IMxSABSAghkEhQKBW9wZW54GMGij_yDMUgAUgIIbxIbCgxpZDUtc3luYy5jb20Yx6GP_IMxSABSAghq&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dlt=1684692782329&idt=2353&dt=1684692785022&cookie=ID%3Dbd3900a8978da11c%3AT%3D1684692782%3AS%3DALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q&gpic=UID%3D00000c18da6076f2%3AT%3D1684692782%3ART%3D1684692782%3AS%3DALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw&scor=1510962550700535&ged=ve4_td3_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 142 KB
142 KB 77ms
75ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/bg1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463b778d459aac2bb5dd17099e4c396db2aa1c9de6399d17239a6f91950858f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145292
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 bg2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 71 KB
71 KB 50ms
48ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/bg2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54266323336e8d64f70a00663955006935bd8634a7a1c78eec59a51f5f267ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73106
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 symbol.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 389 B
416 B 55ms
53ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/symbol.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef4b741afd0fcdf46637c90c1fc1837c3b7f69f69a637ca8a12db52b4e7713cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 symbol_last.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 443 B
470 B 55ms
53ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/symbol_last.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50df47da0db46f282089a4715dd53e2992597f46e283aea2a20b2a84d5804560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt1_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 54ms
52ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt1_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fe4dc01e876dc895850bf55aab908afb2650dccb3d37962a374524487abb6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1597
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt1_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 53ms
51ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt1_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f084af7f40a22369c3e784e67da9c39e231e6f324f9639c404be4bc60abba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 logo_corner.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 52ms
49ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/logo_corner.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8249609a5ea84e2fa5aa50189966514bfd1d0d348652c7457a410a08a0aedc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt2_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 55ms
52ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt2_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcd78dfd86fd205f786256498d893276ed9c083ec09911f9b04e0a8d073189e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt2_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 60ms
58ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt2_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d031d095f7b34cfd40cf7e16dcb057c9d61f2a527e61461254faec0f6e26c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1214
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 65ms
62ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a56749e5d70e82e70908949f3527f8c5455468e69b010c7868a8c64460dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 61ms
58ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b762d4f371a4124e6869a66ab7932199ab1847c7e558ac519dfc9ae992e369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2078
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L3.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 63ms
60ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda246b0d41638ec15275ed1c61e7cfa72ee79a16274e4c1c329a5ae7ad5e850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1981
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 57ms
54ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669ab87d6e0da3d0dcbc8a19bfa9f0381259afed9e90306727c22af21958ac14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2283
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 981 B
1008 B 58ms
55ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b96f7c909bf426eb41e8d63b19ee5da9288e3c3e9d4fc6197c900a524ad425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 981
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 circle.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 724 B
751 B 57ms
55ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/circle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82038e32e5f87c7fe6a3d48daf77a8df949d6450f5d8b6d2b59ed61ee3fd9122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 724
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 arrow.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 366 B
393 B 56ms
53ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/arrow.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7fdfe188805d1ca16e9d4d8bd86d429672a9364190dffd01c5d1e628573234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame C25B
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1450266/71191499/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012289047&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20169809230&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

1 KB
1 KB

126ms
49ms

Script
application/javascript

2600:9000:237d:9e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:237d:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: qG0gavlQiEpwK9AKo.qb12YTK3AnJXCR
content-encoding: gzip
via: 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 20:43:28 GMT
x-amz-cf-pop: MUC50-P2
age: 509378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 08 May 2023 20:43:25 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: nxb-2CIgekk1fNSOEaTY6hzitB4DtW1RqibBIj2mpkVtibwSBZpshQ==

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4B81 91 KB
23 KB 170ms
45ms Script
application/javascript 2600:9000:237d:9e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 20918209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: BOPWTYudKMGD1ksE8luVq_rQxOhoW0xWowF3iRwLjGoDaRWmmb8dCg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C25B 43 B
216 B 611ms
187ms Image
image/gif 2600:1f13:800:7780:62e1:f694:ef6b:7146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=53cee079-8e8c-fe93-63ee-b718dc08024f&tv=%7Bc:dh2LQp,pingTime:-3,time:53,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEUTeOY+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19*.1450266-71191499%7C191%7C192%7C1931%7C194%7C1a%7C1b%7C1c,idMap:19*,rmeas:1,rend:0,renddet:na,siq:22%7D&br=c
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:62e1:f694:ef6b:7146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C25B 43 B
215 B 608ms
188ms Image
image/gif 2600:1f13:800:7780:62e1:f694:ef6b:7146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=53cee079-8e8c-fe93-63ee-b718dc08024f&tv=%7Bc:dh2LQr,pingTime:-6,time:55,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEUTeOY+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19*.1450266-71191499%7C191%7C192%7C1931%7C194%7C1a%7C1b%7C1c,idMap:19*,rmeas:1,rend:0,renddet:na,siq:22%7D&tpiLookup=ao:www.correiobraziliense.com.br*&br=c
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:62e1:f694:ef6b:7146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C25B 43 B
215 B 598ms
188ms Image
image/gif 2600:1f13:800:7780:62e1:f694:ef6b:7146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=53cee079-8e8c-fe93-63ee-b718dc08024f&tv=%7Bc:dh2LQD,pingTime:-2,time:67,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:706,beZ:708,mfA:710,cmA:712,inA:712,inZ:717,prA:717,prZ:722,si:727,poA:728,poZ:749,cmZ:749,mfZ:749,loA:760,loZ:763,ltA:773,ltZ:773%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEUTeOY+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19*.1450266-71191499%7C191%7C192%7C1931%7C194%7C1a%7C1b%7C1c,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:22,sinceFw:45,readyFired:true%7D&br=c
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:62e1:f694:ef6b:7146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDD 0
20 B 83ms
80ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0vEiMF9qZJ-9JKqTjuwP-YehgAUAAAAAOAHgBAI&bg=!VValVgLNAAZ8_aWmXP07ADkAdvg8Wkd_MCzIHnRfsmVgdWr-l5GZvM-ufJIaO2-VtsSNnA4lipeHNN9r9mcnP9FjCYQ2RioFJCICAAAAtlIAAAABaAEHCgAQzUXa1gH8tW7e1MQc5fvcJZkC9b_qjI5rTc1u4h-atKaAS6x3FLCFcaRW7YRlraDZk67cmsjpGYnTe_BPX9cEs5qBPVJQ3LpKvehMYaxL7VK7VGYoLJ9gBasG8KyZzzvY7ar3SfMkj6qdMqrP0jr9f0nQqzRGm2Y1x1R1Va6JTTuFvJzLqs63ec0ia0p8Rqdwj6lzXwvYM-YEgjcnY_XGezXdSjL7wFvdcmtZjMNZpi_Ol-A0vyJ5SG_ji1hydH8VE9WO6qiKsBHp0aOjcLYDZD_hLwxu9fndk4Pp5TKMx113d6PEOJ3PJLXw6Ud6A1sVLPLAcOY5zgYJyOIueVVywVrAeSDaxNhh0FA1dWPPcnOi1nK5SRQX8oeZgbLPaJB1Ctc9lEt9Il2cwXVvveSLKN-S3dg23EuvzaBulXWHmoGDHLCY86SEqZu2_cEIf8W2s2_hMpoHzhcckPL4r4QsHg3trknJm3E7egNLQSC7KxH3fCCL3SO64Y9iG7FOsZrylFPZAzUiF03ichOfs1fVR4ebexHSdpcTb6_eDIGDvviUtLUtDpPEs5Ih0-fqX7bLDFahFZT5im3-Qno9P_VOXp15M-bJ7sRjoIAjrrGAxXTRGiHnyCCit8Ayk0TO3zgwGER--My_zEXP26YvzauFM-fGgO9SPrgIrK2Tfym425uQ5kN1AxeARac9WWzI2FYQpYmnxropKNzmNRVKbUCIpwhVb_x72B-cgQ88aFhQKZ6diLUtGIrEZPX0oK_Hb6mfI_zy0W7nWuIrx8CKZXWUeudhWJn9sUOA9cmDtUZipkoJS4rgFXh0eBT0vnx_76NBhtk5pxgjQDGtceqrgV8gPzdJNKqI1Z3Ioqy0zTuw9yp8DMK4xF5XYtIwbWlJEkjN0BY7CmsJ0L6lSHk5iY81a3nle9LTXlPxUu2zrGd41QhiYgZDPCM6sRZ31pdNG26O_3dQ2bM0PySIsXz-6CfeN7VPcb9MS-DIe28o4jgP1jlFC3LoHqpvmzmbMPZVG39zgeJjVJ9vZJo

Requested by

Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK open-account Show response
www.bet365.de/olp/ Frame B8E9 5 KB
5 KB 178ms
80ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Requested by: Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe2e6d1beebb9447362ee2e0654a7fdf3916a40cc9f50d576538f91626b0eb9

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7caeca946ead1c9b-FRA
Connection: keep-alive
Date: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
ServerDetails:
Transfer-Encoding: chunked

GET
H/1.1 200
OK open-account Show response
www.bet365.de/olp/ Frame 2426 5 KB
5 KB 172ms
80ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Requested by: Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe2e6d1beebb9447362ee2e0654a7fdf3916a40cc9f50d576538f91626b0eb9

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7caeca94690b916e-FRA
Connection: keep-alive
Content-Length: 4678
Date: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
ServerDetails:

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK sWTAj2Es4FHeWiLHke7dLcuvW8t6hivI6GDR9Jns.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-DE/banner/ 22 KB
23 KB 56ms
56ms Image
image/jpeg 52.95.142.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-DE/banner/sWTAj2Es4FHeWiLHke7dLcuvW8t6hivI6GDR9Jns.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.142.22 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e6f3369b246015e8e19f4039bdfb975d8a3ab412527a7921e0f9b6227c26b79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Last-Modified: Thu, 07 Oct 2021 15:19:44 GMT
Server: AmazonS3
x-amz-request-id: KJD7ZVCDWR6D71R4
ETag: "2b5e53a8cef09fa43cc19622cd91f965"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 22814
x-amz-id-2: WrmlYK0HTh2AOuqs55NxNDMkauu0MbCysJ1Eo6tasXUnJt3JBZB/aUcd6+1auN+xKl4UsTS4FUg=

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 107F 42 B
64 B 84ms
83ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvackp0OWbVMIVh83OaxdqukGLtAFlg3o_PyNh5hZu0bHP2AcBpPh1PJXXxU-wZn9NVa_u3TbGkZLYZyGPVX2St2ox3x-A0TBAh89aexapnIH7nOdqOraKJ-P9E5VHpzhkiQY5h72BMtXmuQrPiA07hpz6GJGqpecJ&sai=AMfl-YQDP41i1lg6fFjaAxiiUk0l0nhQRrA7Y-hTu9zKyvIUZ3fR0oLSiZQd7csgJRZXmd3uZBz7k6xuiX-tebGR5pBVgslW-P1s4xco2fG7i0A4KmFBcm8TuyYVeU-F&sig=Cg0ArKJSzP_aRemYgQcvEAE&cid=CAQSPABygQiDRPT8_3cNoIuQt4qmDvZ5ozP2m3hbQku0-2jqD0-WnU4-St8RBMxFzNTjQtQAZNnGMiEIjVYzIBgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=433&tls=1444&g=100&h=100&tt=1444&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6FD6 42 B
64 B 83ms
82ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfKNP0V45ysLsRdkZCoWqUOCz3667RLUnq2-kq1do86dBqz_BDUX45XUkPeTCGlPzG-YvO1M6ZzZfqA2FG901pzly774KsV8b-QAKi7GRitMhoTTPqVukiCw2HdaJMHbha-a3hZ9FQKL88LSxTx79tsUA99w6tcW9h&sai=AMfl-YR2Qis0emJ6tUVj79_4i3-zVwuAsm-83ZWs2BGUa7MUy6HF5sOE781xqAXmvKYT9naGPdU_KWXPZyXa4gbtx27pDKH3UfCQh2eGdQXeP6KQ3NqPI9oAV_RbpP9I&sig=Cg0ArKJSzDpfHrO_ae-HEAE&cid=CAQSPABygQiDmF_68ouuJ9BDCTLRYeo4GBAVzOpRpL9nPv4R91y56UdIG3LCD4YB3Li_n3WZPMDJIhpxArBc7xgB&id=ampim&o=298,884&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=381&tls=1382&g=100&h=100&tt=1382&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2426 107 KB
42 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24109841bbf2440b83b2276411c7d6d1aa634c572c29e49c2fd9545e9452db58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:05 GMT

GET
H/1.1 200
OK open-account Show response
www.bet365.de/olpc/de/75/0/1/ Frame 5F5F 47 KB
14 KB 56ms
56ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bet365.de/olpc/de/75/0/1/open-account

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bc7b55137b6b264bd6069823ec2b3587f7edcaa5bcc298a82cf2e5debde55d

Security Headers

Name

Value

Content-Security-Policy

default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.de/ https://content001.bet365.de/SportsContent/ 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';font-src 'self' data: 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4='; connect-src 'self' *.bet365.de

Request headers

Referer: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7839
CF-Cache-Status: HIT
CF-RAY: 7caeca950fc61c9b-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13191
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.de/ https://content001.bet365.de/SportsContent/ 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';font-src 'self' data: 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4='; connect-src 'self' *.bet365.de
Content-Type: text/html; charset=utf-8
Date: Sun, 21 May 2023 18:13:05 GMT
Last-Modified: Sun, 21 May 2023 15:56:43 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame BE7C 84 B
816 B 291ms
184ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01054176
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://www.bet365.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7caeca95b90a35f7-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Sun, 21 May 2023 18:13:05 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B8E9 107 KB
42 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35f5057458f380131d8993ae022721db685d28e12c6295cf462011c1964a876e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:05 GMT

GET
H/1.1 200
OK open-account Show response
www.bet365.de/olpc/de/75/0/1/ Frame 646A 47 KB
14 KB 53ms
53ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bet365.de/olpc/de/75/0/1/open-account

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bc7b55137b6b264bd6069823ec2b3587f7edcaa5bcc298a82cf2e5debde55d

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7656
CF-Cache-Status: HIT
CF-RAY: 7caeca951a32916e-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13191
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.de/ https://content001.bet365.de/SportsContent/ 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4=';font-src 'self' data: 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4='; connect-src 'self' *.bet365.de
Content-Type: text/html; charset=utf-8
Date: Sun, 21 May 2023 18:13:05 GMT
Last-Modified: Sun, 21 May 2023 15:56:43 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame 8053 84 B
816 B 276ms
173ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01054176
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01054176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://www.bet365.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7caeca95ba50bbbf-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Sun, 21 May 2023 18:13:05 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK FTN45__W.woff2
www.bet365.de/olpc/Content/Fonts/ Frame 5F5F 45 KB
45 KB 74ms
72ms Font
application/octet-stream 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/Content/Fonts/FTN45__W.woff2
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751

Request headers

Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:51 GMT
Server: cloudflare
Age: 8425
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca9568841c9b-FRA
Content-Length: 45892

GET
H/1.1 200
OK olpc-styles.css
www.bet365.de/olpc/ Frame 5F5F 411 KB
126 KB 99ms
96ms Stylesheet
text/css 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55432b90d51596234bde8ca5f6373e363a6e9b66485ca09a1aec1057444daf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 21 May 2023 10:08:16 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 7caeca956abe916e-FRA
Expires: Mon, 20 May 2024 10:08:16 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 5F5F 10 KB
4 KB 196ms
113ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938be9a666ad7c7f2d3433915964417613c1a0a3a7de7261f7f9420747f9702e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7caeca95ef983603-FRA
Expires: 0

GET
H/1.1 200
OK olpc-scripts.js Show response
www.bet365.de/olpc/ Frame 5F5F 30 KB
11 KB 181ms
97ms Script
text/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-scripts.js?v=N8y4kikiBy9Rd_i8CnkglpTTlOhXHDER-KQPzCfiHrI1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7989b98fc2d7be785da753fe469d9a107e8fc3af43960ed891c01c222f81be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 21 May 2023 10:08:38 GMT
Server: cloudflare
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca95e99f1c2c-FRA
Content-Length: 10464
Expires: Mon, 20 May 2024 10:08:38 GMT

GET
H/1.1 200
OK Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 15 KB
6 KB 191ms
91ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:23 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca972a5a1952-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Paysafe%20Card.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 9 KB
4 KB 243ms
159ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:14:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca977cb5362d-FRA
Content-Length: 3828
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 7 KB
3 KB 183ms
98ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca97add39b98-FRA
Content-Length: 2832
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK PayZ_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 3 KB
2 KB 142ms
55ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/PayZ_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 10:24:00 GMT
Server: cloudflare
Age: 281520
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca97a9c2199b-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 3 KB
2 KB 168ms
79ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
Age: 281511
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca97aae0365c-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK GordonMoody-GT-x2_Grey99.png
content001.bet365.de/SportsContent/Global/Footer/GordonMoody/ Frame 5F5F 5 KB
6 KB 207ms
114ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca97bbfb2c43-FRA
Content-Length: 5324
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK SPORTSX1-ESSA_2.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 5F5F 6 KB
7 KB 207ms
94ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca987ddd362d-FRA
Content-Length: 6386
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK GGL_Grey-2x.png
content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/ Frame 5F5F 2 KB
2 KB 197ms
100ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/GGL_Grey-2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac97b0520a8964b7bbb241a4f2d43f8c473b25b2946451a0dee98d0287a6ab32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 20 Dec 2022 10:14:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca989b4f199b-FRA
Content-Length: 1659
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK eCogra-Horizontal2x.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 5F5F 2 KB
2 KB 153ms
82ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/eCogra-Horizontal2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca989f4b9b98-FRA
Content-Length: 1671
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK SPORTSX2-18.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 5F5F 4 KB
5 KB 153ms
92ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX2-18.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca98ad151952-FRA
Content-Length: 4400
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK bet365%20grey%20footer%20logo.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 5F5F 8 KB
8 KB 195ms
94ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca990e6f362d-FRA
Content-Length: 7868
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 5F5F 990 B
1 KB 97ms
96ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4094ffd20746cae36783c5571087d3d4d84f2a09f67597c2db80fb534da214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7caeca972dd6047e-FRA
Expires: 0

GET
H/1.1 200
OK FTN45__W.woff2
www.bet365.de/olpc/Content/Fonts/ Frame 646A 45 KB
45 KB 137ms
55ms Font
application/octet-stream 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/Content/Fonts/FTN45__W.woff2
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751

Request headers

Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:51 GMT
Server: cloudflare
Age: 8330
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca95ebe9047e-FRA
Content-Length: 45892

GET
H/1.1 200
OK olpc-styles.css
www.bet365.de/olpc/ Frame 646A 411 KB
126 KB 171ms
93ms Stylesheet
text/css 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55432b90d51596234bde8ca5f6373e363a6e9b66485ca09a1aec1057444daf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 21 May 2023 10:08:16 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 7caeca95e9571cbb-FRA
Expires: Mon, 20 May 2024 10:08:16 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 646A 10 KB
4 KB 223ms
137ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938be9a666ad7c7f2d3433915964417613c1a0a3a7de7261f7f9420747f9702e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7caeca95f9581c9b-FRA
Expires: 0

GET
H/1.1 200
OK olpc-scripts.js Show response
www.bet365.de/olpc/ Frame 646A 30 KB
11 KB 270ms
93ms Script
text/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-scripts.js?v=N8y4kikiBy9Rd_i8CnkglpTTlOhXHDER-KQPzCfiHrI1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7989b98fc2d7be785da753fe469d9a107e8fc3af43960ed891c01c222f81be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 21 May 2023 10:08:38 GMT
Server: cloudflare
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca968cd0047e-FRA
Content-Length: 10464
Expires: Mon, 20 May 2024 10:08:38 GMT

GET
H/1.1 200
OK Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 15 KB
6 KB 128ms
86ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:23 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca97bb7c1952-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Paysafe%20Card.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 9 KB
4 KB 160ms
94ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:14:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca980a6d199b-FRA
Content-Length: 3828
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 7 KB
3 KB 167ms
89ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca982bc1365c-FRA
Content-Length: 2832
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK PayZ_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 3 KB
2 KB 148ms
54ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/PayZ_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 10:24:00 GMT
Server: cloudflare
Age: 281515
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca984ec59b98-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 3 KB
2 KB 154ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
Age: 281515
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca985c771952-FRA
Expires: Fri, 26 May 2023 18:13:05 GMT

GET
H/1.1 200
OK GordonMoody-GT-x2_Grey99.png
content001.bet365.de/SportsContent/Global/Footer/GordonMoody/ Frame 646A 5 KB
6 KB 218ms
101ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca986d732c43-FRA
Content-Length: 5324
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK SPORTSX1-ESSA_2.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 646A 6 KB
7 KB 148ms
78ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca98bce5365c-FRA
Content-Length: 6386
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK GGL_Grey-2x.png
content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/ Frame 646A 2 KB
2 KB 176ms
92ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/GGL_Grey-2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac97b0520a8964b7bbb241a4f2d43f8c473b25b2946451a0dee98d0287a6ab32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 20 Dec 2022 10:14:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca992fff9b98-FRA
Content-Length: 1659
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK eCogra-Horizontal2x.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 646A 2 KB
2 KB 192ms
93ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/eCogra-Horizontal2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca993da4365c-FRA
Content-Length: 1671
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK SPORTSX2-18.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 646A 4 KB
5 KB 230ms
137ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX2-18.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca993e581952-FRA
Content-Length: 4400
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK bet365%20grey%20footer%20logo.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 646A 8 KB
8 KB 174ms
92ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca993c59199b-FRA
Content-Length: 7868
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 646A 990 B
1 KB 96ms
95ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294ff47268bdd4071a4c8d4b2b430a3e8b2f69bd0962027f8b7cc44ab4b0dacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 21 May 2023 18:13:05 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7caeca97bf0d916e-FRA
Expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame DE87 0
234 B 787ms
302ms Ping
image/gif 2a00:1450:401a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhxql44a&c=5929482499296&slotId=2964741249648&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 118ms
116ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=c+Yn7V2V58tVTtOLF1gsUse3EcP4Mtyq05rBMsYZ5xykpF/NXyrhlNfjnsFcfINuaj5uaWtlk6Dxxkv9Ibp+PPr+kwIu45DfgPgR9EeRFc838RjBpHklrW1MTFHo0NTdWJGxCWdmab7RsEx4gcajJHs/3O5WSskiuc1WbMFuU363m3aHp3CYYdezrNbbpPMo3PxKcgugNBvyWyb/GXdPepFH8gl9PSYCw5MvNTyBmb9dUAUTjNDHaTjXmYVJZAZir0Hj7Pi6YSRRC9UMB06JK8DNmQrmtWZfAXm1+5lWClV8O8Mt4+XJY9LFFZxTCdrpxNPZ+2Gs7flVzHpXs6bGLNnT/GN7oGCbIQNmJvMAy2uAhKbNEnzueMmffwcoXi3r&cb=81303836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
51ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 118ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=y9ZcuHxwCDjp7yFxRN6ozce3EcP4Mtyq05rBMsYZ5xykpF/NXyrhlNfjnsFcfINuaj5uaWtlk6Dxxkv9Ibp+PPr+kwIu45DfgPgR9EeRFc838RjBpHklrW1MTFHo0NTdWJGxCWdmab7RsEx4gcajJHs/3O5WSskiuc1WbMFuU363m3aHp3CYYdezrNbbpPMo3PxKcgugNBvyWyb/GXdPepFH8gl9PSYCw5MvNTyBmb9dUAUTjNDHaTjXmYVJZAZir0Hj7Pi6YSRRC9UMB06JKyC7afDHD3pBxhWI5nN78VGr0cskPAi1wO6n0eNjo2HqxNPZ+2Gs7flVzHpXs6bGLNnT/GN7oGCbIQNmJvMAy2uAhKbNEnzueMmffwcoXi3r&cb=28963284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
server: nginx/1.6.2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2426 249 KB
84 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca81e92afddd31983e87289302f8509ef0c11859698dd5892e1c3edaf2d8bfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:05 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE87 84 KB
17 KB 299ms
299ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C6887%2Fvideo_1%2FVEGATRVD_correiobraziliense.com.br&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3756279637019930&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.574.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1599581099&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.574.0&sid=126783D6-584E-4064-A6C7-296584DDA75D&a3p=EhwKDWNyd2RjbnRybC5uZXQYqJ6P_IMxSABSAghkEhkKCnB1YmNpZC5vcmcYp6CP_IMxSABSAghqEsIBCghydGJob3VzZRKsAVAxVkdheTRsR3lEdnpRKzM2Nzc4Zno0RFRVQWE3L3ZJYmtmMFFQT3VDdDRuRHR2bnpaYUt2STROWkd1dWI3cmhCNmdCOTZidWl3aGNNU3pCVkoxd2dlaHJKVDNINEk3S1lqNGdMUU5BOU5Ld3hTNjMwTzJERTFOWmkxcnc4azQ5clJuamw0NmRSL05nMU9xQTRPbW9DNFIybENIcWsxZ0k1R1cwRHlqWUpsTT0YqKKP_IMxSAASHQoOZXNwLmNyaXRlby5jb20YqJ6P_IMxSABSAghkEhkKCnVpZGFwaS5jb20YqJ6P_IMxSABSAghkEhQKBW9wZW54GMGij_yDMUgAUgIIbxIbCgxpZDUtc3luYy5jb20Yx6GP_IMxSABSAghq&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dlt=1684692782329&idt=2353&dt=1684692785552&cookie=ID%3Dbd3900a8978da11c%3AT%3D1684692782%3AS%3DALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q&gpic=UID%3D00000c18da6076f2%3AT%3D1684692782%3ART%3D1684692782%3AS%3DALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw&scor=1510962550700535&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c1bc357fed9d964c2b5da9e2215e4d18454cfd90949406fec57169ae38383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17465
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C25B 43 B
215 B 188ms
188ms Image
image/gif 2600:1f13:800:7780:62e1:f694:ef6b:7146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=53cee079-8e8c-fe93-63ee-b718dc08024f&tv=%7Bc:dh2LYb,pingTime:-10,time:535,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684692785583%7C%7C1650608a7ec6c50fb502d38af34dd39f%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C316976f3101536f097a9e32850f73ce2%7C%7C28a6deb15139d126e9c351270f5a71d9%7C%7C22e78877f03843ca9bcfb86175be8e3c%7C%7Ce53ba168042e74ef45a2eccb6b2f50c8%7C%7Cc0e01ac6f7efff6f4c745204b7138c2a%7C%7C1663701684%7D
Requested by: Host: 49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
URL: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:62e1:f694:ef6b:7146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B8E9 249 KB
84 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46d5b4e2f7a0431f40770f28e2c0cb8a6d4ce2a4da76d637fbf82d8de2d8a8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 May 2023 18:13:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 2426 0
71 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je35h0&_p=1015230215&gcs=G1-0&cid=1889156381.1684692786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684692785&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.de%2Folp%2Fopen-account%3Faffiliate%3D365_01054176&dr=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Er%C3%B6ffnungsangebot&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bet365.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame B8E9 0
54 B 50ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je35h0&_p=1035958656&gcs=G1-0&cid=1956130055.1684692786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684692785&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.de%2Folp%2Fopen-account%3Faffiliate%3D365_01054176&dr=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Er%C3%B6ffnungsangebot&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bet365.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 15 KB
7 KB 191ms
95ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:23 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca990e3e2c43-FRA
Content-Length: 6232
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Paysafe%20Card.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 9 KB
4 KB 190ms
93ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:14:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca99aef8362d-FRA
Content-Length: 3828
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 7 KB
3 KB 185ms
91ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca99b8d49b98-FRA
Content-Length: 2832
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK PayZ_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 3 KB
2 KB 153ms
57ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/PayZ_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 10:24:00 GMT
Server: cloudflare
Age: 281521
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca99dd55199b-FRA
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 5F5F 3 KB
2 KB 195ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
Age: 281516
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca9a2fe21952-FRA
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Chevron_Down.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 5F5F 199 B
547 B 57ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/Chevron_Down.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f186fc1469627d743e88bb77d005608c5580f6032e801f2ab942c31bcf42182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 199
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:46 GMT
Server: cloudflare
Age: 8424
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca972be41cbb-FRA
Content-Length: 174

GET
H/1.1 200
OK bet365logo-stacked.svg
www.bet365.de/olpc/Content/images/ Frame 5F5F 2 KB
1 KB 52ms
51ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/bet365logo-stacked.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f739714c83b91b19dd79e0515931a2121df2cc76aaff41686734154f1368d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 1726
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8355
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca972b741c9b-FRA
Content-Length: 916

GET
H/1.1 200
OK BasketballSoccerTennis_414-2x.jpg
content001.bet365.de/SportsContent/Promotions/LandingPages/ Frame 5F5F 97 KB
98 KB 200ms
114ms Image
image/jpeg 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Promotions/LandingPages/BasketballSoccerTennis_414-2x.jpg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d35edf1d5969e98504cf78d3c75c4d1ab251dd2b0e13de6f0e7644b88c9c35d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Cf-Bgj: h2pri
Last-Modified: Tue, 11 Aug 2020 07:55:09 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca9a3dd7199b-FRA
Content-Length: 99725
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK 1-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 5F5F 608 B
735 B 57ms
57ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/1-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f078ca623c3813651d83fc26109372a0d380c6e913b31acff317e40bc4dab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 608
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8414
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca9729e83603-FRA
Content-Length: 362

GET
H/1.1 200
OK 2-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 5F5F 895 B
886 B 52ms
51ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/2-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b0a25611d72619c84f6fd73f37803c487a1d76bccb7d69667468f6d9ae47226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 895
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8370
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca977bf81c9b-FRA
Content-Length: 513

GET
H/1.1 200
OK 3-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 5F5F 1 KB
959 B 60ms
57ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/3-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51818d54518d88d4fa04b2348319e3a94716fa6e2710f050aa1b5c3b6247866a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 1073
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:50 GMT
Server: cloudflare
Age: 8376
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca978c8a1cbb-FRA
Content-Length: 585

GET
H/1.1 200
OK FTN65__W.woff2
www.bet365.de/olpc/Content/Fonts/ Frame 5F5F 47 KB
47 KB 54ms
53ms Font
application/octet-stream 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/Content/Fonts/FTN65__W.woff2
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972d79302a870930285d018117ee9631df364aa903e7a9606592532389f7f82a

Request headers

Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:52:54 GMT
Server: cloudflare
Age: 7865
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca972e2e916e-FRA
Content-Length: 47732

GET
DATA 200
OK truncated
/ Frame 5F5F 8 KB
8 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80016c93b52d6e02b0a6f3d70e0cb3ab14daec15c724ea1d25fc1b9817f63d09

Request headers

Referer
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H2 204 csi
csi.gstatic.com/ Frame DE87 0
54 B 470ms
302ms Ping
image/gif 2a00:1450:401a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhxql4rz&c=5929482499296&slotId=2964741249648&ghmsh_eids=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 15 KB
7 KB 199ms
101ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:23 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca99af262c43-FRA
Content-Length: 6232
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Paysafe%20Card.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 9 KB
4 KB 186ms
90ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:14:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca99de91365c-FRA
Content-Length: 3828
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 7 KB
3 KB 205ms
117ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca9a4fb0362d-FRA
Content-Length: 2832
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK PayZ_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 3 KB
2 KB 129ms
53ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/PayZ_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 10:24:00 GMT
Server: cloudflare
Age: 281516
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca9a49b39b98-FRA
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 646A 3 KB
2 KB 147ms
60ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
Age: 281517
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7caeca9a68072c43-FRA
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
DATA 200
OK truncated
/ Frame 646A 8 KB
0 Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK Chevron_Down.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 646A 199 B
547 B 57ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/Chevron_Down.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f186fc1469627d743e88bb77d005608c5580f6032e801f2ab942c31bcf42182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 199
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:46 GMT
Server: cloudflare
Age: 8402
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca97baf53603-FRA
Content-Length: 174

GET
H/1.1 200
OK bet365logo-stacked.svg
www.bet365.de/olpc/Content/images/ Frame 646A 2 KB
1 KB 57ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/bet365logo-stacked.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f739714c83b91b19dd79e0515931a2121df2cc76aaff41686734154f1368d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 1726
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8355
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca97bca51c2c-FRA
Content-Length: 916

GET
H/1.1 200
OK BasketballSoccerTennis_414-2x.jpg
content001.bet365.de/SportsContent/Promotions/LandingPages/ Frame 646A 97 KB
98 KB 135ms
89ms Image
image/jpeg 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Promotions/LandingPages/BasketballSoccerTennis_414-2x.jpg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d35edf1d5969e98504cf78d3c75c4d1ab251dd2b0e13de6f0e7644b88c9c35d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
CF-Cache-Status: REVALIDATED
Cf-Bgj: h2pri
Last-Modified: Tue, 11 Aug 2020 07:55:09 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7caeca9a6f5a365c-FRA
Content-Length: 99725
Expires: Fri, 26 May 2023 18:13:06 GMT

GET
H/1.1 200
OK 1-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 646A 608 B
735 B 57ms
54ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/1-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f078ca623c3813651d83fc26109372a0d380c6e913b31acff317e40bc4dab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 608
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8397
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca97bebf047e-FRA
Content-Length: 362

GET
H/1.1 200
OK 2-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 646A 895 B
886 B 51ms
50ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/2-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b0a25611d72619c84f6fd73f37803c487a1d76bccb7d69667468f6d9ae47226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 895
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:52 GMT
Server: cloudflare
Age: 8387
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca981f52047e-FRA
Content-Length: 513

GET
H/1.1 200
OK 3-mobile.svg
www.bet365.de/olpc/Content/images/LandingPages/ Frame 646A 1 KB
959 B 52ms
51ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet365.de/olpc/Content/images/LandingPages/3-mobile.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51818d54518d88d4fa04b2348319e3a94716fa6e2710f050aa1b5c3b6247866a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Cteonnt-Length: 1073
Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:51:50 GMT
Server: cloudflare
Age: 8376
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca981d181c2c-FRA
Content-Length: 585

GET
H/1.1 200
OK FTN65__W.woff2
www.bet365.de/olpc/Content/Fonts/ Frame 646A 47 KB
47 KB 67ms
54ms Font
application/octet-stream 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/Content/Fonts/FTN65__W.woff2
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972d79302a870930285d018117ee9631df364aa903e7a9606592532389f7f82a

Request headers

Referer: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 15:52:54 GMT
Server: cloudflare
Age: 8157
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7caeca97dc6f1c9b-FRA
Content-Length: 47732

POST
H2 204 csi
csi.gstatic.com/ Frame DE87 0
54 B 422ms
302ms Ping
image/gif 2a00:1450:401a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lhxql50r&c=5929482499296&slotId=2964741249648&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=rZ-W76sj15s&hghme=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DE87 0
54 B 412ms
307ms Ping
image/gif 2a00:1450:401a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lhxql524&c=5929482499296&slotId=2964741249648&qqid=COylq9iBh_8CFRVE5QodOm4DLQ&gqid=MV9qZMGPI7-m9u8Pw-2E2Ak&fb=ima_html5-lima&sdkv=h.3.574.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lhxql527~ghmsh_s.lhxql528&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CsAivVNeauLKNui5
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE87 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.574.0&e=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&id=ima_html5&c=4396355974693190&domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame DE87 453 B
478 B 44ms
41ms Image
image/png 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-6322541192886560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 17:26:18 GMT
x-content-type-options: nosniff
age: 2807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 18:16:18 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 83ms
81ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIRK6MV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEwAJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT7fQ9EhEG5BqrTewv2D8GuTwh9iB5GsoB5j6BYUVCpGcKKaKS9rhypkjcFCHI8AEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTixCYQMPGVCGkp4gAoDmAsByAsB0AsOuAwBmg0BDtgTDIgUAtAVAeIWAggB-BYBgBcB&sigh=TiFpmPDAH44&label=show_ad&sdkv=h.3.574.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiMQDyUAAHBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame DE87 0
0 81ms
78ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CYaBlMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQzvjpB6gIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHCEwYYsLqh1wPYEwyIFALQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi02ODE3NDk1NzY1NzUxMTg5GNL9dg&sigh=FR5l09TgsAE&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDhV8PMY7LpqWifXQ7hL81prprza_i-71tlBUFKtK2UvUAK3hLqgmp9QyvernsM01kJCKAOQndYRgB&vt=10&sdkv=h.3.574.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiMQDyUAAHBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 5F5F 308 KB
178 KB 57ms
54ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AADddz-IAQAAOzXEjw5JO8LkvsEuSCTd4GpuWLB4ZDEwnd9cSMU3JP5V9qm6&PIRXTcSdwp--z=q
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103be1ad473a199450bf7a39b7cb687f3068b06530f965f248284ac2e04759e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 18:00:00 GMT
Server: cloudflare
x-bet-hop: 1
Age: 785
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
CF-RAY: 7caeca981d941cbb-FRA

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 116ms
116ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=cj0izDlHMOhJfkWbU+a2s3eAlr+M7Sdea6NfhmNQxCjRWqszvBPfqwBlI1FSE+xAZFOgFwbcdTWjQkjXRt7l8vdTrUCevWlC+p0wrkzBfBcm544WOiZHwZWlCm5JQ0uGUMn6s3stWb13nCSmInk70zAP6Bq4FWI42T0JcxhlYVlKtg87vE2RuhnxilX3zl6xBTIkG9MBe9arhVZtDGDZ9E57EtMiB1dorbHqK0LcHbUdO8uHWBv7fkDq9mqcg+OPBaS/10up9yQ1LbhdixRbf5+r6FDLU2F4/zN+4EpL9VLVwCx4DNVjQ3adJFpFpVi8mqSmikdsAFXzFI1WdRMwMYhLLCr80EkYFvfSHTRuX2B1y+USe3cL8hjyu6IP2Dgb&cb=62073170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:05 GMT
server: nginx/1.6.2

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 377ms
302ms Ping
image/gif 2a00:1450:401a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lhxql3zm&c=5929482499296&slotId=2964741249648&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ 2 MB
2 MB 170ms
43ms Media
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1684721585&ei=MV9qZOaEMLKT4gH5zLmABg&ip=2a01:4a0:1338:92::5&id=ad9f96efab23d79b&itag=22&source=youtube&requiressl=yes&mh=qJ&mm=31&mn=sn-4g5e6nsk&ms=au&mv=m&mvi=5&pl=36&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.046&lmt=1669762518985809&mt=1684692314&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAIrQ8WA27TM_3cewmfkEFO7ESXS9oGzwlL3--H5l1sKwAiEAyZGFfd0lQtVMoUVeqhTEbHSjMq9g04GTqrKHxXuP840=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgIhftFwK4qh5yDzUnr424Wm_XDdWsmPVELWlmdVbrBSwCIQCbJyPOmyOnkH3-egW7OzJ-9DmS8cLdn4Jzm3KPORwA8g==&cpn=CsAivVNeauLKNui5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f89e762c6af97937466454722217d150b45d37c223e9094bd376a3d093eacbfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 21 May 2023 18:13:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Nov 2022 22:55:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1657658/1657659
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1657659
Expires: Sun, 21 May 2023 18:13:06 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 646A 308 KB
178 KB 59ms
58ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AADddz-IAQAAOzXEjw5JO8LkvsEuSCTd4GpuWLB4ZDEwnd9cSMU3JP5V9qm6&PIRXTcSdwp--z=q
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103be1ad473a199450bf7a39b7cb687f3068b06530f965f248284ac2e04759e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 18:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 21 May 2023 18:00:00 GMT
Server: cloudflare
x-bet-hop: 1
Age: 785
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
CF-RAY: 7caeca985872916e-FRA

GET 1
ponos.zeronaught.com/ Frame 5F5F 0
0

GET
H2

200

/
www.betano.de/ Frame 1582
Redirect Chain

https://www.betano.de/?btag=a_8989b_817c_&utm_medium=2526&utm_source=2&siteid=8989
https://www.betano.de/?utm_medium=2526&utm_source=2&siteid=8989

0
0

121ms
120ms

Document
text/html

2606:4700::6812:9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betano.de/?utm_medium=2526&utm_source=2&siteid=8989

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.de:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 7caeca9bdb4f371c-FRA
content-encoding: gzip
content-security-policy: frame-ancestors https://*.betano.de:*
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 18:13:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-farm: DE-SB02
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 7caeca9b3a0d371c-FRA
content-length: 0
date: Sun, 21 May 2023 18:13:06 GMT
location: /?utm_medium=2526&utm_source=2&siteid=8989
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable-status: 302
x-content-type-options: nosniff
x-farm: DE-SB02
x-xss-protection: 1; mode=block

GET
H2 200 cm
us-u.openx.net/w/1.0/ 43 B
219 B 73ms
53ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=434c30a9-1b07-4197-932f-2c14ed10941b&google_hm=NDM0YzMwYTktMWIwNy00MTk3LTkzMmYtMmMxNGVkMTA5NDFi
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBpdbgLD5lkEWqZTsK1jfJA&google_cver=1&ssp=medianet&bsw_param=434c30a9-1b07-4197-932f-2c14ed10941b
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=434c30a9-1b07-4197-932f-2c14ed10941b&gdpr=&gdpr_consent=&gdpr_pd=

61 B
481 B

70ms
69ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=434c30a9-1b07-4197-932f-2c14ed10941b&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 18:13:06 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sun, 21 May 2023 18:13:06 GMT

Redirect headers

location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=434c30a9-1b07-4197-932f-2c14ed10941b&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 21 May 2023 18:13:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=EbP4mKyg1Q0Nyi5

61 B
639 B

61ms
58ms

Image
image/gif

23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=EbP4mKyg1Q0Nyi5
Protocol: HTTP/1.1
Server: 23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:06 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 61
x-mnet-hl2: E
Expires: Sun, 21 May 2023 18:13:06 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=EbP4mKyg1Q0Nyi5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 60 B
426 B 157ms
52ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 18:13:06 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 60
x-mnet-hl2: E
Expires: Sun, 21 May 2023 18:13:06 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5eb19b83-112c-4607-a39d-cc978f9f20ab

61 B
632 B

218ms
112ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5eb19b83-112c-4607-a39d-cc978f9f20ab

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 18:13:06 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sun, 21 May 2023 18:13:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5eb19b83-112c-4607-a39d-cc978f9f20ab
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 605993
content-length: 0
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIRK6MV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEwAJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT7fQ9EhEG5BqrTewv2D8GuTwh9iB5GsoB5j6BYUVCpGcKKaKS9rhypkjcFCHI8AEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTixCYQMPGVCGkp4gAoDmAsByAsB0AsOuAwBmg0BDtgTDIgUAtAVAeIWAggB-BYBgBcB&sigh=TiFpmPDAH44&label=video_ad_loaded&sdkv=h.3.574.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiMQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ServerTime
extra.bet365.de/ Frame 5F5F 0
0

POST cookieconsentajax
www.bet365.de/olpc/de/75/0/1/ Frame 5F5F 0
0

POST collect
region1.google-analytics.com/g/ Frame 2426 0
0

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame DE87 41 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 07:12:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE87 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.574.0&e=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&id=ima_html5&c=4396355974693190&domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame DE87 0
0 84ms
84ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CYaBlMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQzvjpB6gIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHCEwYYsLqh1wPYEwyIFALQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi02ODE3NDk1NzY1NzUxMTg5GNL9dg&sigh=FR5l09TgsAE&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDhV8PMY7LpqWifXQ7hL81prprza_i-71tlBUFKtK2UvUAK3hLqgmp9QyvernsM01kJCKAOQndYRgB&sdkv=h.3.574.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 81ms
79ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfoJxMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHYEwyIFALQFQHiFgIIAfgWAYAXAQ&sigh=O83ip_cowkQ&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D953%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1200,960,1560,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2049%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1684692785910&sdkv=h.3.574.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiYQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNI1ARQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DE87 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8TMe-bli0AfkwshfW9IiYwD3rqDyeMIBFxQLtG0UvVjN1QEQwhR1BsbSmEwDUU0e8qgoxgcIlBPpsQoLs-yRFKj1_JknPlsuCJVX1LTgjoG33VRqTkfNC9HDfiT_8oa_5-j2E7lZ7zm0ojrjtva7_aioC28SFUszy&sai=AMfl-YS8ZLRn_HYYGuYBIVvEQTj94kE5u9w6-8lOueX6holbsGQ6Caawwdnl3GM4FQ3V5xepe23cqz2YM77ChN7R8YvtI2sqs4CWi-EKg8pldXYU0_n6xGKSxUlbhwMX&sig=Cg0ArKJSzG9zi9tbByNWEAE&cid=CAQSPABygQiDhV8PMY7LpqWifXQ7hL81prprza_i-71tlBUFKtK2UvUAK3hLqgmp9QyvernsM01kJCKAOQndYRgB&id=lidarv&acvw=sv%3D953%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1200,960,1560,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2050%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684692785910&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 81ms
80ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfoJxMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHYEwyIFALQFQHiFgIIAfgWAYAXAQ&sigh=O83ip_cowkQ&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D953%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1200,960,1560,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2051%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684692785910&sdkv=h.3.574.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiYQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNI1ARQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 82ms
81ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfoJxMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHYEwyIFALQFQHiFgIIAfgWAYAXAQ&sigh=O83ip_cowkQ&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=admute&ad_mt=0&acvw=sv%3D953%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1200,960,1560,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D48%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D48%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D48%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2054%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684692785910&sdkv=h.3.574.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiYQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNI1ARQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ServerTime
extra.bet365.de/ Frame 646A 0
0

POST cookieconsentajax
www.bet365.de/olpc/de/75/0/1/ Frame 646A 0
0

POST collect
region1.google-analytics.com/g/ Frame B8E9 0
0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 118ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=O2Ety1L0SGiPINaWF6MVy8e3EcP4Mtyq05rBMsYZ5xykpF/NXyrhlNfjnsFcfINuaj5uaWtlk6Dxxkv9Ibp+PPr+kwIu45DfgPgR9EeRFc838RjBpHklrW1MTFHo0NTdWJGxCWdmab7RsEx4gcajJHs/3O5WSskiuc1WbMFuU363m3aHp3CYYdezrNbbpPMo3PxKcgugNBvyWyb/GXdPepFH8gl9PSYCw5MvNTyBmb9dUAUTjNDHaTjXmYVJZAZir0Hj7Pi6YSRRC9UMB06JK8DNmQrmtWZfAXm1+5lWClXgS1xr2rAIuuhbizWHkDBPxNPZ+2Gs7flVzHpXs6bGLNnT/GN7oGCbIQNmJvMAy2uAhKbNEnzueMmffwcoXi3r&cb=20557015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:06 GMT
server: nginx/1.6.2

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C25B 0
0 91ms
76ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhkce-wFFdFZqgg0N423TduxKd9NpYlkeMmk03-NzaUHeUSq8dD3V2403rZpXGZF_F5CHDaW_5HVyYIGPJZQluDcCgKzQsVhxgb3FVvihKlBn7N6Wl4gdzEYRHfl8mLT7R9WV8g51E0_QrP37aJUqprOkPGIPMnPMBLI_qlZrFWxqpYuRXd5NPBw-qxRrYPb5ANivJgClJv_asIJnaz5p0RtljSb7wpzZHSIAzuj5DFTlLyDLWvBKyDWo3fNb9zQe_aI9-JRcmzHtxIxIjY-qh7b9l6WTwM_w84e7XCbKSqDTN4hGcJSjwFVBEENtlUIAMb2tF5Z8A2uMygxsalkxl2iWXx1z0VxKBD1N6KjqfvBAg2LoMdJGLxhb6wKRvw9i34kXPQ096vVzLOCyQVDD95ptRdbfVl2WHSYPG3-jNjp7H9ORQc_nMu0hTcpUnwO7fQQICIRYDkziBaRv4eN4I2XnJ8vOSOiTX5ePl0OWrzwbWQRGIgHyErsZbs9BK2R9bYVyZCJAkxFlfh39XVFdEDgfmLDJTXNxTSvXBmFSIICXsJvCEPBnJ44xqmi_rfV-FGfvDfvg-lFNBGM5CbDhbM_MlN7a5qdIcXNLM-VcobF5W1Kke22zE6u9VBbmanC8Ss2EQJwmzHVjM9gEmihcRddOq-2OBnPgaUjG1vrR647naYRuAgfYXkyx4-fbqZmPcdlQFX2oJf7gXkfipc7Gq5H_WfFno6QYixpSjX6Ry7gjpNhy0UJjou-_vxSkKQuzAPG8cBUxh7ztkZpuUxu-XBHQcEClEGzfuyWbCP0iJiDOrYuKo4TXY0WxnvIpCR5sFl-aeQYLyJNkEYerHV_J2mdq9XXwgJucAJXX7IW7mRO4mkOPrIkNXjeW9WR1C0PuQFbjQ94PW--heBO2i-6Ikd70hwcRae6kWVG0YhjVva8C3o279b8-RJb5RhjfwEQZpvDlbOXFsCcuPM2Qbdyx55F_-P4cm50Uz1M9ER6WwjbkWuiXbj0XCHmp7vSPxCbRoDTovzYIUrO_b1n0Gv_-T7UVDoekcHIwpuLx5imyAcdykoqVZ1EvFcq20-Z_qVAXvlczLDPhTCtvrIEcHl0DPQwq0ON-lh5FSc9zLZUAog2UIpaLkvhqbGEc9KEzTEbEtyiikiVbkrrClq1BQs62jO5eqDbYOSSxI81ZxwnRLODpdFH7BCpl578QCEreNIx_ClNNWimllWNmAgx4In4erXEm6e8Vvinogdb0j_bkbOuMjYKfyOp7vsCIS3n1xpa5DthKWj4fzt2ZTb75Ub1B--8puJRECX4tz6txgKCyASdcSB9UrEv1ywepkqntZaUXX8N7ANzhxMbac_3wPJiulpevcx0MNQYNH5r1PqQ1EweiVb53IfAAo9Hz9ceEVeBKl93Y&sai=AMfl-YT-GHWlYx6weNQ6gAxykArcTtUPDLPmj0iF5v0BmOqlFwG_4w3e09-IaOActyP5uyBhTF-nCYTYaj9LNH7eaOpjl5WElpFSfIPJhDmagL3GqtmDlRe056ZO0Xh4wokfD0CsJPWpexqLc3gv3b8HaczRmHsVBFsmWe2dvlBgPb3Z7cyd6e60BYedgVSuifNHYgpVrWe2sI4a060yoDFZQRtDBeEUDjQJalgUr6Sk-gBluS22GkTI9EPW7Md3vM_V53DpO2Sd7N4DQvGk5uo6DhyeTVt1bYU&sig=Cg0ArKJSzOno3jey2i2VEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1908&vt=11&dtpt=1713&dett=3&cstd=192&cisv=r20230517.42216&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 18:13:06 GMT

GET
H3 200 bg1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 142 KB
142 KB 49ms
42ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/bg1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463b778d459aac2bb5dd17099e4c396db2aa1c9de6399d17239a6f91950858f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145292
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 bg2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 71 KB
71 KB 59ms
52ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/bg2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54266323336e8d64f70a00663955006935bd8634a7a1c78eec59a51f5f267ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73106
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 symbol.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 389 B
416 B 59ms
52ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/symbol.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef4b741afd0fcdf46637c90c1fc1837c3b7f69f69a637ca8a12db52b4e7713cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 symbol_last.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 443 B
470 B 66ms
59ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/symbol_last.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50df47da0db46f282089a4715dd53e2992597f46e283aea2a20b2a84d5804560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt1_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 69ms
62ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt1_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fe4dc01e876dc895850bf55aab908afb2650dccb3d37962a374524487abb6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1597
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt1_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 71ms
65ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt1_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f084af7f40a22369c3e784e67da9c39e231e6f324f9639c404be4bc60abba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 logo_corner.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 72ms
66ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/logo_corner.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8249609a5ea84e2fa5aa50189966514bfd1d0d348652c7457a410a08a0aedc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt2_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 72ms
66ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt2_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcd78dfd86fd205f786256498d893276ed9c083ec09911f9b04e0a8d073189e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt2_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 1 KB
1 KB 72ms
66ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt2_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d031d095f7b34cfd40cf7e16dcb057c9d61f2a527e61461254faec0f6e26c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1214
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L1.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 72ms
66ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a56749e5d70e82e70908949f3527f8c5455468e69b010c7868a8c64460dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L2.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 72ms
66ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b762d4f371a4124e6869a66ab7932199ab1847c7e558ac519dfc9ae992e369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2078
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 txt3_L3.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 72ms
67ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/txt3_L3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda246b0d41638ec15275ed1c61e7cfa72ee79a16274e4c1c329a5ae7ad5e850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1981
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 2 KB
2 KB 72ms
67ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669ab87d6e0da3d0dcbc8a19bfa9f0381259afed9e90306727c22af21958ac14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2283
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 981 B
1008 B 72ms
67ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b96f7c909bf426eb41e8d63b19ee5da9288e3c3e9d4fc6197c900a524ad425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 981
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 circle.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 724 B
751 B 73ms
67ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/circle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82038e32e5f87c7fe6a3d48daf77a8df949d6450f5d8b6d2b59ed61ee3fd9122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 724
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 arrow.png
s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/ Frame 0546 366 B
393 B 73ms
67ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/assets/arrow.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7fdfe188805d1ca16e9d4d8bd86d429672a9364190dffd01c5d1e628573234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9396404918395697136/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x250_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:05:56 GMT
x-content-type-options: nosniff
age: 184030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366
x-xss-protection: 0
last-modified: Thu, 04 May 2023 19:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 May 2024 15:05:56 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame B810 23 KB
9 KB 45ms
45ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:12:47 GMT
expires: Sat, 18 May 2024 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 playback
www.youtube.com/api/stats/ Frame DE87 0
0 140ms
47ms Image
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&el=adunit&cpn=CsAivVNeauLKNui5&docid=rZ-W76sj15s&visitordata=Cgt2eVM5VEFQaFFGdw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.214&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=113.0.5672.126&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame B810 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 May 2024 10:06:26 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C25B 43 B
215 B 187ms
186ms Image
image/gif 2600:1f13:800:7780:62e1:f694:ef6b:7146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=53cee079-8e8c-fe93-63ee-b718dc08024f&tv=%7Bc:dh2Mhd,time:1715,type:e,im:%7Bpci:%7Btdr:1539%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1715,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1707~0%5D,as:%5B1707~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:257,fm:tEUTeOY+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19*.1450266-71191499%7C191%7C192%7C1931%7C194%7C1a%7C1b%7C1c,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:219%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:62e1:f694:ef6b:7146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B810 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.574.0&bgai=BJLLiMV9qZKzJJZWIlQe63I3oAgAAAAA4AboFEwiB7KjYgYf_AhU_k_0HHcM2AZs&bg=!gYKlgtbNAAZ8_aWmXP07ADkAdvg8Wid8nRcV_-NybaINvHgoEfLLQ-qM6d7gMsGO5x-DrFjuXmz5XT4VaiyJnBaJd6ugNf8WnC8CAAAAbVIAAAACaAEHCgADX23lmQJH8La9bnDVgpY38tIjmPmAS0hf_92uScmflMEi1fz7MKGAMj2WxU-u8VRsqVbj8NO1NcbV33IVvNC5z6hGg4OadoodOqXDUI6cGIcEE-wkn_WJjw3yBVx7eFqZqekl4ooBIkQx7AIstK8eiWOc27CF5dleHi3TZWkqpAgmWNh3Ds9N81oGAP13CIsG_HA0CDOEqVsGPOlt-sn1fPX3hEYscWED7R-OzMrL8LkmpEqNF3n16mtJ4OxJ4l4xxT97nHR1wjO1nfKBNqX0KT2qeSBaOf--USTew8dks8xsAX9SuH20dl4zqnC4aPj4PRVlrK7CT62LNek8_x8gIEzXJVUJszJI1Ka6uoQQPS2XZmpbBRiD6JO0OksKlCJ9xRRJw81x2vvF_vkruohn3eioseVH6Jd5a6BW2zqb2FOUamgIc04lK-oPH3Xp6OpJF2RWlr9p6tQQkADfXbgIN926YYFGTL39o4VvttPWsS0Dp-u58AWNTvkM15mAb2sSb1_z1vrhxLbwx9kGphKRhb1Nf816_ZJbtfmbkY6UDhgKOvR_UmFPCo0gNelLDM4wrPaJCuoN3KZqltkLrzNMCuU69yFV7Q-5IYkW9C5LWng-0iZ5sc5qQVihgkHIo4LZYTvi3FubYloS_NWp8jwSNaTOL8ebvS7497BxvGDvlySienxlDyqWxpP_ZxK1ykjd9XysGmd1Tmf--oGl6y5VKlb5x1a-Ggk_rMEemS_OtLwaE5GPFpHUN6_3x8ePpKjPA6F4e5DBdvB-3RrUaw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.com/Members/Helpers/ Frame 851B 84 B
1 KB 282ms
184ms Document
text/html 5.226.179.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01208531&forcelp=1
Requested by: Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.10 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7caecaa0fd3abbf2-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Sun, 21 May 2023 18:13:07 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C25B 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3586252491072&version=m202301230201&ct=76&x=1&cor=15183853837936920000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VSQN11XK2K&gtm=45je35h0&_p=1463674454&cid=1350940105.1684692783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684692782&sct=1&seg=0&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Correio%20Braziliense%3A%20not%C3%ADcias%2C%20an%C3%A1lises%20e%20v%C3%ADdeos%20do%20DF%2C%20do%20Brasil%20e%20do%20mundo&en=Scroll&epn.percent_scrolled=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSQN11XK2K&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

campaign.do
de.unibet.com/stan/ Frame BBC7
Redirect Chain

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664
https://de.unibet.com/stan/campaign.do?cmpId=2615360&affiliateId=1&unibetTarget=/de-int/pop/sportsbook/welcome/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_02A09EA210BD4AB89D6D2...

0
0

219ms
42ms

Document
text/html

85.184.96.0
UNIBET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://de.unibet.com/stan/campaign.do?cmpId=2615360&affiliateId=1&unibetTarget=/de-int/pop/sportsbook/welcome/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_02A09EA210BD4AB89D6D2CB6DF95B897&affiliateId=1&pid=74444021&bid=34664

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),

Reverse DNS

Software

kindred-loadbalancer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
content-type: text/html
date: Sun, 21 May 2023 18:13:08 GMT
etag: W/"646777ca-1676c3"
last-modified: Fri, 19 May 2023 13:21:14 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
vary: Accept-Encoding
x-browser-class: A
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ooops-debug: /500-pages/de.unibet.com/index.html
x-os-class: M
x-xss-protection: 1; mode=block

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Sun, 21 May 2023 18:13:08 GMT
location: https://de.unibet.com/stan/campaign.do?cmpId=2615360&affiliateId=1&unibetTarget=/de-int/pop/sportsbook/welcome/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_02A09EA210BD4AB89D6D2CB6DF95B897&affiliateId=1&pid=74444021&bid=34664
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 0NF9qZAAAAADxJ9rXVcHSToZWiaY2lYitRlJBMzFFREdFMDMxMwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 118ms
117ms Image
text/plain 34.231.83.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=UtcWhSbUXeuMLkEgT5Wr9ASn8x2pIv5GY7G1/NWF1ZqSphUeliSouBM2ySpMSAUGbbH9PyPpIYFJ4TWbyRiRiatEddLAQM3E39z1+3+RRXe3G/urF25tsTMHSTWi65Mz8FCAhvFqnd64QYlvhctLN2UP/r/Lh2DC8wcKbBp+nqHj/qZjDCxbOIkHoWeM/umEruz6JT4xi/76K/4aYQj1bUMVRWsIvsqqGKS1DdYwn0Uf7tJzwcAYbLJZlT0+frzg+SQSsgo1oGbzpUkUGUQv3kvr/puPPKQXHVx+jLBlLMDbCssTHAQMFf9VT/pvZlQ+WYsvf7W6cv3tL3B/sy9SqO05GJ0yyJ5NFDYOL4QpSrEQxp5t4uWr36kyP9bL3NmGDA6otV4WLfKs8b5ls1Jddg==&cb=96121187
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.83.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-83-155.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:08 GMT
server: nginx/1.6.2

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DE87 42 B
64 B 85ms
85ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8TMe-bli0AfkwshfW9IiYwD3rqDyeMIBFxQLtG0UvVjN1QEQwhR1BsbSmEwDUU0e8qgoxgcIlBPpsQoLs-yRFKj1_JknPlsuCJVX1LTgjoG33VRqTkfNC9HDfiT_8oa_5-j2E7lZ7zm0ojrjtva7_aioC28SFUszy&sai=AMfl-YS8ZLRn_HYYGuYBIVvEQTj94kE5u9w6-8lOueX6holbsGQ6Caawwdnl3GM4FQ3V5xepe23cqz2YM77ChN7R8YvtI2sqs4CWi-EKg8pldXYU0_n6xGKSxUlbhwMX&sig=Cg0ArKJSzG9zi9tbByNWEAE&cid=CAQSPABygQiDhV8PMY7LpqWifXQ7hL81prprza_i-71tlBUFKtK2UvUAK3hLqgmp9QyvernsM01kJCKAOQndYRgB&id=lidarv&acvw=sv%3D953%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D909,1260,1100,1600%26tos%3D1820,201,0,0,205%26mtos%3D1820,2021,2021,2021,2226%26amtos%3D0,0,0,0,0%26mcvt%3D2021%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2481%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D651%26pst%3D255%26dur%3D15000%26vmtime%3D2326%26dtos%3D2021%26dtoss%3D1%26dvs%3D2021%26dfvs%3D1820%26dvpt%3D2433%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33558803%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D10,1,0,0,1%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D4486%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2226&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1684692785910

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 contact
www.bwin.de/en/mobileportal/ Frame A323 0
0 419ms
306ms Document
text/html 104.18.28.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bwin.de/en/mobileportal/contact?wm=5322937

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src *
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7caecaad89a03a54-FRA
content-encoding: br
content-security-policy: frame-src *
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 18:13:09 GMT
expires: -1
pragma: no-cache
server: cloudflare
server-timing: vanilla;dur=193.7811
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.pinnacle.com/ Frame 1566
Redirect Chain

https://www.pinnacle.com/?btag=a_29368b_16581c_&refer=XAFF5905
https://www.pinnacle.com/

35 KB
9 KB

254ms
254ms

Document
text/html

104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

53a59310f2e17a7210415b91eb41ae59d9bf0776504a851b869e50f2bce58e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7caecab55eb4371f-FRA
content-encoding: br
content-type: text/html
date: Sun, 21 May 2023 18:13:10 GMT
expires: Sun, 21 May 2023 18:13:09 GMT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7caecab3bbc8371f-FRA
content-type: text/html
date: Sun, 21 May 2023 18:13:10 GMT
expires: Sun, 21 May 2023 18:13:09 GMT
location: https://www.pinnacle.com/
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfoJxMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHYEwyIFALQFQHiFgIIAfgWAYAXAQ&sigh=O83ip_cowkQ&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=videoplaytime25&ad_mt=3920&acvw=sv%3D953%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D909,1260,1100,1600%26tos%3D3183,201,0,0,205%26mtos%3D3183,3384,3384,3384,3589%26amtos%3D0,0,0,0,0%26mcvt%3D3384%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3844%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D851%26pst%3D255%26dur%3D15000%26vmtime%3D3920%26dtos%3D1363%26dtoss%3D2%26dvs%3D1363%26dfvs%3D1363%26dvpt%3D1363%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777216%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3183,3384,3384,3384,3589%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D16,1,0,0,1%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D5849%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3589&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1684692785910&sdkv=h.3.574.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiYQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNI1ARQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.0c1cec00.chunk.css
www.pinnacle.com/static/css/ Frame 1566 67 KB
14 KB 63ms
60ms Stylesheet
text/css 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/css/styles.0c1cec00.chunk.css

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8da8d423442f0f88e3278be32437dabb008d3d30098f6eb03db3efa33e3012e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-10d2f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7caecab80ad8371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H2 200 k_pinnacle.js Show response
admaxium.com/scripts/ Frame 1566 2 KB
1 KB 261ms
150ms Script
text/javascript 2606:4700:3035::ac43:c1f7

General

Check archive.org

Show headers Download Go to

Full URL: https://admaxium.com/scripts/k_pinnacle.js
Requested by: Host: www.pinnacle.com
URL: https://www.pinnacle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c1f7 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693

Request headers

Referer: https://www.pinnacle.com/
Origin: https://www.pinnacle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-runtime: 0.003494
date: Sun, 21 May 2023 18:13:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"41a683137c8c1dd8eb93814c564ad2be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHs8dWhReltpNaoNrbAXle9hGIx%2FNgxGX4aaSGCNJSMgPYfCNP4d%2FUvBeA%2BMq3tmzMNnWxE2RZArCP4W2O0Yf9IEx1HaGAC7urcRamFX0Bvz%2FrhyyQcFOVWcDmK2xStJwJgB8WdwhKi7NAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7caecab8bb8d30e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: a30ddd72-0483-40ab-9b76-7fd8f51cf402

GET
H2 200 styles.be37e175.chunk.js Show response
www.pinnacle.com/static/js/ Frame 1566 307 B
230 B 63ms
61ms Script
application/javascript 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/js/styles.be37e175.chunk.js

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4214e9d22f07b0d604f0dbbc06c3bdf3be474bb736b1728ec0de79ba1150cffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-133"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7caecab80adb371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H2 200 main.7a6c3f3c.chunk.js Show response
www.pinnacle.com/static/js/ Frame 1566 243 KB
67 KB 66ms
63ms Script
application/javascript 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/js/main.7a6c3f3c.chunk.js

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2eede0a452b27be5eb5a9518e7cc3548e52ec2033fd4c3048d33d47fe71166b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-3cbbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7caecab80add371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H2 200 style.css
www.pinnacle.com/css/font/icomoon/ Frame 1566 14 KB
3 KB 60ms
59ms Stylesheet
text/css 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/css/font/icomoon/style.css?ts=1684512582321

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f9959ccfa009f125ce2962185986defc165a0a2c03d9b046b998fe27294f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:01:26 GMT
server: cloudflare
age: 162885
etag: W/"64673ae6-382f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7caecab80ae7371f-FRA
expires: Sun, 18 Jun 2023 20:58:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1566 7 KB
814 B 57ms
56ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 18:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 17:24:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 18:13:11 GMT

GET
H2 200 app.json Show response
www.pinnacle.com/config/ Frame 1566 10 KB
3 KB 254ms
253ms Fetch
application/json 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/config/app.json

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7a6c3f3c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

852d09ecec187be7ccf1659cbc3c2df55e135c60dbc528da7f4e7c4d5d295f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: application/json
Referer: https://www.pinnacle.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 May 2023 09:08:46 GMT
server: cloudflare
etag: W/"64673c9e-281f"
content-type: application/json
cache-control: no-cache, no-cache
cf-ray: 7caecab8fc80371f-FRA
expires: Sun, 21 May 2023 18:13:10 GMT

GET
H2 200 sportsbook.json Show response
www.pinnacle.com/config/ Frame 1566 8 KB
2 KB 256ms
255ms Fetch
application/json 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/config/sportsbook.json

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7a6c3f3c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bf0a31782e24b8ab416b61bc7d92a97572402844407bf741c78e4bcc1ce41d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: application/json
Referer: https://www.pinnacle.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 May 2023 09:01:26 GMT
server: cloudflare
etag: W/"64673ae6-1e54"
content-type: application/json
cache-control: no-cache, no-cache
cf-ray: 7caecab8fc83371f-FRA
expires: Sun, 21 May 2023 18:13:10 GMT

GET
H2 200 newcasino.json Show response
www.pinnacle.com/config/ Frame 1566 303 B
235 B 256ms
256ms Fetch
application/json 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/config/newcasino.json

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7a6c3f3c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: application/json
Referer: https://www.pinnacle.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 May 2023 09:01:26 GMT
server: cloudflare
etag: W/"64673ae6-12f"
content-type: application/json
cache-control: no-cache
cf-ray: 7caecab8fc84371f-FRA
expires: Sun, 21 May 2023 18:13:10 GMT

GET
H2

200

campaign.do
www.unibet.com/stan/ Frame DBF7
Redirect Chain

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775
https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_BA05BC35747246219B...

0
0

100ms
44ms

Document
text/html

85.184.96.0
UNIBET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_BA05BC35747246219B195CE92D5D5321&affiliateId=1&pid=74444021&bid=21775

Requested by

Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/3d8fbc0fe6613685b6be300b24dd70d8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),

Reverse DNS

Software

kindred-loadbalancer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
content-type: text/html
date: Sun, 21 May 2023 18:13:11 GMT
etag: W/"646777ca-1676c3"
last-modified: Fri, 19 May 2023 13:21:14 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
vary: Accept-Encoding
x-browser-class: A
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ooops-debug: /500-pages/www.unibet.com/index.html
x-os-class: M
x-xss-protection: 1; mode=block

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Sun, 21 May 2023 18:13:10 GMT
location: https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_BA05BC35747246219B195CE92D5D5321&affiliateId=1&pid=74444021&bid=21775
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 0N19qZAAAAADbS/bJc+8lQ4CSunFuNQs6RlJBMzFFREdFMDMxMwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 pinnacle Show response
pixel.admaxium.com/rtg/sync/ Frame 1566 1 B
583 B 252ms
146ms Script
text/javascript 2606:4700:3031::6815:2c18

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.admaxium.com/rtg/sync/pinnacle?requestedAt=1684692791290&sh=1200&sw=1600&ref=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&lp=https%3A%2F%2Fwww.pinnacle.com%2Fen%2F&fp=2a01801f4.3616195c7.2dd4ca4b8
Requested by: Host: admaxium.com
URL: https://admaxium.com/scripts/k_pinnacle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2c18 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-runtime: 0.005294
date: Sun, 21 May 2023 18:13:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"36a9e7f1c95b82ffb99743e0c5c4ce95"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2b82MPoJo4HSsKvHem0q2LPGZ8Cw5CkNXiiPHdrsRiFu9X6dyVRl6toD1u5ISdu4j4TOVl0o9jGNYjH4JEQIHyuJSlYz2NqX7ObiroSoP98m5KDDWU6%2FtV5WbGt47QCOgUx3we54neLKh3fM5DB478%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7caecaba5de339c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: cabc9982-b9ad-4959-ab4d-176f8e7aba06

GET
H2 200 69.0cc2f020.chunk.js Show response
www.pinnacle.com/static/js/ Frame 1566 2 MB
518 KB 77ms
77ms Script
application/javascript 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/js/69.0cc2f020.chunk.js

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6bef59e750d0d7e68aede84ed4941a232c426326e966c8e3407bc7487214bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-1b4793"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7caecaba9f1c371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H2 200 68.3d512c2f.chunk.css
www.pinnacle.com/static/css/ Frame 1566 267 KB
49 KB 63ms
62ms Stylesheet
text/css 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/css/68.3d512c2f.chunk.css

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

456e940b043822f27095b126a0a6f12ffa7cc29aa543d02aa8775f4312793433

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-42d16"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7caecaba9f1f371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H2 200 68.a432027e.chunk.js Show response
www.pinnacle.com/static/js/ Frame 1566 3 MB
694 KB 88ms
88ms Script
application/javascript 104.18.2.163

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinnacle.com/static/js/68.a432027e.chunk.js

Requested by

Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.163 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c201127052b7703eac5f45346f300d9112cffaa5880804b7011f8ddcab4bfe3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pinnacle.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 18:13:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:18:22 GMT
server: cloudflare
age: 162847
etag: W/"64673ede-320952"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7caecaba9f21371f-FRA
expires: Sun, 18 Jun 2023 20:59:04 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DE87 42 B
64 B 93ms
85ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfoJxMV9qZKzJJZWIlQe63I3oAqqJ5Pdvg-rc7ZgQitGj7b4BEAEgkPuLfmCVgoCAkAegAbC6odcDyAEFqQKSbPgLsyCyPuACAKgDAZgEAKoEvQJP0K_QTMWkP5o8LnVA0RxUSIy9zfaqAI35BlC8EuSnfUbA09YPV5niVRzIAXKXHr-oL-feMqmyFnyMaNNW8Ug3b4MdCw6-SXYC-utAUwblC2t1szdK7riEnBXzWoi6Zekt81vUmw47WnQTAZm-dNkUXDfLs8Pmxc1irFS6uvuEPCWxSmeSoH3xHsLlLjqyDLr1020PXY0bH0FXLBG3gMrfVGNVDUmWPy1hQ_QxGECpCQhlFXFJiZ6gNpIgEBRJ_speHmHFeq_6vTOtdo2FO7aeXxvn_euoXRE-ZBVLW-H-oBn4hdPdLnKIgWndsGvpJF9YZ21BHfbZVzPwjBSAg2cRBbzJsE-Y6J7Hswibpt38FwjGT-_Rbr3Xicb4YMEjoalvIiAxlCJomkgig5HUHWzJ04Jmy1ygZ8IuGRI9ucAEqoruleED4AQBoAZUgAee7PaDA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTEzMjM5MjQ2Njg1NTQwMTiACgPICwHYEwyIFALQFQHiFgIIAfgWAYAXAQ&sigh=O83ip_cowkQ&cmd=Ch1jYS12aWRlby1wdWItNjMyMjU0MTE5Mjg4NjU2MBAAGAI&label=video_skip_shown&ad_mt=5248&acvw=sv%3D953%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D909,1260,1100,1600%26p0%3D1200,960,1560,1600%26p1%3D909,1260,1100,1600%26tos%3D4511,201,0,0,205%26mtos%3D4511,4712,4712,4712,4917%26amtos%3D0,0,0,0,0%26mtos1%3D3183,201,205%26mcvt%3D4712%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5172%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1279%26pst%3D255%26dur%3D15000%26vmtime%3D5248%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26cs%3D50336019%26c%3D1%26c0%3D0%26c1%3D0,1,1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1328,1328,1328,1328,1328%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1270%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D23,1,0,0,1%26avms%3Dexc%26qi%3D76971472%26psm%3D-2147483585%26psv%3D62%26psfv%3D62%26psa%3D0%26ptlt%3D7177%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4917%26ss0%3D0%26ss1%3D0,0.03,0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1684692785910&sdkv=h.3.574.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1NjQyODM3NTI5OTIMNjA2NTgzOTgwODkyQMcCUiYQDyUAAKBBKAE6C3JaLVc3NnNqMTVzQglnb29nbGVhZHNI1ARQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:13:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS enums
guest.api.arcadia.pinnacle.com/0.1/ Frame 0
0

OPTIONS dataVersion
guest.api.arcadia.pinnacle.com/0.1/ Frame 0
0

OPTIONS status
guest.api.arcadia.pinnacle.com/0.1/ Frame 0
0

GET GeoComplyBaseDesktop.4aa701cc.chunk.js
www.pinnacle.com/static/js/ Frame 1566 0
0

GET GeoComplyBaseMobile.cb97fbf0.chunk.css
www.pinnacle.com/static/css/ Frame 1566 0
0

GET GeoComplyBaseMobile.e96613ef.chunk.js
www.pinnacle.com/static/js/ Frame 1566 0
0

GET react-intl-locale_4.9a84e50a.chunk.css
www.pinnacle.com/static/css/i18n/ Frame 1566 0
0

GET react-intl-locale_4.e9cdd497.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 1566 0
0

GET en.json
www.pinnacle.com/translations/ Frame 1566 0
0

POST /
o417691.ingest.sentry.io/api/5339569/envelope/ Frame 1566 0
0

GET esw.min.js
pinnacle3.my.salesforce.com/embeddedservice/5.0/ Frame 1566 0
0

GET commons.f0d1d205.chunk.css
www.pinnacle.com/static/css/ Frame 1566 0
0

GET commons.f0ba21f9.chunk.js
www.pinnacle.com/static/js/ Frame 1566 0
0

GET react-intl-locale_26.8441e4c8.chunk.css
www.pinnacle.com/static/css/i18n/ Frame 1566 0
0

GET react-intl-locale_26.3e7d9a2c.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 1566 0
0

GET 78.4d54f7a2.chunk.css
www.pinnacle.com/static/css/ Frame 1566 0
0

GET 78.24f7f009.chunk.js
www.pinnacle.com/static/js/ Frame 1566 0
0

GET MaintenanceNotice
www.pinnacle.com/en/future/ Frame 1566 0
0

GET enums
guest.api.arcadia.pinnacle.com/0.1/ Frame 1566 0
0

GET dataVersion
guest.api.arcadia.pinnacle.com/0.1/ Frame 1566 0
0

GET status
guest.api.arcadia.pinnacle.com/0.1/ Frame 1566 0
0

GET hotjar-1083293.js
static.hotjar.com/c/ Frame 1566 0
0

GET gtm.js
www.googletagmanager.com/ Frame 1566 0
0

GET ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ Frame 1566 0
0

GET ol-service-worker.js
cdn.otherlevels.com/js-sdk/ Frame 1566 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&rid=esp

Domain: ponos.zeronaught.com
URL: https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A5vagz-IAQAANbQ-JO3P3K0CxSAY-_fvfUN2oKJFygP6v4dnKNQBqjtmYV0QAVD_B2aucn0ewH8AAEB3AAAAAA==&c=-583944288

Domain: extra.bet365.de
URL: https://extra.bet365.de/ServerTime

Domain: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/cookieconsentajax?

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je35h0&_p=1015230215&gcs=G1-0&cid=1889156381.1684692786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1684692785&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.de%2Folp%2Fopen-account%3Faffiliate%3D365_01054176&dr=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Er%C3%B6ffnungsangebot&en=scroll&epn.percent_scrolled=90

Domain: extra.bet365.de
URL: https://extra.bet365.de/ServerTime

Domain: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/cookieconsentajax?

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je35h0&_p=1035958656&gcs=G1-0&cid=1956130055.1684692786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1684692785&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.de%2Folp%2Fopen-account%3Faffiliate%3D365_01054176&dr=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&dt=Er%C3%B6ffnungsangebot&en=scroll&epn.percent_scrolled=90

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/enums

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/dataVersion

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/status

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/GeoComplyBaseDesktop.4aa701cc.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/GeoComplyBaseMobile.cb97fbf0.chunk.css

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/GeoComplyBaseMobile.e96613ef.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/i18n/react-intl-locale_4.9a84e50a.chunk.css

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/i18n/react-intl-locale_4.e9cdd497.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/translations/en.json

Domain: o417691.ingest.sentry.io
URL: https://o417691.ingest.sentry.io/api/5339569/envelope/?sentry_key=80eedce15edb4644a5bac761265e091c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.16.0

Domain: pinnacle3.my.salesforce.com
URL: https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/commons.f0d1d205.chunk.css

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/commons.f0ba21f9.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/i18n/react-intl-locale_26.8441e4c8.chunk.css

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/i18n/react-intl-locale_26.3e7d9a2c.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/78.4d54f7a2.chunk.css

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/78.24f7f009.chunk.js

Domain: www.pinnacle.com
URL: https://www.pinnacle.com/en/future/MaintenanceNotice

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/enums

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/dataVersion

Domain: guest.api.arcadia.pinnacle.com
URL: https://guest.api.arcadia.pinnacle.com/0.1/status

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1083293.js?sv=6

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXLFXC7&gtm_auth=RSYvLtUxCh8o0eYkz0CGig&gtm_preview=env-2&gtm_cookies_win=x

Domain: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744513

Domain: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/ol-service-worker.js?appKey=4d21c8ceef2c0fa35ebee38f497184cf

Verdicts & Comments Add Verdict or Comment

312 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 11:58:14	Name: __cf_bm Value: 8KtpKJ.vzX4pAlvkFn7gIt1GJwe7oOSyKS7YmwBp_DE-1684692782-0-AZrFEjYm0GrBuIomjjaGnWOZBG3Qm3BdFxyOD+JngdKBvBVXQ4+wJGJ+9TOUh0wk9JGMacSWeZcivbePSacPuB8=
www.correiobraziliense.com.br/	1970-01-20 11:58:33	Name: _ad__nbrePageViews Value: 1
.correiobraziliense.com.br/	1970-01-20 11:59:39	Name: _gid Value: GA1.3.747914680.1684692783
.correiobraziliense.com.br/	1970-01-20 11:58:12	Name: _gat Value: 1
.correiobraziliense.com.br/	1970-01-20 11:58:12	Name: _gat_UA-81883435-1 Value: 1
www.correiobraziliense.com.br/	1970-01-20 11:58:33	Name: _ad__RE Value: {"cC":"DE","r":"BE"}
.correiobraziliense.com.br/	1970-01-20 21:34:12	Name: _ga Value: GA1.1.1350940105.1684692783
.correiobraziliense.com.br/	1970-01-20 21:34:12	Name: _ga_VSQN11XK2K Value: GS1.1.1684692782.1.0.1684692782.0.0.0
.rubiconproject.com/	1970-01-20 20:43:48	Name: khaos Value: LHXQL2TX-H-E86F
.rubiconproject.com/	1970-01-20 20:43:48	Name: audit Value: 1\|SDziDG3X/EjYaZrvsbY0zgNb0fGVcfL/XWaA1sYWTLG+SmvwaNDOnqB9Ls3QTLAEqg4RliDe2Ng064FSEsrgz+2rZC07KWUrQuI9RVjvdPmp09IPATRuepV61lMiPYeE
.correiobraziliense.com.br/	1970-01-20 11:58:12	Name: lotame_domain_check Value: correiobraziliense.com.br
.doubleclick.net/	1970-01-20 21:19:48	Name: IDE Value: AHWqTUlKoJ43mvAiO-ZIZ7p2EVBiwBpUJ9m6mq9rsddrEgo_X_s3qaU3VUFealzj_p4
.correiobraziliense.com.br/	1970-01-20 21:19:48	Name: __gads Value: ID=bd3900a8978da11c:T=1684692782:S=ALNI_Ma7hxp_u-ArxbtwuMtgdSz1RpRl9Q
.correiobraziliense.com.br/	1970-01-20 21:19:48	Name: __gpi Value: UID=00000c18da6076f2:T=1684692782:RT=1684692782:S=ALNI_MZ7QuKJykO-6jcCtX4iv-0WFbRrgw
.criteo.com/	1970-01-20 21:19:48	Name: uid Value: 5eb19b83-112c-4607-a39d-cc978f9f20ab
.correiobraziliense.com.br/	1970-01-20 21:19:48	Name: cto_bundle Value: OFFAdl9iOHZyNlolMkJlaElJZ00zWmFiank5Z2pJZ1BmZndsS0F2Q3BpOTl6VG5RN3hweXdpT1dwMUhwNWVLZ3FoVExiVkJxZG96ZFI4MEt0U3cxZG1sa0NvSXh3NE5UN3hnVlY3Y1RQYllmdGlRbEhGME5WJTJCVFE1TkF5VFN0MTk0eThVJTJGZndPYVp2d2szd3FVYmhpdHdkd0RnZUtaUGhaNFElMkZmUSUyQkJSaUhkd2JVZiUyRjQlM0Q
.doubleclick.net/	1970-01-20 11:58:16	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 14:07:48	Name: uuid2 Value: 1849365618638032723
.casalemedia.com/	1970-01-20 20:43:48	Name: CMID Value: ZGpfMJJwfY38P.BfT4.F5AAA
.casalemedia.com/	1970-01-20 14:07:48	Name: CMPS Value: 3287
.casalemedia.com/	1970-01-20 14:07:48	Name: CMPRO Value: 3287
.adnxs.com/	1970-01-20 14:07:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1hd^/9!]tbPl1M>e)ZlrFUfJ+tGXxp6:E-?(B%j7CIi5.zG4f?J@L5(R_K?6G1n8Re3If)y3KL9D3I?-4e^`d>
.adform.net/	1970-01-20 12:42:51	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 14:07:48	Name: UserID1 Value: 7235700411116222608
.adform.net/	1970-01-20 13:24:36	Name: uid Value: 1239885707689650794
.de17a.com/	1970-01-20 20:36:36	Name: guid Value: 1.5785282605739191708
.yahoo.com/	1970-01-20 20:44:10	Name: A3 Value: d=AQABBDFfamQCEL66mpxvfNvZ37RVqRsKTekFEgEBAQGwa2R0ZAAAAAAA_eMAAA&S=AQAAAvaS9IfBfEqbevjolhyz7kI
.bet365.de/	1970-01-20 11:58:14	Name: __cf_bm Value: YEek6o4fvNzcO0Gn5ossDfE3M_OyLRLdLfSnDMHm75s-1684692785-0-Aed4blXc0lEL/0Ot6SrDu1+W+hVE2Rb12ckf5U8buFxvzPs/FxAsYZKxahHi4UahpVeOy/eCJlsW+zHSV1BIgS8=
.amazon-adsystem.com/	1970-01-20 21:34:12	Name: ad-privacy Value: 0
.linkedin.com/	1970-01-20 20:43:48	Name: bcookie Value: "v=2&c8123a7c-94c3-45f8-8f3e-65c76b854f03"
.linkedin.com/	1970-01-20 16:17:24	Name: li_gc Value: MTswOzE2ODQ2OTI3ODU7MjswMjHPEhSJ1mzDxC+3RY3aAcVzrym6ASMFok71CLnrtpw/4g==
.linkedin.com/	1970-01-20 11:59:39	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2523:u=1:x=1:i=1684692785:t=1684779185:v=2:sig=AQGj5SmiZG9NB7haG3NsbEWm29HY_0On"
.amazon-adsystem.com/	1970-01-20 17:22:12	Name: ad-id Value: A4bJvBhI9kytuLPQfS1zD8o
members.bet365.de/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.de/	1970-01-20 13:03:00	Name: Affiliates Value: Code=365_01054176%2f177773533855&prd=Sports
.bet365.de/	1969-12-31 23:59:59	Name: pstk Value: B54A644742F9BE398ED051C5CD2C71CD000003
.bidswitch.net/	1970-01-20 20:43:48	Name: tuuid Value: 434c30a9-1b07-4197-932f-2c14ed10941b
.bidswitch.net/	1970-01-20 20:43:48	Name: c Value: 1684692786
.bidswitch.net/	1970-01-20 20:43:48	Name: tuuid_lu Value: 1684692786
.w55c.net/	1970-01-20 21:29:53	Name: wfivefivec Value: EbP4mKyg1Q0Nyi5
.betano.de/	1970-01-20 12:41:24	Name: btag Value: a_8989b_817c_
.betano.de/	1970-01-20 11:58:14	Name: __cf_bm Value: fyasK9V9Eo9qltnXMhu6KthirBaPhgE6_VAi.xirpXo-1684692786-0-AYLa4Ac8/26sYwTa2Xlg85rb5OXKT9mbOh+11P65Et+1OjR6x2p9s/oqn9kud3qQdYDsGrzqEXDLpmBcGGF7wcY=
.w55c.net/	1970-01-20 12:41:24	Name: matchmedianet Value: 5
.media.net/	1970-01-20 12:41:24	Name: data-c Value: 5eb19b83-112c-4607-a39d-cc978f9f20ab~~1
.media.net/	1970-01-20 12:41:24	Name: data-c-ts Value: 1684692786
.media.net/	1970-01-20 20:42:22	Name: data-xu Value: EbP4mKyg1Q0Nyi5~~8
.media.net/	1970-01-20 20:42:22	Name: data-bs Value: 434c30a9-1b07-4197-932f-2c14ed10941b~~1
.bet365.com/	1970-01-20 13:03:00	Name: Affiliates Value: Code=365_01208531%2f177773537862&prd=Sports
members.bet365.com/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.com/	1969-12-31 23:59:59	Name: pstk Value: 47124A8ECA54480582725AD3C48471B2000003
.bet365.com/	1970-01-20 11:58:14	Name: __cf_bm Value: JEWo5wR45piZPr5yVGMVnasxeOwAqN1Dyy10gKpF0ds-1684692787-0-AQWgWWzKAQcGDIHPr0/DGdHeBKg9gcKS2lQX/mPk2/SWj+t4j3iqP9mpyEwS1w6Hkd5438CXCGdnaOVTk+H/Nno=
.trickyrock.com/	1970-01-20 21:34:12	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a74444021%2c%22BID%22%3a34664%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1684692788538)%5c%2f%22%2c%22CookieTag%22%3a%2234664744440215%3a%3a29%3a8331%3a0a4%3a10a2C20235211813%22%7d%5d
.de.unibet.com/	1969-12-31 23:59:59	Name: clientId Value: polopoly_desktop
.bwin.de/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gtsqexay1sgq0f2d0vi5oyez
.bwin.de/	1970-01-20 21:34:12	Name: trc.cid Value: cb61371fdffc4d2596e3f0ff1b3755f7
.bwin.de/	1970-01-20 21:34:12	Name: usersettings Value: cid=en-US&vc=1&sst=2023-05-21T18:13:09.6071633Z&psst=0001-01-01T00:00:00.0000000Z
.bwin.de/	1969-12-31 23:59:59	Name: isLanguageChanged Value: false
.bwin.de/	1969-12-31 23:59:59	Name: lang Value: en
.bwin.de/	1970-01-20 21:34:12	Name: dark-mode Value: 1
.bwin.de/	1970-01-20 20:43:48	Name: skipUserLanguage Value: 1
.bwin.de/	1970-01-20 12:41:24	Name: trackerId Value: 5322937
.bwin.de/	1970-01-20 11:58:27	Name: trackingAffiliate Value: 5322937
.bwin.de/	1969-12-31 23:59:59	Name: vnSession Value: 6f266b96-a176-4f4c-b1aa-f4dbf126d9d4
.bwin.de/	1970-01-20 11:58:14	Name: __cf_bm Value: mE5tE26nAPJnz_NwbtRwmg9.Ok2DcXOQQ9NL77Qo7Pc-1684692789-0-AbKkRgkhqtOm/Z4hswopJErNAvWJrcIAFLGGYvEVx03YepkWcmOdEDyvYz5wvCZ+UghufuZFXe+b16AxFf95xIA=
www.correiobraziliense.com.br/	1970-01-20 11:58:33	Name: _ad__v5.0 Value: %7B%22QmV0MzY1LURFLWNvdW50cnktREVSVGdsb2JhbA%3D%3D%22%3A1%2C%22QmV0YW5vLURFLWNvdW50cnktREVSVC0yZ2xvYmFs%22%3A1%2C%22QmV0MzY1LS1OZXctZ2xvYmFsLWFjY291bnQtLWNvdW50cnktQUxMUlQtQUxMZ2xvYmFs%22%3A1%2C%22VW5pYmV0LS8tMzJSZWQtY291bnRyeS1ERVJULURFZ2xvYmFs%22%3A1%2C%22RW50YWluLS0tQndpbi1ERS1jb3VudHJ5LURFUlRnbG9iYWw%3D%22%3A1%2C%22UGlubmFjbGUtY291bnRyeS1BTExSVC1BTExnbG9iYWw%3D%22%3A1%7D
.pinnacle.com/	1970-01-20 12:41:24	Name: btag Value: a_29368b_16581c_
.pinnacle.com/	1970-01-20 12:41:24	Name: refer Value: XAFF5905

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.correiobraziliense.com.br/ Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&rid=esp' from origin 'https://www.correiobraziliense.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&rid=esp Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 464) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A5vagz-IAQAANbQ-JO3P3K0CxSAY-_fvfUN2oKJFygP6v4dnKNQBqjtmYV0QAVD_B2aucn0ewH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-whEZcrJWbD5Lgv9vJGpGJHjohivL3qkTEibbrgRvFg4='".
security	error	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A5vagz-IAQAANbQ-JO3P3K0CxSAY-_fvfUN2oKJFygP6v4dnKNQBqjtmYV0QAVD_B2aucn0ewH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' *.bet365.de".
javascript	warning	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AADddz-IAQAAOzXEjw5JO8LkvsEuSCTd4GpuWLB4ZDEwnd9cSMU3JP5V9qm6&PIRXTcSdwp--z=q Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AADddz-IAQAAOzXEjw5JO8LkvsEuSCTd4GpuWLB4ZDEwnd9cSMU3JP5V9qm6&PIRXTcSdwp--z=q Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	Message: Refused to frame 'https://www.betano.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://.betano.de:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49fd8d347230a83bef57c5a33dd1dbc4.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
admaxium.com
adservice.google.com
adservice.google.de
b1.trickyrock.com
bcp.crwdcntrl.net
blogs.correiobraziliense.com.br
c1.adform.net
campaigns-ad.s3.eu-west-2.amazonaws.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.otherlevels.com
cdn.prod.uidapi.com
cdn.taboola.com
cm.g.doubleclick.net
cnt.trvdp.com
content001.bet365.de
contextual.media.net
correiobraziliense.com.br
cs.media.net
csi.gstatic.com
d5p.de17a.com
de.unibet.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edicao.correiobraziliense.com.br
esp.rtbhouse.com
eus.rubiconproject.com
extra.bet365.de
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
guest.api.arcadia.pinnacle.com
gum.criteo.com
i.ytimg.com
i2.wp.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
match.adsrvr.org
members.bet365.com
members.bet365.de
midias.correiobraziliense.com.br
mug.criteo.com
o417691.ingest.sentry.io
oa.openxcdn.net
oajs.openx.net
onesignal.com
p.trvdp.com
pagead2.googlesyndication.com
pinnacle3.my.salesforce.com
pixel-us-east.rubiconproject.com
pixel.admaxium.com
pixel.rubiconproject.com
pm-widget.taboola.com
pm.w55c.net
ponos.zeronaught.com
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.media.net
pro.ip-api.com
pubads.g.doubleclick.net
px.ads.linkedin.com
region1.google-analytics.com
rr5---sn-4g5e6nsk.googlevideo.com
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
stg.truvidplayer.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
voosemoferta.correioweb.com.br
widget.perfectmarket.com
www.bet365.de
www.betano.de
www.bwin.de
www.correiobraziliense.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pinnacle.com
www.unibet.com
www.youtube.com
x.bidswitch.net
cdn.otherlevels.com
extra.bet365.de
guest.api.arcadia.pinnacle.com
o417691.ingest.sentry.io
oajs.openx.net
pinnacle3.my.salesforce.com
ponos.zeronaught.com
region1.google-analytics.com
secure-ds.serving-sys.com
static.hotjar.com
www.bet365.de
www.googletagmanager.com
www.pinnacle.com
104.18.2.163
104.18.28.137
104.64.126.246
108.138.36.27
13.32.145.49
142.250.185.194
151.101.1.44
151.101.193.44
162.19.138.120
178.250.1.9
178.250.7.13
179.191.182.65
18.155.129.84
18.157.212.150
18.164.52.38
18.200.41.115
185.184.10.30
185.80.39.216
185.86.139.104
185.89.210.101
192.0.77.2
2.18.235.93
2001:4860:4802:34::36
2001:4860:4802:38::178
209.54.182.161
213.155.156.165
216.58.212.130
23.201.255.110
23.212.88.20
2600:1f13:800:7780:62e1:f694:ef6b:7146
2600:1f18:659d:b900:a682:4228:b437:d906
2600:9000:2250:7a00:a:e047:753:be1
2600:9000:237d:9e00:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:10::6816:3456
2606:4700:3031::6815:2c18
2606:4700:3035::ac43:c1f7
2606:4700::6812:9ce
2606:4700::6812:d73b
2620:1ec:21::14
2620:1ec:4f:1::60
2a00:1450:4001:62::a
2a00:1450:4001:801::2006
2a00:1450:4001:801::2016
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9c
2a00:1450:401a:800::2003
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42:600::485
2a05:d018:d29:3601:cc5:dc1b:2834:9d22
3.33.220.150
34.102.146.192
34.107.148.139
34.231.83.155
34.96.70.87
34.98.64.218
35.158.42.58
35.190.39.111
37.157.5.84
5.226.179.10
5.226.179.19
51.77.64.70
52.95.142.22
67.220.226.233
69.173.144.139
69.173.144.165
8.43.72.97
85.114.159.118
85.184.96.0
95.101.149.35
99.80.210.150
99.84.88.4
99.86.91.3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d04cfc92500acfa8741bbe6479d2b4437246ae0258c42e219b62e7d139ef91
03f739714c83b91b19dd79e0515931a2121df2cc76aaff41686734154f1368d4
0aafa9bb84eab3ced4bad3187da256499e3f64c473e53242fd66d347175816f1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3d8c980f640512d98fcbf087d156cd51f187b6f90dd94773d7318c7383d0b
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0fed2f3efe0426abe647fb44c860daf8aa7e5b25bb33c1b3450c4060b4511d77
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
103be1ad473a199450bf7a39b7cb687f3068b06530f965f248284ac2e04759e2
1076b4c195c7afa25c4d5977379cf55a85e855a546995df4b76e0d889821d583
112f050682454f720588e5251831839e4a7bdafc9bf06cf5457fa63c0980848a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12dcea7b87048d5f0103dfd0f76b97dc8a683e1a1a1054706639896dc404240a
135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8
150e0e4971227347e3dcf48f5e8bf99ea7ab318c00d6693f1be1778e471b4798
17eb3aeae1c23bd286091c2910bb4951439880a8ce87626ca6d4bb4e221ede05
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
194c0a6abcb4bdee9a9308e1294482e8c4b13f1251b686cebc985c31af1cee9b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d3bc1eacd70d4ebc057ad05881d22f1f99e5f8da065661ad96fdb6d0faaf3d6
1f4094ffd20746cae36783c5571087d3d4d84f2a09f67597c2db80fb534da214
219d20b74d9ae61b2fab4ec48c5a5c5da954ac29dd3090e078d3ee47aa6dfd81
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
24109841bbf2440b83b2276411c7d6d1aa634c572c29e49c2fd9545e9452db58
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27b7ef40603baea776d95bebfcfbcc47f500d09b5dc67983d9530584c93fe8b5
27d031d095f7b34cfd40cf7e16dcb057c9d61f2a527e61461254faec0f6e26c4
294ff47268bdd4071a4c8d4b2b430a3e8b2f69bd0962027f8b7cc44ab4b0dacc
29c4f57a15a1c5993ad6026133559df94b56d21b43ce84cf21cbd5441e96fe13
2abd0114b716ff304b8b46f57b2ee0c1723ceea5a1088c6475816949ee5e37de
2be055db0576f0da227bbc6af4dc541f5d8a201c03525ff9be4556011c91c50b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2eede0a452b27be5eb5a9518e7cc3548e52ec2033fd4c3048d33d47fe71166b4
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30f078ca623c3813651d83fc26109372a0d380c6e913b31acff317e40bc4dab6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a3404d6ddd56047e68f5489b475c80e607d6d5c897431c5d8731c2d02acdd0
32c55316ebfc3e6786779fa4bf7861d51750d1cf19ae6ac9de20b24b054505e4
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3449f985e44741beefb8b89e5c7ea532eda1ec14ff7b2a2b20d65176c70860b4
355b8cd9741e0990e9244605a3365358934825cc75043e82c8ff1f61c2dd87b7
35f5057458f380131d8993ae022721db685d28e12c6295cf462011c1964a876e
367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51
36a0d7b8173ca0de19c9ed5284012559cbd609bd5144cba959f250e2acfb31cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38e6086e49545eed6a7da3c03d215ac081ec3e886bc4c49840c4e38cc6891e04
3934b3194f53f13297a3a5908e4c29042dd5c1b34e45620bddd5953b6ad7ffd2
3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3dd4fce3d2c7713162f428e67f8e079c60a3a6f0e2515acd91b0827c416e6bfc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe2e6d1beebb9447362ee2e0654a7fdf3916a40cc9f50d576538f91626b0eb9
3ff84717ce31eec69733afb3232c32a567a70a6fce7e26fede4526a1a0990384
41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693
4214e9d22f07b0d604f0dbbc06c3bdf3be474bb736b1728ec0de79ba1150cffe
429770683bc96134bb4b57c892caaa6451c5fe447db60ca9fc67fc198977fc88
456e940b043822f27095b126a0a6f12ffa7cc29aa543d02aa8775f4312793433
463b778d459aac2bb5dd17099e4c396db2aa1c9de6399d17239a6f91950858f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d5b4e2f7a0431f40770f28e2c0cb8a6d4ce2a4da76d637fbf82d8de2d8a8b1
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48939a70a648bfa282707584cf2abd010948ed7e3f0cb164132069a7eb033388
4968f26260243054c9eb54b92312011b4d64f3cd31e8a8d0675fa40451e76a7b
4b4c123ae964e6731f6ee84ebc36490b1b1127775f44490239fcc567c0273b60
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf618df733b97742f02914da14cf8dfa6d8775fc298c6dd580690ba913d06e5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9400fd039b341862541c28e77e5149f6b50c1314392114f7dacc5ce4e49364
503a9f3e35ee583399b99d5ace0f57abaaa2ee20be266bdc7a2bc764a36d18bb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50df47da0db46f282089a4715dd53e2992597f46e283aea2a20b2a84d5804560
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
51818d54518d88d4fa04b2348319e3a94716fa6e2710f050aa1b5c3b6247866a
524c42a1ee3d12e748570e81eb151243cb6b1e48c9cae6051457de3381f78c7e
52c1bc357fed9d964c2b5da9e2215e4d18454cfd90949406fec57169ae38383c
53138a915f9f3deaf73671cc916203ee99c10844c181441c62e4a142938a13ae
53a59310f2e17a7210415b91eb41ae59d9bf0776504a851b869e50f2bce58e55
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53ed220e3efc998087ccf53c89031d2d03f921a4d9146cff7b9487fbed31ae5d
54266323336e8d64f70a00663955006935bd8634a7a1c78eec59a51f5f267ecc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55432b90d51596234bde8ca5f6373e363a6e9b66485ca09a1aec1057444daf8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bb15fd3a921a64737a16200554f8fec4a780613099ba1acf3480f8822c8789
56e8976c0fe9aaf71e58f2fdc2109ce5afdcf2b78cc9b8b487df7115b97fcdc1
5750d3f44599f0a0c54a74102838155b78e44ced2aa546dfca28d563883ddc59
58d38d88bba476fe08a41af7d228b147045124ce216bf8967bcf3df34389c8c4
5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f61351ffe14bf908458c2e5538a490b835f212ab4d55e8f1e02bceccce57f10
5f785ad6aa25fccbfbf4d727b193e6e2f7b9af84d22ce9a4b8e42456785e06b8
5fcd78dfd86fd205f786256498d893276ed9c083ec09911f9b04e0a8d073189e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629d996ecc549295fab020cf2316cc576913c59220c0042cb886cda92431bbc0
62c8db1616f0d79e468a60934d2cccee703916418ddf295fb1ff2ef03837c6e4
6504580c858d25818d21ac70192c4d9cca5d7383ab898c5c261361bd24bf49fd
652c7e2896407f197a067b881ae4cdf2c78e84d0addad71bf09fa2f649c3c11c
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
669ab87d6e0da3d0dcbc8a19bfa9f0381259afed9e90306727c22af21958ac14
675ed5a678c701a3927b202dec21e30bb122d09fd74c0243b43f5c8a35b3d097
6804cb2e54656a9538a8665f49871cd25342149186058f15dcff3ad8010fa663
6a541ce13f06a25840bd4d5553c81c69ccfdfa9b9185d38047cdc695d1943e13
6a5cbf71e42d824a8521271667134119ea9cd142df7c4695a2a086330f598195
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
6b6688a87e98de3c67336fa95975425fe96ee1542cb24dc0ada2ecce2ea520e4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56
6d4f8add7514dccaeba88f91fefc54c94ab39db361eaf14f83077251d80667ea
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
70462a41aae0604500903ea181d7fe0e541df0b3c19c98601d78d3babb79ba6e
732cfb9e8195124d0de68f42d1986f23f136204a635b742f6a21b5d2fa410747
732e0d6a01f41eaaed6e382bd56660f1e83b35b4ae2b88da56a9627f851d4a72
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
783d5ed4ab597fcb537adf1198eb21dcc9a3ad709e35e3990e1b2c0c82529712
78cd36825ff7fe418bc1cc55c8a8da6393ea6d0ac93cb6c7dede51a8c36c2003
7afc50ee6b88385ff5cc080effdb2569799e675cc73dac1796c64f76241031ed
7b0a25611d72619c84f6fd73f37803c487a1d76bccb7d69667468f6d9ae47226
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
7f8856ff1ff89286417c0f54c072a31382ff8de05574200e95d54fe7f1029429
80016c93b52d6e02b0a6f3d70e0cb3ab14daec15c724ea1d25fc1b9817f63d09
80bc50a58ea569d7e3d06715156d6b85e34ebd9ed955156dae429d8ba0266c2f
82038e32e5f87c7fe6a3d48daf77a8df949d6450f5d8b6d2b59ed61ee3fd9122
8249609a5ea84e2fa5aa50189966514bfd1d0d348652c7457a410a08a0aedc87
828a04af2baf687519dbb94dc7d71a5818447a7a80d35e0755d43faca5920a6c
828ab284d9344f5e857b9912f918eba455b9153e56105cfdd9d41c2cb8036967
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852d09ecec187be7ccf1659cbc3c2df55e135c60dbc528da7f4e7c4d5d295f14
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
86e1ab899e8fcc225875d4c787e1047170a3cf60fe09980e923d486c0e3ee718
876320ce54f218dd6ef3548e59ead4b4a847d8bf577775217fb35cbca310f690
88264cc85290ba1390977a33b7d7d0b95a6376b9f58ef4e63125d6d24f89b061
8ae23d8dd10f04553d5daf46deb56c99f165997a9e55dee3a0d88539e569ec9d
8ae57f6d2c50857bdbeb9503496872bf0242e66e6238a52b673d31390ebdfbce
8b3ab5cdabbe38d8f2a79c1542d7112097c2db72fb35ff574489984a976c70b8
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da8d423442f0f88e3278be32437dabb008d3d30098f6eb03db3efa33e3012e8
8e6f3369b246015e8e19f4039bdfb975d8a3ab412527a7921e0f9b6227c26b79
92c8a941db83f85adf50a261ab77e6604ab367b9d4173fd8e0c8625aa2b2de7d
938be9a666ad7c7f2d3433915964417613c1a0a3a7de7261f7f9420747f9702e
93d17db831949a76bca78132ab15f8a476826d47ca1b4da7bd46b150fa3dab4a
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
972d79302a870930285d018117ee9631df364aa903e7a9606592532389f7f82a
97c6107ec1222df722b2e92b77710a629b5afc75161714d3a8aa71093558adfa
9813cdd068499b5e6921ee12da0368b031adbc920018f262d024e1d6171ad336
98fe4dc01e876dc895850bf55aab908afb2650dccb3d37962a374524487abb6a
9a094dd1c1c8390ffdf850f77aef8e316ba2cf09747bc217611f8afc7c7bbe88
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9efeacd096bd192e4653b3b6b845b49677612e6ffb1a116ad36b4a19aa52d3e4
9f186fc1469627d743e88bb77d005608c5580f6032e801f2ab942c31bcf42182
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e9a2b848973785f4f400dd77966e21a131139420a66e06830e09f9bfeba7a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8d20d16f3cb6c5bd03261633be858c2e6f45b9f0483bf68ac3c11d32d01dfe8
a9a571f248c079ddb6b85fcc9de133be14373793753515fd987440482efb369a
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9e608e9bdf2d6a57a4446504074c8be222fcbd1a6c147598fa56e0c65774036
ab64afe15148ecc6b4e60da8c6b1797c7c1714117b290a0287a1733fa98a592e
ac9607a1ad5f0b983df0483f632801c86843350220ecb5aa35d6ecc3ccaf19be
ac97b0520a8964b7bbb241a4f2d43f8c473b25b2946451a0dee98d0287a6ab32
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04740d0cb302bc4b87213cb0fb760e6101102cbde2363bc9d730012f24cd49b
b11d00634a408154a8f42b28c8a5ae610e3e3c0871adf61f8a5f0e9aba326eb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
b1702d6ed4432160887777e2713d48a18a9dc4fec4f1caceba33ecb44896613d
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b40c3fa7275e6516ddc40d36bf8c0a1e14350ed26cb91df69dd64c65b5b64823
b556d600c209b70b2d0e87863a6e094590cdc1889bc4c06bffc44822ac417dab
b586d8f9bbff7965cbecfcc8a2835cad788188f261e168afb7642885fdce7250
b7f6b7375a8d4e8fe84de41e4965a070cdddf1866bc8f74f62b54f2f42a2e57a
baa1fb78454a3c122d54e240cf8dda53b88c3d7228fa74fc5834352e4ca06155
baebef129478521986b3226c2cb8b21b16898d0ca819cafb70588b59458e9f3c
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
bda246b0d41638ec15275ed1c61e7cfa72ee79a16274e4c1c329a5ae7ad5e850
bf0a31782e24b8ab416b61bc7d92a97572402844407bf741c78e4bcc1ce41d99
bf14b9bde0a0d3dbb572605c05f9c778882b37786ca4abeb6ffbb40229be03c2
bf664e97b9718d1bdf93332ead28209fb5affbf20dd03bf90032874f3b77d864
bfa903c2517735d74df7f6fa7692b5ef65dc8fd5fad2be07234fb775616a2c7a
c0b9a8ed160abe932ab3f602393be98cf69f7da994aa8456ffb3aef2b654992e
c1c5660c4bfa68d3ac807772cb920befd3ed8f5c159927a1e14e00444a97f460
c201127052b7703eac5f45346f300d9112cffaa5880804b7011f8ddcab4bfe3e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c264d5a46618b3450882dacf7cfc9e1225f68cdb0d91bd6623d225882d41311a
c2bc7b55137b6b264bd6069823ec2b3587f7edcaa5bcc298a82cf2e5debde55d
c3b96f7c909bf426eb41e8d63b19ee5da9288e3c3e9d4fc6197c900a524ad425
c722c9d4aa3eb331820aa4b8c3ea7db82f6540116554700b31ec5943a6671885
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
c7989b98fc2d7be785da753fe469d9a107e8fc3af43960ed891c01c222f81be9
c7c79ba62a21dcda50a5357593192fd16a8d791f1e2cb51a3b517db0e317676d
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca81e92afddd31983e87289302f8509ef0c11859698dd5892e1c3edaf2d8bfd0
cb6bef59e750d0d7e68aede84ed4941a232c426326e966c8e3407bc7487214bd
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd2dae33970747c9ba465766199c26b2c12be9e074431ab67ae12db83f337b61
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d35edf1d5969e98504cf78d3c75c4d1ab251dd2b0e13de6f0e7644b88c9c35d2
d4f9959ccfa009f125ce2962185986defc165a0a2c03d9b046b998fe27294f9b
d5b762d4f371a4124e6869a66ab7932199ab1847c7e558ac519dfc9ae992e369
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d9d3b87cd2173d0cd06047a9fc1d21a0f5884ff8c3e7b75f93688af5325e523b
db3cf1ecdf4ffd203c43b5dcaea776c6ba063d25572870f30368001639c1d4e0
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de908e93aea0cafaa888a7bac1484a103fc232571a8d409b0913acc3c4f82c43
ded94a1158c0f6ceaedd2db79f51c759fc6dd4986a30177da103c33b4477ba53
e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e43a56749e5d70e82e70908949f3527f8c5455468e69b010c7868a8c64460dd1
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8f084af7f40a22369c3e784e67da9c39e231e6f324f9639c404be4bc60abba6
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
ee3e792af06bd2d0f3f3c77edacf4aced24d8eb3a47424968339b0f49ef952a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4b741afd0fcdf46637c90c1fc1837c3b7f69f69a637ca8a12db52b4e7713cf
f29b2ceedb4715f748435499d0ecb6e642d03e40a30c3cefe1633da65937cfe2
f30458a9b37774dabda685afb56abdad505d42afe33f4cb6573fe4abe1908bb0
f769f95b84b50c00cd0e3f73498a490b6908e9c0763f5597dd3ee35afa890ed0
f7fdfe188805d1ca16e9d4d8bd86d429672a9364190dffd01c5d1e628573234f
f89e762c6af97937466454722217d150b45d37c223e9094bd376a3d093eacbfc
fa665d202d2f051faa142099a471b8091476fe4a5cebc10e34e872976e018054
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f
fc231e978a78dcba552776d2ffd408110346d288ae8ab4fe06a520d0b55e6a14
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
fe3d9d2eb7df9ba5ba44e095d146a80bb0848e6f08e3c0af56c8b806e7cdb0b8
fef213e96f64a44742910e9b979415cf71b8a63c41b5d5fe73f5308da0578784

www.correiobraziliense.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

442 Requests

87 %HTTPS

44 %IPv6

65 Domains

109 Subdomains

80 IPs

14 Countries

12588 kBTransfer

25223 kBSize

67 Cookies

91 Outgoing links

Page URL History

Redirected requests

442 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.correiobraziliense.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

442
Requests

87 %
HTTPS

44 %
IPv6

65
Domains

109
Subdomains

80
IPs

14
Countries

12588 kB
Transfer

25223 kB
Size

67
Cookies

442 HTTP transactions
7 data transactions