zsshares.com Open in urlscan Pro
2a02:4780:13:815:0:11dd:1819:1  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1

Request Chain 56

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC9PAnU5aokPSg5BRS4q0wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1

Request Chain 57

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1

Request Chain 58

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx

Request Chain 73

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1

Request Chain 74

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC9PAnU5aokPSg5BRS4q0wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1

Request Chain 75

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1

Request Chain 76

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx

Request Chain 93

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIfD1aMpZ1qYqCGus05-Px4&google_cver=1

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEHXwyrto-iTPtZMLDpCs1gU&google_cver=1

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ0oyCUSA97EWSLOcEzeVMU&google_cver=1

Request Chain 138

• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=cd486785-d4ce-11ed-b25f-191344880406 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2Q0ODY3NDYtZDRjZS0xMWVkLWIyNWYtMTkxMzQ0ODgwNDA2

Request Chain 139

• https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1ERFVkdFVORTJ1RWJnbDkzMEpXMUIxWmxWMTY5dVVlWH5B

Request Chain 141

• https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=19429846202&bidurl=https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jdPQjNE8SZtOEDSIU9nDnE&adContainerId=brand_safety_Ak8vZOmVJIOn3gON16KoDQ&cbFunctionName=goog_wrapCb_Ak8vZOmVJIOn3gON16KoDQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fzsshares.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fzsshares.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:a9c84382-91c3-7556-ebcb-9a7c066ab554,c:935qMd,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-j6v2f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tAGVTLf+11%7C1211%7C1212%7C131*.990511-61634100%7C1311%7C1312%7C1313%7C1411%7C1511%7C1512,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:cd1fad01-d4ce-11ed-9514-321dbde8f670,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js

Request Chain 168

• https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
• https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN0fXXn9CBakJ9ZPicgNd-g&google_cver=1

Request Chain 256

• https://gcdn.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/21F8EFC4E17EA27D9D4DBC1237DB969D7FCC2A56.8516D2802976BAE426E5734132563DED7E80DD53/key/ck2/file/file.mp4 HTTP 302
• https://r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C492646E1324515E1AADE4DA415F79429BC49DE.1C02BDC3A6A7A01E1FA69766BA2B957416273B3B/key/cms1/cms_redirect/yes/mh/gs/mip/2001:ac8:20:3b00:1011:4651:b353:9507/mm/42/mn/sn-5hne6nzs/ms/onc/mt/1680821335/mv/m/mvi/4/pl/49/file/file.mp4

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/	149 KB 55 KB	634ms 207ms	Document text/html	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.33 Resource Hash 4a35804a80f6215aebccaafb9b84cbf7b1eafd27a1602db17f74c0a05294aba5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 55314 content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Thu, 06 Apr 2023 23:00:16 GMT etag "28293-1680745661;br" link <https://zsshares.com/wp-json/>; rel="https://api.w.org/" <https://zsshares.com/wp-json/wp/v2/posts/684>; rel="alternate"; type="application/json" <https://wp.me/pd6m2D-b2>; rel=shortlink platform hostinger server LiteSpeed vary Accept-Encoding x-litespeed-cache hit x-pingback https://zsshares.com/xmlrpc.php x-powered-by PHP/7.4.33
GET H2	200	wp-emoji-release.min.js Show response zsshares.com/wp-includes/js/	18 KB 5 KB	209ms 206ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Thu, 30 Mar 2023 00:59:32 GMT server LiteSpeed etag "4904-6424def4-35ce6844506b62e9;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4605 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	style.min.css c0.wp.com/c/6.2/wp-includes/css/dist/block-library/	95 KB 12 KB	46ms 12ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/css/dist/block-library/style.min.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Fri, 10 Mar 2023 00:22:37 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	mediaelementplayer-legacy.min.css c0.wp.com/c/6.2/wp-includes/js/mediaelement/	11 KB 2 KB	47ms 12ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 29 Sep 2020 15:53:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	wp-mediaelement.min.css c0.wp.com/c/6.2/wp-includes/js/mediaelement/	4 KB 1 KB	47ms 13ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/js/mediaelement/wp-mediaelement.min.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Fri, 07 Jun 2019 20:45:02 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	classic-themes.min.css c0.wp.com/c/6.2/wp-includes/css/	291 B 354 B	47ms 13ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/css/classic-themes.min.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT strict-transport-security max-age=15552000 last-modified Mon, 13 Feb 2023 20:50:19 GMT server nginx access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 291 expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	style.css zsshares.com/wp-content/themes/colormag/	102 KB 15 KB	208ms 207ms	Stylesheet text/css	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "1967f-63d99a4d-b840e286147aefb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 15568 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	font-awesome.min.css zsshares.com/wp-content/themes/colormag/fontawesome/css/	30 KB 7 KB	209ms 208ms	Stylesheet text/css	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "791c-63d99a4d-ecda2eeb4a49e398;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6633 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	social-logos.min.css c0.wp.com/p/jetpack/11.9.1/_inc/social-logos/	11 KB 7 KB	56ms 22ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.9.1/_inc/social-logos/social-logos.min.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5af9881e63eb82017b7f84922fa8ba9928bcfb4416eb3579f1b3528263003a18 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 14 Mar 2023 19:58:29 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	jetpack.css c0.wp.com/p/jetpack/11.9.1/css/	97 KB 17 KB	56ms 22ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.9.1/css/jetpack.css Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 79d10641c6d35e4e40683d5297eb7f52c0071e3b5e8247725118ebe08cce1b57 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 14 Mar 2023 19:58:29 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	related-posts.min.js Show response c0.wp.com/p/jetpack/11.9.1/_inc/build/related-posts/	6 KB 2 KB	56ms 23ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.9.1/_inc/build/related-posts/related-posts.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 07 Dec 2021 16:56:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	jquery.min.js Show response c0.wp.com/c/6.2/wp-includes/js/jquery/	88 KB 30 KB	62ms 29ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/js/jquery/jquery.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Wed, 08 Mar 2023 18:37:33 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	jquery-migrate.min.js Show response c0.wp.com/c/6.2/wp-includes/js/jquery/	13 KB 5 KB	55ms 23ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Mon, 06 Feb 2023 20:59:15 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	77 KB 26 KB	104ms 51ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a74af82abcfbdc106aa49e096890775071acf5b60b63f12eaf537abaa509fd27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25655 x-xss-protection 0 server cafe etag 409 / 19453 / m202303300101 / config-hash: 10004049301988528966 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:17 GMT
GET H2	200	cropped-minha-logo.png zsshares.com/wp-content/uploads/2022/12/	201 KB 201 KB	213ms 212ms	Image image/png	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://zsshares.com/wp-content/uploads/2022/12/cropped-minha-logo.png Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash cd0c726f8199ae25468022e2200b62adedbe1a9c10005e8607e516b4b0416e6d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Fri, 03 Feb 2023 16:08:20 GMT server LiteSpeed etag "32514-63dd3174-d63ebab2da8edba6;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 206100 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	audience-g56c6c5f18_1920.jpg i0.wp.com/zsshares.com/wp-content/uploads/2022/02/	83 KB 83 KB	52ms 13ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/zsshares.com/wp-content/uploads/2022/02/audience-g56c6c5f18_1920.jpg?resize=800%2C445&ssl=1 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 4540fe8b3967f5347a8dc2970ba571922887ff9a9d1818fc62831244b945ffcd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 4 date Thu, 06 Apr 2023 23:00:17 GMT x-content-type-options nosniff last-modified Wed, 05 Apr 2023 19:38:45 GMT server nginx etag "0f8ac39154ce8215" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://zsshares.com/wp-content/uploads/2022/02/audience-g56c6c5f18_1920.jpg>; rel="canonical" content-length 84866 expires Sat, 05 Apr 2025 07:38:45 GMT
GET H2	200	photon.min.js Show response c0.wp.com/p/jetpack/11.9.1/_inc/build/photon/	685 B 348 B	13ms 13ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.9.1/_inc/build/photon/photon.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 07 Dec 2021 16:56:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	comment-reply.min.js Show response c0.wp.com/c/6.2/wp-includes/js/	3 KB 1 KB	12ms 12ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.2/wp-includes/js/comment-reply.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Fri, 08 Apr 2022 20:07:18 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	jquery.bxslider.min.js Show response zsshares.com/wp-content/themes/colormag/js/	23 KB 6 KB	210ms 208ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "5d92-63d99a4d-59e26ca85ff0ab8d;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 5845 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	navigation.min.js Show response zsshares.com/wp-content/themes/colormag/js/	2 KB 600 B	211ms 209ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "61f-63d99a4d-3b73450b41932ae2;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 537 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	jquery.fitvids.min.js Show response zsshares.com/wp-content/themes/colormag/js/fitvids/	2 KB 698 B	212ms 210ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "6da-63d99a4d-6e7f149008bc364e;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 635 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	skip-link-focus-fix.min.js Show response zsshares.com/wp-content/themes/colormag/js/	325 B 233 B	212ms 210ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "145-63d99a4d-c639909f470dece7;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 171 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	colormag-custom.min.js Show response zsshares.com/wp-content/themes/colormag/js/	3 KB 1 KB	213ms 211ms	Script application/x-javascript	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "be2-63d99a4d-aa391e03869d834b;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1017 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	sharing.min.js Show response c0.wp.com/p/jetpack/11.9.1/_inc/build/sharedaddy/	9 KB 3 KB	17ms 15ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.9.1/_inc/build/sharedaddy/sharing.min.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams 2 date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 07 Mar 2023 19:14:38 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 23:00:17 GMT
GET H2	200	e-202314.js Show response stats.wp.com/	9 KB 3 KB	51ms 12ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202314.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-nc HIT ams date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br server nginx etag W/"62f6b688-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 31 Mar 2024 08:51:28 GMT
GET H2	200	OpenSans-VariableFont.woff zsshares.com/wp-content/themes/colormag/assets/fonts/	78 KB 78 KB	402ms 400ms	Font application/font-woff	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "13944-63d99a4d-af192017aae396a8;;;" content-type application/font-woff accept-ranges bytes platform hostinger content-length 80196
GET H2	200	fontawesome-webfont.woff2 zsshares.com/wp-content/themes/colormag/fontawesome/fonts/	75 KB 75 KB	408ms 407ms	Font font/woff2	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "12d68-63d99a4d-1efc0a9139ac32c9;;;" content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 77160 expires Thu, 13 Apr 2023 23:00:17 GMT
GET H2	200	OpenSans-SemiBold.woff zsshares.com/wp-content/themes/colormag/assets/fonts/	78 KB 78 KB	409ms 407ms	Font application/font-woff	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "13938-63d99a4d-5b5a264f949580e;;;" content-type application/font-woff accept-ranges bytes platform hostinger content-length 80184
GET H2	200	OpenSans-Bold.woff zsshares.com/wp-content/themes/colormag/assets/fonts/	76 KB 76 KB	418ms 417ms	Font application/font-woff	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "1314c-63d99a4d-9ba8aff8b37eda8d;;;" content-type application/font-woff accept-ranges bytes platform hostinger content-length 78156
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d Request headers Referer Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type application/octet-stream
GET H2	200	OpenSans-Medium.woff zsshares.com/wp-content/themes/colormag/assets/fonts/	79 KB 79 KB	418ms 417ms	Font application/font-woff	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/assets/fonts/OpenSans-Medium.woff Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4a31a8733940d9d2cb4e98b82b96ecb180ce1de0fc2a8e6397e6bba48aa33c46 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "13aa4-63d99a4d-74594a58a466e6f;;;" content-type application/font-woff accept-ranges bytes platform hostinger content-length 80548
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/	397 KB 123 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 11:14:15 GMT content-encoding br x-content-type-options nosniff age 42362 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125910 x-xss-protection 0 server cafe etag 14470834828239977126 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 11:14:15 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	68 B 77 B	60ms 42ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=zsshares.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 085d7534a132c3f716317437fd1b405b19dcb822d0599a704a0f9ef247023531 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:17 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	71ms 22ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=zsshares.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	55ms 14ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=zsshares.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 349 B	65ms 44ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_etu&pvsid=4110757253356433&vrg=202303300101&nw_id=339263271%5C%2C22414971656&nslots=8&eid=44785729&pub_url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&rsn=4 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:17 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 7 KB	1793ms 1793ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2CAdex_zsshares.com_interstitialll%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C300x250&ifi=1&adks=1221781771%2C3066938067&sfv=1-0-40&ists=2&fas=8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1680822017590&lmt=1680822017&dlt=1680822016923&idt=612&adxs=-9%2C245&adys=-9%2C1205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=0x-1%7C770x-1&msz=0x-1%7C770x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e5e3848aa0c12afe6b6243dbf0c78222bbab81394a7fbe0e472579d100d95d54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7336 x-xss-protection 0 google-lineitem-id -2,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	30 KB 10 KB	469ms 468ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=3&adks=3184212204&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017599&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41cbaa913d1ac6ed142035fc529e3bb91282b762169896e5df7c285828f3d233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10290 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	90 KB 37 KB	1188ms 1186ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=4&adks=3079884015&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017602&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=2398&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0323673eb7b62ba2ff724b9d87c40765d035f310c79ff51508940b1c5258ab38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37603 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 7 KB	912ms 910ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=5&adks=3079884014&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017604&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=2834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f56d93a23007faa3e3a241440bdd94367714d28f3bca7bad9aeba19a0b2cb005 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7312 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	76 KB 23 KB	2063ms 2062ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=6&adks=3079884013&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017606&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2be1bd39e8b0dd9ee7d63ef4f6d790cda4cfaf541c74178e94b03a4e64b22230 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23809 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 7 KB	675ms 674ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=7&adks=3079884012&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017608&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=4191&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 457464632dab5a89a0851ad67d962a07d841d90f67eeb752b809d74ae9ce283c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7429 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 7 KB	1443ms 1442ms	XHR text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4110757253356433&correlator=763391293550564&eid=44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=339263271%3A22414971656%2Cadex_zsshares.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=8&adks=3079883987&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680822017611&lmt=1680822017&dlt=1680822016923&idt=612&adxs=245&adys=4831&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fzsshares.com%2F2022%2F02%2F15%2Fassistir-futebol-online-veja-os-jogos-com-qualidade%2F&frm=20&vis=1&psz=770x-1&msz=770x-1&fws=4&ohw=1600&ga_vid=956602259.1680822018&ga_sid=1680822018&ga_hid=1141690023&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 48964ca656d3ab4d40b2113a350f7b6df3df791edfcf2a0d60247a41db05c3af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7267 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://zsshares.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 220A	6 KB 3 KB	74ms 18ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/	33 KB 12 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash aefb4605e33667c5eab919352461823eb85bb1269482bc2c58d1446e1fe71b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 20:00:21 GMT content-encoding br x-content-type-options nosniff age 10796 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11892 x-xss-protection 0 server cafe etag 14369727199939890373 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 05 Apr 2024 20:00:21 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	24ms 13ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=193607067&post=684&tz=-3&srv=zsshares.com&j=1%3A11.9.1&host=zsshares.com&ref=&fcp=1159&rand=0.3185808337111209 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-origin * date Thu, 06 Apr 2023 23:00:17 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H3	200	/ Show response zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/	3 KB 1 KB	209ms 207ms	XHR application/json	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/?relatedposts=1 Requested by Host: c0.wp.com URL: https://c0.wp.com/p/jetpack/11.9.1/_inc/build/related-posts/related-posts.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.33 Resource Hash 0fabcc84d8a4fc33123bec91d45ebcd9edfce76f32a63d6c9e5229ddc76f368b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff Request headers Referer https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:17 GMT content-encoding br x-content-type-options nosniff content-security-policy upgrade-insecure-requests server LiteSpeed x-powered-by PHP/7.4.33 x-litespeed-cache hit x-pingback https://zsshares.com/xmlrpc.php etag "28322-1680746149;br" content-type application/json; charset=utf-8 vary Accept-Encoding platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1130
GET H2	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6966	6 KB 3 KB	19ms 17ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 683A	624 B 687 B	44ms 41ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGJDBkeIBMAE&v=APEucNWKY9P8no26Cvv3gOayZP6ikojbxZ-8midxRKqYMZPXp_yg84N1KeDRltMtS6dGF2E6bvTb520_MPEt23CDLBIJtKH0icZWxUhZXEEKew03IQqvWLul4O4ZlB6Vleg7bJF-U8NNbJDzaQ4al3tqNfZQq-FZ_pO7MXSj61By_SlL6YYeyGo Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:18 GMT expires Thu, 06 Apr 2023 23:00:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 2AE4	78 KB 28 KB	111ms 107ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28043 x-xss-protection 0 server cafe etag 15270303690107644053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 2AE4	2 KB 1 KB	137ms 38ms	Script application/javascript	2a02:26f0:6c00::210:ba19 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29365277&plc=359199019&sid=5775970&dvregion=0&unit=300x250 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 06 Apr 2023 23:00:18 GMT Content-Encoding gzip Last-Modified Tue, 10 Jan 2023 10:59:51 GMT Server Microsoft-IIS/10.0 ETag "2d4a10aae224d91:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1170
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2AE4	3 KB 1 KB	108ms 39ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2AE4	20 KB 8 KB	105ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2AE4	159 KB 49 KB	58ms 41ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AE4	42 B 110 B	55ms 52ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BE8s8U-xOe1NnMmtQcFa0QtaABiP_jMnvB4PVfmTfham6-wJYgGsuno9Y4TRVjv4H0lGdnMdf_E8oRXjjAO_bkqQ-W2Prnr2fXL0LVC9U1rqfGRsA Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AE4	0 56 B	52ms 51ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15215314333841595231&x=1&ct=76 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 683A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1	43 B 766 B	41ms 38ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGJDBkeIBMAE&v=APEucNWKY9P8no26Cvv3gOayZP6ikojbxZ-8midxRKqYMZPXp_yg84N1KeDRltMtS6dGF2E6bvTb520_MPEt23CDLBIJtKH0icZWxUhZXEEKew03IQqvWLul4O4ZlB6Vleg7bJF-U8NNbJDzaQ4al3tqNfZQq-FZ_pO7MXSj61By_SlL6YYeyGo Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 683A Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC9PAnU5aokPSg5BRS4q0wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1	43 B 766 B	30ms 29ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGJDBkeIBMAE&v=APEucNWKY9P8no26Cvv3gOayZP6ikojbxZ-8midxRKqYMZPXp_yg84N1KeDRltMtS6dGF2E6bvTb520_MPEt23CDLBIJtKH0icZWxUhZXEEKew03IQqvWLul4O4ZlB6Vleg7bJF-U8NNbJDzaQ4al3tqNfZQq-FZ_pO7MXSj61By_SlL6YYeyGo Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 683A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1	43 B 1 KB	48ms 30ms	Image image/gif	185.89.210.212 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGJDBkeIBMAE&v=APEucNWKY9P8no26Cvv3gOayZP6ikojbxZ-8midxRKqYMZPXp_yg84N1KeDRltMtS6dGF2E6bvTb520_MPEt23CDLBIJtKH0icZWxUhZXEEKew03IQqvWLul4O4ZlB6Vleg7bJF-U8NNbJDzaQ4al3tqNfZQq-FZ_pO7MXSj61By_SlL6YYeyGo Protocol HTTP/1.1 Server 185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT AN-X-Request-Uuid cc2c2f5c-3f97-493a-a644-9d21604d863b Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 683A Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx	170 B 243 B	37ms 37ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGJDBkeIBMAE&v=APEucNWKY9P8no26Cvv3gOayZP6ikojbxZ-8midxRKqYMZPXp_yg84N1KeDRltMtS6dGF2E6bvTb520_MPEt23CDLBIJtKH0icZWxUhZXEEKew03IQqvWLul4O4ZlB6Vleg7bJF-U8NNbJDzaQ4al3tqNfZQq-FZ_pO7MXSj61By_SlL6YYeyGo Protocol H2 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 06 Apr 2023 23:00:18 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid e8f0770f-cd07-4bf4-9aac-f87d32ee547d Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	OpenSans-Regular.woff zsshares.com/wp-content/themes/colormag/assets/fonts/	78 KB 79 KB	217ms 217ms	Font application/font-woff	2a02:4780:13:815:0:11dd:1819:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://zsshares.com/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff Requested by Host: zsshares.com URL: https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:13:815:0:11dd:1819:1 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 543ceb846af6fbfff9fc58f1e53994f3f191116c51ca95de3ce75d675c50ea66 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://zsshares.com/wp-content/themes/colormag/style.css?ver=2.1.8 Origin https://zsshares.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-security-policy upgrade-insecure-requests last-modified Tue, 31 Jan 2023 22:46:37 GMT server LiteSpeed etag "13998-63d99a4d-40f65a42b1e394dc;;;" content-type application/font-woff accept-ranges bytes platform hostinger content-length 80280
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AE4	0 20 B	60ms 53ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7545222042197&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AE4	0 20 B	60ms 52ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7545222042197&version=m202301230201&ct=76&x=1&cor=15215314333841594000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 2AE4	15 KB 11 KB	77ms 60ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DApUYf92PQaMiuMla2JZkyb_KvF3HLMKV_XEXPdF0mJGp7luPj4CFHeIrBR3j_oltClkGi3-YzCFZf4du9nVoQuKgC6inwSDjEXIGvhzPzXFQ1dRsOjWvG4FM-CEWWAWW9CjhTlx536WRlxuZ3lmERRcLLWGF5wOb60EBxRWs8mO0nI0Q&cry=1&dbm_d=AKAmf-C2CPrKn0fbisLwGhyxnIbZ9gtgq31cfaqoUKNRt-v43Hv09qfnd4H6hI9S55-nohjJi6IQE5Fy_vQS1drW-P6_n8udOpzn5zCJNyD_NYs0WcsgnsB_ec_lzhZbw8S6JVjj1Z7fwnGeSlu5AVHkTs-lrOT-X5ukcaU4rBjGgJTFPUPg9_oQzMVtJY8-fw3fTxtD744ftMQKF44eHUbGwk9aB_LQNE1mcSPs1pIhxQInmWAPbJMa4epoKx7NnjnIEU5rt8inOPKfnGoSQV3ZxB-ZF9eP-Ap40cX7BBcIDbDtjnbrCkChg9Yc6fjL6uOAUQjbPD3v-HCmlfDQoclZy30xPJ-nB_h6agr4cOaaaYuX5S2V_1NBECsXXRLAnBi1gGwcQQdXNr5lD0ih_C1n4E2-QjqCZPxbpArdQdhoQzZ4EbbOM8mUVflk43kJ-eKFTUv0Sk--jQMHZiKLfjVRskYHPdzYQrASrFCAttx6ZQkqyg3eBUB5GjJ-nUAF7sjXa7jbAhXURt4Wx5W7yWG1_pI6GxQxU4MBL1JaZ9_jH9KY6An-9xJJeIPLpmZ6_I849o7jP36CF4Nwip493SVs61Z_ewIKSvIIxMW4UaR0o3VSmD5qy8sZtNBfrc_CYOlWjR6gkh3-Pwg_CNcNbMhCf1CUbQ2rOXwxzGDFFKhMAbL_PHz0k8vEQe3t4yPuzRZotk-5AeFHnraVQB7OxPiOQ2VDQmYvImKON4JOl8xuUqobgxNQTXHYPrZMs-4p3tOCkaPQXZ6paQ_lLl3SdJHHg62tTxnQCiNLAiZIADGJcTr2ZGfVmAJrXgnydd-gqUB-EOzBAvH-ktz6EHEA9Gct-BcbKUcG5z-e9O53NzwFLbSiTAzwDxE34W6p_kbLV2PqKw2ssWW8Y-f9Kh-l64sFGfefLA0Q-S7ZcO6DaPBikGvchJD_D4brvDo_MPygvHZ4WMiyHImN36FFoikD2T_4vnuVlKzNDAmi6RiHE26-wvwohN1yw-yYCtMrKhPHTZW3IJtLi278SvwUhsr3FMYK1ncsldhMlQI-VHuuLo5vcYojHqiv_xg5L-OjAOLGgX__llFqdIzGTOzyc3SRPhmn5XgTCfPUyyV-FeZBzuVsnpNHXnbTjqGmbVm80w8OqUYT3YAOsO-pDB7q0OAsOSoZ7rb6EyFCIGykzN6Du_RR-wcveGOcS-hsNkfATDXCOyM6I3jcI8RkpG-hj5liF-KMGFMxVHQvCZrCY6_isa76y5f7zS_dPrfWvqQJYsI0EzzGZ_jU7K0dgoMXKQWFCUK7_2Nxt9jW6ft4je56X0D9StgudoQzGnPG-EeDfbEpyWfJtjeujlyAenrClFb0L-x2fjxjfV_8-wMPjTNj5SjASN-Xmw1w488bH0dYMFeuypiEJMng4wJm1B7eqq0QR7NlYV5uPCfiII8-1KWGXVeqCu5Sq0nyP2nKmF1_dOTNYnFkOQf1BnkgYVt-qWbt0iotl7kVVHESGjep4CCP9PuiQDjAPkDNb2lB1JRtqHDHeNwdcE7hJgsu0etpKO8kg3k0AAlrKm9j_Q4z6jzZBUW7HyiekjEVzNHv_pjuDA67eUj9cVL6Ypt4ib5PSoOsufC3sD9V_dDpqstdMubBpMqrzXe7YplTgiR5Cy_siANrsVk0O8so-YBoXjPfDRtCAzdnvT1iOpmPYyZuaBaFtveXCu35Dyqg7CWDRQ_hqPvBhc6bCMniIER8rODNxne6sQseI-Sp57EOfEDsmshN9SQkA18f2tuwVZ1tc9eHr80EudBbINY37Vil4dV5PY4Lqe_q2DSX05fHdWrW_mN-8M1Cg8L9Ix2GJf_cqcRrpyTyOVxjzQ7eOnP0pBc4Kjlv-br5Qv11dL5YHElykbL4mdRmeYNNQMWSiyXcytnwNQs6wpyhcDLM-B7ThN7RHK34FExYJ3Cv5mUehlt9U9KJVl3hIdlmafWYTmilrjHuTLwbaDBYQr-95HGJ4Pd6K_XydFXNb41FZT0-EA0BYDvrjrjc4OA5O8LLOfOg1uY8r26z3LPbv8npUmyDWB8JFw4XT-UlrDXtKzqK1RiRG07Tt1dQGpDEb5ebDWgEv1H_aEHXg4_Mh1WVgIvfm3XBHSbnkM_uvBb_DpXvo6wg8FH4kbfXTBsZbZQ9V87jT9V9dAA-s1Mk7le_F3a4BKAiUT4qZ2x_wH3Eo-luxPjyXucY5RpoggPijOFEbrJ1cdruwLHzIHKZiIvx3IP1WyKs6zbka3ioqnl9WzLywkpJc1Fo2iZ10pC-nMjF7ze1gJKsnghr-e47ZRzyTMleE3LzZsgQSzncfGovXd9kbxCcGunqIOCDOqpqDS8mD0WcZF7XsLo39EefAKw-sxvQ5fiQ_9BbWtFlvYZWHngeQgL9CoNSQ9lTWOndH8w6BlwBopKgJR4zIreRhCgVewAulQzkWIqMJUrCTg4yiDDRoVhezqIucL6GdjTCpv-h55hNttRsw1tK8fjUAbEav2s4ML77MsCOGXhTumzjLBK2QvOvmpggXt1ObDbDSKEm7ucbWXh1Cp_yh6N23gU_CCK_TkVC-nn__I-b7dRe9qlvBBgghhXGMlt94v8QvZ3ODGigmap1EHSafHG4tLvN7gWS51ggmmUvWS5lLMGA5dmhEDAEIrJ4lvYJn2nJpoCLYwumhqDDGpClaYkT9apjAaf6H0b2lmxTiF-jH29BkmqzNjrgmcCjgCYWjqVh18kaF5EiHEmL6YAxeqQlM28BNh9mJajw4GybKp8lOCcznlUox_SlvnDWemfmYvz-7euCo8DQnXB14pqXfriQGfJqGZc6FkZR1Y8Ow69_XnCHORfnI-elp7PLjurr5x1x8IHRcnzVDEoyDms0mdeoT2YSipHugnNZr0LkouHdFcabEF3XN8Jl1I0JdH6BvlOfBIEQu419ilLL9wpDLbqejuEXf4FyXKYNK9yjPxIB8QGtoB3HGKeWldOJ7FsBzjzSLiKPkOSKVjuT2hnsiqZi632zt0wF-sx_QrZpPZbYktB0ZKyLvSvb4IMJmzFfHSsyoVllkVA1Ei1YV2SMkFIICVsr5dLI3pnSzZfKEPyrO6r9wNcwJMVqGSdJ10gtAN_KBt3OVME&cid=CAQSTADUE5ym8EKWvnD0g3kLzKOGJYFB0mWbQ1l1r1xA3IOk4sAZZEoso6-EtXZL8_Bdq89BDyvv5r4_PGW2vNdH5OTT4wN7EI9F3JENLioYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=15215314333841594000&adk=2307692975&idt=137&cac=0&dtd=9 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 047dbd975e4a9069b2a5bd6de16a4e58d0e66ed48eb95be55ca0ae53b6d5aa8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11265 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAF0	6 KB 3 KB	27ms 19ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame FBBF	624 B 245 B	60ms 56ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVNbpdqvmq9NoX0mX5309KS_bdzpB8ypVTgs28B4E-sxEzv65gmuIkRxO4epu1VgvqGtwCoWRtKqRrsh37twe_Gvy8bfCmWq2phucQUmUeWVb2fF3KP6SQhT6slky2HiKwhDMiipzbW6axJFUim9zbJqUjUsWe00v_a8y3Lpd_dipdeftU Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:18 GMT expires Thu, 06 Apr 2023 23:00:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1CF1	78 KB 27 KB	182ms 180ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28043 x-xss-protection 0 server cafe etag 15270303690107644053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1CF1	3 KB 1 KB	42ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 1CF1	20 KB 8 KB	40ms 35ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1CF1	159 KB 49 KB	48ms 44ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1CF1	42 B 63 B	74ms 70ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKKly8fehzg2MaVV3NLlXxB5HjglDMcLdQNZGalolZvqjtvZ7i4BiCVX9420os-sZ_F-AvfobJccI6c26E_KYbt0X9x7j9NyFVWv14vw3Eyj86xWA Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1CF1	0 20 B	81ms 78ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7298584160913818670&x=1&ct=76 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2AE4	41 KB 15 KB	35ms 34ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DApUYf92PQaMiuMla2JZkyb_KvF3HLMKV_XEXPdF0mJGp7luPj4CFHeIrBR3j_oltClkGi3-YzCFZf4du9nVoQuKgC6inwSDjEXIGvhzPzXFQ1dRsOjWvG4FM-CEWWAWW9CjhTlx536WRlxuZ3lmERRcLLWGF5wOb60EBxRWs8mO0nI0Q&cry=1&dbm_d=AKAmf-C2CPrKn0fbisLwGhyxnIbZ9gtgq31cfaqoUKNRt-v43Hv09qfnd4H6hI9S55-nohjJi6IQE5Fy_vQS1drW-P6_n8udOpzn5zCJNyD_NYs0WcsgnsB_ec_lzhZbw8S6JVjj1Z7fwnGeSlu5AVHkTs-lrOT-X5ukcaU4rBjGgJTFPUPg9_oQzMVtJY8-fw3fTxtD744ftMQKF44eHUbGwk9aB_LQNE1mcSPs1pIhxQInmWAPbJMa4epoKx7NnjnIEU5rt8inOPKfnGoSQV3ZxB-ZF9eP-Ap40cX7BBcIDbDtjnbrCkChg9Yc6fjL6uOAUQjbPD3v-HCmlfDQoclZy30xPJ-nB_h6agr4cOaaaYuX5S2V_1NBECsXXRLAnBi1gGwcQQdXNr5lD0ih_C1n4E2-QjqCZPxbpArdQdhoQzZ4EbbOM8mUVflk43kJ-eKFTUv0Sk--jQMHZiKLfjVRskYHPdzYQrASrFCAttx6ZQkqyg3eBUB5GjJ-nUAF7sjXa7jbAhXURt4Wx5W7yWG1_pI6GxQxU4MBL1JaZ9_jH9KY6An-9xJJeIPLpmZ6_I849o7jP36CF4Nwip493SVs61Z_ewIKSvIIxMW4UaR0o3VSmD5qy8sZtNBfrc_CYOlWjR6gkh3-Pwg_CNcNbMhCf1CUbQ2rOXwxzGDFFKhMAbL_PHz0k8vEQe3t4yPuzRZotk-5AeFHnraVQB7OxPiOQ2VDQmYvImKON4JOl8xuUqobgxNQTXHYPrZMs-4p3tOCkaPQXZ6paQ_lLl3SdJHHg62tTxnQCiNLAiZIADGJcTr2ZGfVmAJrXgnydd-gqUB-EOzBAvH-ktz6EHEA9Gct-BcbKUcG5z-e9O53NzwFLbSiTAzwDxE34W6p_kbLV2PqKw2ssWW8Y-f9Kh-l64sFGfefLA0Q-S7ZcO6DaPBikGvchJD_D4brvDo_MPygvHZ4WMiyHImN36FFoikD2T_4vnuVlKzNDAmi6RiHE26-wvwohN1yw-yYCtMrKhPHTZW3IJtLi278SvwUhsr3FMYK1ncsldhMlQI-VHuuLo5vcYojHqiv_xg5L-OjAOLGgX__llFqdIzGTOzyc3SRPhmn5XgTCfPUyyV-FeZBzuVsnpNHXnbTjqGmbVm80w8OqUYT3YAOsO-pDB7q0OAsOSoZ7rb6EyFCIGykzN6Du_RR-wcveGOcS-hsNkfATDXCOyM6I3jcI8RkpG-hj5liF-KMGFMxVHQvCZrCY6_isa76y5f7zS_dPrfWvqQJYsI0EzzGZ_jU7K0dgoMXKQWFCUK7_2Nxt9jW6ft4je56X0D9StgudoQzGnPG-EeDfbEpyWfJtjeujlyAenrClFb0L-x2fjxjfV_8-wMPjTNj5SjASN-Xmw1w488bH0dYMFeuypiEJMng4wJm1B7eqq0QR7NlYV5uPCfiII8-1KWGXVeqCu5Sq0nyP2nKmF1_dOTNYnFkOQf1BnkgYVt-qWbt0iotl7kVVHESGjep4CCP9PuiQDjAPkDNb2lB1JRtqHDHeNwdcE7hJgsu0etpKO8kg3k0AAlrKm9j_Q4z6jzZBUW7HyiekjEVzNHv_pjuDA67eUj9cVL6Ypt4ib5PSoOsufC3sD9V_dDpqstdMubBpMqrzXe7YplTgiR5Cy_siANrsVk0O8so-YBoXjPfDRtCAzdnvT1iOpmPYyZuaBaFtveXCu35Dyqg7CWDRQ_hqPvBhc6bCMniIER8rODNxne6sQseI-Sp57EOfEDsmshN9SQkA18f2tuwVZ1tc9eHr80EudBbINY37Vil4dV5PY4Lqe_q2DSX05fHdWrW_mN-8M1Cg8L9Ix2GJf_cqcRrpyTyOVxjzQ7eOnP0pBc4Kjlv-br5Qv11dL5YHElykbL4mdRmeYNNQMWSiyXcytnwNQs6wpyhcDLM-B7ThN7RHK34FExYJ3Cv5mUehlt9U9KJVl3hIdlmafWYTmilrjHuTLwbaDBYQr-95HGJ4Pd6K_XydFXNb41FZT0-EA0BYDvrjrjc4OA5O8LLOfOg1uY8r26z3LPbv8npUmyDWB8JFw4XT-UlrDXtKzqK1RiRG07Tt1dQGpDEb5ebDWgEv1H_aEHXg4_Mh1WVgIvfm3XBHSbnkM_uvBb_DpXvo6wg8FH4kbfXTBsZbZQ9V87jT9V9dAA-s1Mk7le_F3a4BKAiUT4qZ2x_wH3Eo-luxPjyXucY5RpoggPijOFEbrJ1cdruwLHzIHKZiIvx3IP1WyKs6zbka3ioqnl9WzLywkpJc1Fo2iZ10pC-nMjF7ze1gJKsnghr-e47ZRzyTMleE3LzZsgQSzncfGovXd9kbxCcGunqIOCDOqpqDS8mD0WcZF7XsLo39EefAKw-sxvQ5fiQ_9BbWtFlvYZWHngeQgL9CoNSQ9lTWOndH8w6BlwBopKgJR4zIreRhCgVewAulQzkWIqMJUrCTg4yiDDRoVhezqIucL6GdjTCpv-h55hNttRsw1tK8fjUAbEav2s4ML77MsCOGXhTumzjLBK2QvOvmpggXt1ObDbDSKEm7ucbWXh1Cp_yh6N23gU_CCK_TkVC-nn__I-b7dRe9qlvBBgghhXGMlt94v8QvZ3ODGigmap1EHSafHG4tLvN7gWS51ggmmUvWS5lLMGA5dmhEDAEIrJ4lvYJn2nJpoCLYwumhqDDGpClaYkT9apjAaf6H0b2lmxTiF-jH29BkmqzNjrgmcCjgCYWjqVh18kaF5EiHEmL6YAxeqQlM28BNh9mJajw4GybKp8lOCcznlUox_SlvnDWemfmYvz-7euCo8DQnXB14pqXfriQGfJqGZc6FkZR1Y8Ow69_XnCHORfnI-elp7PLjurr5x1x8IHRcnzVDEoyDms0mdeoT2YSipHugnNZr0LkouHdFcabEF3XN8Jl1I0JdH6BvlOfBIEQu419ilLL9wpDLbqejuEXf4FyXKYNK9yjPxIB8QGtoB3HGKeWldOJ7FsBzjzSLiKPkOSKVjuT2hnsiqZi632zt0wF-sx_QrZpPZbYktB0ZKyLvSvb4IMJmzFfHSsyoVllkVA1Ei1YV2SMkFIICVsr5dLI3pnSzZfKEPyrO6r9wNcwJMVqGSdJ10gtAN_KBt3OVME&cid=CAQSTADUE5ym8EKWvnD0g3kLzKOGJYFB0mWbQ1l1r1xA3IOk4sAZZEoso6-EtXZL8_Bdq89BDyvv5r4_PGW2vNdH5OTT4wN7EI9F3JENLioYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=15215314333841594000&adk=2307692975&idt=137&cac=0&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET H/1.1	200 OK	dvbs_src_internal117.js Show response cdn.doubleverify.com/ Frame 2AE4	57 KB 19 KB	34ms 34ms	Script application/javascript	2a02:26f0:6c00::210:ba19 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal117.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29365277&plc=359199019&sid=5775970&dvregion=0&unit=300x250 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 06 Apr 2023 23:00:18 GMT Content-Encoding gzip Last-Modified Tue, 10 Jan 2023 11:00:18 GMT Server Microsoft-IIS/10.0 ETag "0cda5b9e224d91:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 18840
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FBBF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1	43 B 632 B	49ms 33ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVNbpdqvmq9NoX0mX5309KS_bdzpB8ypVTgs28B4E-sxEzv65gmuIkRxO4epu1VgvqGtwCoWRtKqRrsh37twe_Gvy8bfCmWq2phucQUmUeWVb2fF3KP6SQhT6slky2HiKwhDMiipzbW6axJFUim9zbJqUjUsWe00v_a8y3Lpd_dipdeftU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FBBF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC9PAnU5aokPSg5BRS4q0wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1	43 B 632 B	27ms 27ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVNbpdqvmq9NoX0mX5309KS_bdzpB8ypVTgs28B4E-sxEzv65gmuIkRxO4epu1VgvqGtwCoWRtKqRrsh37twe_Gvy8bfCmWq2phucQUmUeWVb2fF3KP6SQhT6slky2HiKwhDMiipzbW6axJFUim9zbJqUjUsWe00v_a8y3Lpd_dipdeftU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWmG1NUpCU7_xUZpbDjGzU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame FBBF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1	43 B 1 KB	36ms 35ms	Image image/gif	185.89.210.212 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVNbpdqvmq9NoX0mX5309KS_bdzpB8ypVTgs28B4E-sxEzv65gmuIkRxO4epu1VgvqGtwCoWRtKqRrsh37twe_Gvy8bfCmWq2phucQUmUeWVb2fF3KP6SQhT6slky2HiKwhDMiipzbW6axJFUim9zbJqUjUsWe00v_a8y3Lpd_dipdeftU Protocol HTTP/1.1 Server 185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT AN-X-Request-Uuid 3ab034a9-7c0c-4a37-84f5-8fbdcef2af3a Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESECUFfAmcRASdVaOfW6P6uLs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FBBF Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx	170 B 188 B	46ms 46ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVNbpdqvmq9NoX0mX5309KS_bdzpB8ypVTgs28B4E-sxEzv65gmuIkRxO4epu1VgvqGtwCoWRtKqRrsh37twe_Gvy8bfCmWq2phucQUmUeWVb2fF3KP6SQhT6slky2HiKwhDMiipzbW6axJFUim9zbJqUjUsWe00v_a8y3Lpd_dipdeftU Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 06 Apr 2023 23:00:18 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 43dd4019-64d8-458e-b081-e6a9f9f2e46f Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzODQ5MjA3NDY2MjQ3Mjcx Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 2AE4	1 KB 928 B	169ms 39ms	Script text/javascript	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_901104112168&jsTagObjCallback=__tagObject_callback_901104112168&num=6&ctx=3758893&cmp=29365277&plc=359199019&sid=5775970&advid=&adsrv=&unit=300x250&isdvvid=&uid=901104112168&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=111&bridua=3&dup=null&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauKDD92C6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauKDD92C6D%5D4%40%3ETar9EEADTbpTauTaua6ad6d6gfg4ab32b%60b3343f5ah4aah5g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaua6ad6d6gfg4ab32b%60b3343f5ah4aah5g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.40&callbackName=__verify_callback_901104112168 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash db9b37b5cfc771ed86f7feefe1f7aa233d438d26672329825b70c6dfe6046334 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 04/05/2023 23:00:18
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1D9F	22 KB 8 KB	32ms 32ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48171 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 1D9F	36 KB 14 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203264 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1BD2	6 KB 3 KB	30ms 29ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1CF1	0 20 B	79ms 78ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5398309604026&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1CF1	0 20 B	66ms 66ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5398309604026&version=m202301230201&ct=76&x=1&cor=7298584160913819000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1CF1	96 KB 38 KB	80ms 79ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgKcS6-7BMB4yud_qEovoAvi0_u-qwIFvFiATzWQLPUHQqRiq66lHy9cGxB8eHeJH4mHiRvYRy2qq5CR3QAfnPbeohYus9YLyoYk28jRsnJXgCZZqulhPCjZfOd-CioLmquTds6TrXiFar5vYyUPe2cU7d1CjdIEOPJ7EsvzoO43sczEM&dbm_d=AKAmf-AqNUDKQBmf5EbNEG-96KpfZFUDj9fEtrih_c70UULRqjoOSoxE9aQr8pf_e4vj5duNCOtMnFgi-QDIFLWAJeLpDSQUZWHZcJhAjAscjBIfm5u14dhS44U7S-gFjfYRq73eItSmc1g324spkaoGfmqJWKsJsPxHbgR_nrzGYU1mZpSDFwU5kx2mMNjEzKR6SQbooEuI40Qe3g6ba3fuj8MqzXI2x3T8W2d6IXOeRY5yS3XYydnYJ6D4ZYCR8swuqm0-9VaC_BlNrYQI7N2WezgcWWXxePXDUoqR_AM8ljd6yp4ReiR-GkhUqIp4z3CBEHyoyGxT2Rffxur0zOGtg31IS5usSU9Ou17Yx3zF4lqLFDFAFFqCNIO6G0hVD6v57I_jRHgzCp2uZSMXAtxEUM7jkaki6Z4gwG8yc5C6vb_jt4fqrwHTwlCGRsJl09rsW8zzZLrmRW3vbZUgYA7C0gfgy4G3RoVbzbsk_mtB2o5iwJVdJXZ_hkXu9MolVT2XxwglaJQexfEbN2sdnKTtFB0MfBiCMPDHOnSvP9_4d49sCXmnAH_i0jkrIiUcCbndo4J0KvvlCdIZYs4wFlwRm4rOyeF94p0-FGkBgSOpVhb9ekbVvG9maa8iv8TnRkcvv3DLd8QdLupkIjO6HaWk8xzzRbVhxnOLEkTl8G2YpZPg19cQ8VoTze1u06QkILTk96EWgT8iawMqblkO8iyHqSPz_dPZ7S-ttV6YRilkSLhZ9erTX2y6B3pG6oPcWMvjImMKdeRJre4nj2ni0ZzmiEmzhQ3ffm6z-lHzKscxKvMBoSsm7RzL1Hkhs4P48bkata9Rri4-x4yHc2WXBVywlHtt3iy8tD7GB_AnbKTrBix3yfceXwqtmmjHhIlMDQl0Vp5FAQXQavHQnDDp1AE_891MLQw2BopQn_ZjJqGYnaHkOoYhPynywtyfskVbvH9hKy55WNEhwc-RbeFgf22gkbwnA3qqlYQpG2I4xllqoJgdYg_FTMbeNtgNLSJd9hP0RBY0AaD9zncQUnlySKoCDx_prQZRaFCVgkOv-jKIgLTcwABx0VU9_PnbKBGvpQlwbSLjGsFbMKZ0NirAFreVsvQWb0QHgNTsM7PI6hp-h3qinCPymNXT0HZqEVmblwZzXuRlKJGAIc2rlJUcns_47frZW0TZoV1zQGDM1m88g_IHugcAsbvvfqz___Fk6Lt2nZpmKwWSyyuNlzI58HspX_sRR809vvOBvE5zt5O2ktw9VTNz-y0EWbIKU_vnhbUZ5LN-v6VBConFU3EhunMUsD-NX1UQ-2zlsqwyudTJcmXCdiAqYJwFsZSvu9z1LfFnbsQoODBA8v4801e-8BxG6KipwfR5vKGC53gU7T0wFoCZ8tl6sRXJQhylv5lYseZisH6rJ8MqNAK7HhKSWZiWBZ9QKdmZk3ScdNOK5xN8CBuDzabH7DE27xtScDJ3Wx6Vc-Ocw6YpqogP69YSX5uMGvr3ZoDh3AKK3b4GjK06k5I-1NlmeBro39uE1DmWv93CLDmtHGRmqgyQA0r11zEAWzIH3vRXYvAIAe1jLFzDuXUVNZ8K3p9zdLTEnK4dQabdspwtc0-moCQZr9toxlPlrAZ2GKZhJwKkdO6baVqWmQob5yVdSVkoygyRF86ncZyoaPuB1uN0AE9ehYEbfwe_8cO3-EL_yBqebNDhLJaG0t9LF5fqUaBkc4fxu_Q-I-t3N9ZVqBPaVPhC4ZxZj08KpTRj8pPkDsz8mS8M-ZG5suhfY5p38l68idWPFdYLJRopgvmFQ-Wv2jaO2ifWnUXknDBz88xUdpQVuaK5OTW1Lh472xI9msgBiojsr11B4-riAX4phm0Aa2kROht97w5TXIl4AMX--W8JqES6SG7OQ_fxqPByNAclqFAUIOVI8zhtEAm5XXTsJrAd7XRCSf-V9eJIv_j1dNMU8w8KB12hohRQI4grDThDCjJeHOqo0Qe0lMBossIRFx5J0Qfy6SKqfdafVecQ1vyibN18Su5Qq73D7g7G2a7VLBe_pxpDl-k73PhCb62r5Nt4z7bvS0ZedCHliNfdWjKwzLrqZ7-IvWAPTL2nF-O-ob2LLhl7idq7QbMV7Dh3gBs1wiyJE6hjPhv0GXqY4XeeVDgG0txxzokJ4FCVLszK2WyPPx4A4l4cR2zxiMn4sFmH872jwu2PaeF1TGHmz3Pcasvk5p3P0FNzutMcUjy7AvPKJYLhqBHpI3BSWy7CBPLE1A8vEIr1MIiIxlHxFG6Ow_cvWw-ubt3yTEOEKei3hrPRYAM4DDq3uxPobUcwZhwCHg08ySM-oCEVgRGbmTN0Ih6q-Uh1CQcJ9Np_FEDlzEaCK5vtDLTKfkyOroT3M41W1bKXdooeMtAUv_yFv_7iwiXK4lLXvWfrvGVtfUBiWO6d6jnl-VsF1PAx3uXfvbMN0vAZSNPmwmX16ceUcha0HvJvMqruZE4m6MMyi79C4qfrprU1MmdPIoyUYRhLSxcaesnNsLpO1aYxse4ni4mqMRfZIxHelHoeYw5NK8BsNHw8aazZ-NSnAEfc-C9rZ_QF6yAIZD23yYMi5OUNjZIKrdzZeYNalBRx5CZDAhBaWI2z8U2afrovwaLxBPMfi1MhaN8WkyLid4o1BwzicnmhoMfjr3G4Li8sTp7sDhr8d4uVbqAloI9dkXmXpfRPk4rqHYpuCCbGt4Egm7kPC67_R27WRLWt-q-BvK_tC0ZSwFZcL837kyNO9y8rBwOjLXaoCy1oKSGIC2apYQONKO43-nJ996nCq6xDk-GOtkwWKRBxFSPXdfgvRkpQRtPe3QEt05-9nINf37fzVuTTQgJqj3nqALGjeE3p9Ei75pmF3nAzlza6PxpCLBTSEak7R21rtdvgnUSnd5Z8gC5DxCJ-tX4Yj9lsRKYysz-Gl8yDAjM7TT0aN3kJICLQEb1Lxqo6x0hWQGMeb7bgnua9Mt7iktt4QfELwvXVy6xJ6XvdfcxUDmf9XEjIucmL8Kkx4zN7tnfICz75r1tQuAtik4WqdJjE3myXXZ5AR679QoxyLqn1jFxViE835z00oFnOEZi6lx91sN_6avnxyCi4AGb4UovS9XZWRVzm-JS5XbUUxiT8BBSSBK06s7YHNRcziZItka7oDDbsEvcnmYZk1382V48WAgmz_M2nzvUqMB8hZFfkJrw0gpgzUBhYD5RlyToO8WxEVqoD-kTA-QaHIT2_uZc5Ap69LTANZ8OBHmS2BTDRoJFcvNrkhJTIrEz1t_YWyaENJRKG4qUHHoXc4RfUGmdtWSbpo71fT5Ma5tTs7HRNqxC8hNb9pfjLXJS5nXFkjwPLNh1rvGzz6U4k3LrrPzdm9GBH2sLin9j7Ue_cKBfp9YWTXlIf_KUcm6sSA3Uq54aRglHjR-JE69AjU9JQfx2xYZHB2T6MiOsT6h0VI4jEpRp84x5x7AdJ2hH7btqnFVriO9fH3wVb8L9bYyGuI8yPXauNAzJ5nbMrQVXtsHPKUAiyQOh2sOeudCH7xdKzRBvMm30yoHExj74A7yJIOZxESpyQG3ppPNbOBCHcNQxBkVFGHx3tb_1ALt_y6aMzMWbO5kFDBh_6bhNkSYSQNhWpukoD0wbwVQ-90RjE7F1j2nNII21gn7d4mgJ45_rrEqLWPDC-IG-oSUXAu2BWQuaAR1k1A5csvvpDor8pae3t_lq2GnjJUGjQxTgdkngafmVUd5JtIJ0jrt2TIUqqIjHdMt8Hebd3Flm66XMuqmFjpudAMtCfybOXXTnj&cid=CAQSSwDUE5ymiDf_Ut9C9bfr_e97pYLBwrzLrmRf6HF8ZAy0YQROU7uGXz0Hy7PIjUJB5_hgkKyw7bnb98dVuj7iSDk0wuTU4nOUnnJ5whgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7298584160913819000&adk=2124396030&idt=190&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4f982ae5bbff2520b7a890eeabf326606072c45a5dc14e2f58afa619012f041 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38727 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 878E	640 B 265 B	57ms 56ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARiln63dATAB&v=APEucNUA2O4EqYdYuqHhLhtLOlrL7Jgd9Rhs36Okx8k8CnizvpaqkhEymSNzWoaq6pE8AhCh9GM2vgh0X6_BgU3eH_Jy_3QvgCcj528vWgaSihhAHtjEF5N2NAoaD43Yb5O-umk1Y3Bzx4AmK8g_m5lXgZqO1zRo2-kSN8hynHymO37z47PXDZs Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:18 GMT expires Thu, 06 Apr 2023 23:00:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame BE8D	78 KB 27 KB	172ms 172ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28043 x-xss-protection 0 server cafe etag 15270303690107644053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame BE8D	3 KB 1 KB	27ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame BE8D	20 KB 8 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BE8D	159 KB 49 KB	61ms 59ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE8D	42 B 63 B	73ms 72ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcS_4SO1txUh6DvSxIjOsyHcrWTMvNJfyrNmEN03wviCC89HZrKSFvRNw4-AghNZFFZ7Wp7yifVDN4Kfo5UO0S6sOpVTzRO0v3zNMqQtMhzYKinSM Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE8D	0 20 B	72ms 72ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18333858883384823065&x=1&ct=76 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	bsevent.gif rtbc-eu3.doubleverify.com/ Frame 2AE4	0 234 B	99ms 38ms	Ping text/plain	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=38321e5f4a1640faaa07b41b7095ea21&vfdur=170&cbust=1680822018636785 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Thu, 06 Apr 2023 23:00:18 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 04/05/2023 23:00:18
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 2AE4	16 KB 7 KB	42ms 35ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:20:52 GMT content-encoding gzip x-content-type-options nosniff age 2366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6883 x-xss-protection 0 last-modified Wed, 15 Feb 2023 19:52:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Thu, 06 Apr 2023 23:20:52 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 878E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIfD1aMpZ1qYqCGus05-Px4&google_cver=1	43 B 114 B	56ms 46ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIfD1aMpZ1qYqCGus05-Px4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARiln63dATAB&v=APEucNUA2O4EqYdYuqHhLhtLOlrL7Jgd9Rhs36Okx8k8CnizvpaqkhEymSNzWoaq6pE8AhCh9GM2vgh0X6_BgU3eH_Jy_3QvgCcj528vWgaSihhAHtjEF5N2NAoaD43Yb5O-umk1Y3Bzx4AmK8g_m5lXgZqO1zRo2-kSN8hynHymO37z47PXDZs Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIfD1aMpZ1qYqCGus05-Px4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cm us-u.openx.net/w/1.0/ Frame 878E	43 B 304 B	88ms 45ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARiln63dATAB&v=APEucNUA2O4EqYdYuqHhLhtLOlrL7Jgd9Rhs36Okx8k8CnizvpaqkhEymSNzWoaq6pE8AhCh9GM2vgh0X6_BgU3eH_Jy_3QvgCcj528vWgaSihhAHtjEF5N2NAoaD43Yb5O-umk1Y3Bzx4AmK8g_m5lXgZqO1zRo2-kSN8hynHymO37z47PXDZs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 878E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEHXwyrto-iTPtZMLDpCs1gU&google_cver=1	23 B 172 B	207ms 69ms	Image image/gif	104.111.217.42 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEHXwyrto-iTPtZMLDpCs1gU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARiln63dATAB&v=APEucNUA2O4EqYdYuqHhLhtLOlrL7Jgd9Rhs36Okx8k8CnizvpaqkhEymSNzWoaq6pE8AhCh9GM2vgh0X6_BgU3eH_Jy_3QvgCcj528vWgaSihhAHtjEF5N2NAoaD43Yb5O-umk1Y3Bzx4AmK8g_m5lXgZqO1zRo2-kSN8hynHymO37z47PXDZs Protocol H2 Server 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-217-42.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers expires Thu, 06 Apr 2023 23:00:18 GMT pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um?eid=3&uid=CAESEHXwyrto-iTPtZMLDpCs1gU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 878E	23 B 172 B	239ms 70ms	Image image/gif	104.111.217.42 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARiln63dATAB&v=APEucNUA2O4EqYdYuqHhLhtLOlrL7Jgd9Rhs36Okx8k8CnizvpaqkhEymSNzWoaq6pE8AhCh9GM2vgh0X6_BgU3eH_Jy_3QvgCcj528vWgaSihhAHtjEF5N2NAoaD43Yb5O-umk1Y3Bzx4AmK8g_m5lXgZqO1zRo2-kSN8hynHymO37z47PXDZs Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-217-42.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers expires Thu, 06 Apr 2023 23:00:18 GMT pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 1CF1	243 KB 73 KB	167ms 46ms	Script application/javascript	34.247.76.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=19429846202&bidurl=https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jdPQjNE8SZtOEDSIU9nDnE Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.76.157 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-76-157.eu-west-1.compute.amazonaws.com Software / Resource Hash 2284084fa2d5794cd109bbca758af61acfc3c4f6308f6aa9590f06620b3dffad Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 1CF1	106 KB 37 KB	79ms 41ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 11:11:16 GMT content-encoding gzip x-content-type-options nosniff age 42542 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 11:11:16 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 1CF1	11 KB 4 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgKcS6-7BMB4yud_qEovoAvi0_u-qwIFvFiATzWQLPUHQqRiq66lHy9cGxB8eHeJH4mHiRvYRy2qq5CR3QAfnPbeohYus9YLyoYk28jRsnJXgCZZqulhPCjZfOd-CioLmquTds6TrXiFar5vYyUPe2cU7d1CjdIEOPJ7EsvzoO43sczEM&dbm_d=AKAmf-AqNUDKQBmf5EbNEG-96KpfZFUDj9fEtrih_c70UULRqjoOSoxE9aQr8pf_e4vj5duNCOtMnFgi-QDIFLWAJeLpDSQUZWHZcJhAjAscjBIfm5u14dhS44U7S-gFjfYRq73eItSmc1g324spkaoGfmqJWKsJsPxHbgR_nrzGYU1mZpSDFwU5kx2mMNjEzKR6SQbooEuI40Qe3g6ba3fuj8MqzXI2x3T8W2d6IXOeRY5yS3XYydnYJ6D4ZYCR8swuqm0-9VaC_BlNrYQI7N2WezgcWWXxePXDUoqR_AM8ljd6yp4ReiR-GkhUqIp4z3CBEHyoyGxT2Rffxur0zOGtg31IS5usSU9Ou17Yx3zF4lqLFDFAFFqCNIO6G0hVD6v57I_jRHgzCp2uZSMXAtxEUM7jkaki6Z4gwG8yc5C6vb_jt4fqrwHTwlCGRsJl09rsW8zzZLrmRW3vbZUgYA7C0gfgy4G3RoVbzbsk_mtB2o5iwJVdJXZ_hkXu9MolVT2XxwglaJQexfEbN2sdnKTtFB0MfBiCMPDHOnSvP9_4d49sCXmnAH_i0jkrIiUcCbndo4J0KvvlCdIZYs4wFlwRm4rOyeF94p0-FGkBgSOpVhb9ekbVvG9maa8iv8TnRkcvv3DLd8QdLupkIjO6HaWk8xzzRbVhxnOLEkTl8G2YpZPg19cQ8VoTze1u06QkILTk96EWgT8iawMqblkO8iyHqSPz_dPZ7S-ttV6YRilkSLhZ9erTX2y6B3pG6oPcWMvjImMKdeRJre4nj2ni0ZzmiEmzhQ3ffm6z-lHzKscxKvMBoSsm7RzL1Hkhs4P48bkata9Rri4-x4yHc2WXBVywlHtt3iy8tD7GB_AnbKTrBix3yfceXwqtmmjHhIlMDQl0Vp5FAQXQavHQnDDp1AE_891MLQw2BopQn_ZjJqGYnaHkOoYhPynywtyfskVbvH9hKy55WNEhwc-RbeFgf22gkbwnA3qqlYQpG2I4xllqoJgdYg_FTMbeNtgNLSJd9hP0RBY0AaD9zncQUnlySKoCDx_prQZRaFCVgkOv-jKIgLTcwABx0VU9_PnbKBGvpQlwbSLjGsFbMKZ0NirAFreVsvQWb0QHgNTsM7PI6hp-h3qinCPymNXT0HZqEVmblwZzXuRlKJGAIc2rlJUcns_47frZW0TZoV1zQGDM1m88g_IHugcAsbvvfqz___Fk6Lt2nZpmKwWSyyuNlzI58HspX_sRR809vvOBvE5zt5O2ktw9VTNz-y0EWbIKU_vnhbUZ5LN-v6VBConFU3EhunMUsD-NX1UQ-2zlsqwyudTJcmXCdiAqYJwFsZSvu9z1LfFnbsQoODBA8v4801e-8BxG6KipwfR5vKGC53gU7T0wFoCZ8tl6sRXJQhylv5lYseZisH6rJ8MqNAK7HhKSWZiWBZ9QKdmZk3ScdNOK5xN8CBuDzabH7DE27xtScDJ3Wx6Vc-Ocw6YpqogP69YSX5uMGvr3ZoDh3AKK3b4GjK06k5I-1NlmeBro39uE1DmWv93CLDmtHGRmqgyQA0r11zEAWzIH3vRXYvAIAe1jLFzDuXUVNZ8K3p9zdLTEnK4dQabdspwtc0-moCQZr9toxlPlrAZ2GKZhJwKkdO6baVqWmQob5yVdSVkoygyRF86ncZyoaPuB1uN0AE9ehYEbfwe_8cO3-EL_yBqebNDhLJaG0t9LF5fqUaBkc4fxu_Q-I-t3N9ZVqBPaVPhC4ZxZj08KpTRj8pPkDsz8mS8M-ZG5suhfY5p38l68idWPFdYLJRopgvmFQ-Wv2jaO2ifWnUXknDBz88xUdpQVuaK5OTW1Lh472xI9msgBiojsr11B4-riAX4phm0Aa2kROht97w5TXIl4AMX--W8JqES6SG7OQ_fxqPByNAclqFAUIOVI8zhtEAm5XXTsJrAd7XRCSf-V9eJIv_j1dNMU8w8KB12hohRQI4grDThDCjJeHOqo0Qe0lMBossIRFx5J0Qfy6SKqfdafVecQ1vyibN18Su5Qq73D7g7G2a7VLBe_pxpDl-k73PhCb62r5Nt4z7bvS0ZedCHliNfdWjKwzLrqZ7-IvWAPTL2nF-O-ob2LLhl7idq7QbMV7Dh3gBs1wiyJE6hjPhv0GXqY4XeeVDgG0txxzokJ4FCVLszK2WyPPx4A4l4cR2zxiMn4sFmH872jwu2PaeF1TGHmz3Pcasvk5p3P0FNzutMcUjy7AvPKJYLhqBHpI3BSWy7CBPLE1A8vEIr1MIiIxlHxFG6Ow_cvWw-ubt3yTEOEKei3hrPRYAM4DDq3uxPobUcwZhwCHg08ySM-oCEVgRGbmTN0Ih6q-Uh1CQcJ9Np_FEDlzEaCK5vtDLTKfkyOroT3M41W1bKXdooeMtAUv_yFv_7iwiXK4lLXvWfrvGVtfUBiWO6d6jnl-VsF1PAx3uXfvbMN0vAZSNPmwmX16ceUcha0HvJvMqruZE4m6MMyi79C4qfrprU1MmdPIoyUYRhLSxcaesnNsLpO1aYxse4ni4mqMRfZIxHelHoeYw5NK8BsNHw8aazZ-NSnAEfc-C9rZ_QF6yAIZD23yYMi5OUNjZIKrdzZeYNalBRx5CZDAhBaWI2z8U2afrovwaLxBPMfi1MhaN8WkyLid4o1BwzicnmhoMfjr3G4Li8sTp7sDhr8d4uVbqAloI9dkXmXpfRPk4rqHYpuCCbGt4Egm7kPC67_R27WRLWt-q-BvK_tC0ZSwFZcL837kyNO9y8rBwOjLXaoCy1oKSGIC2apYQONKO43-nJ996nCq6xDk-GOtkwWKRBxFSPXdfgvRkpQRtPe3QEt05-9nINf37fzVuTTQgJqj3nqALGjeE3p9Ei75pmF3nAzlza6PxpCLBTSEak7R21rtdvgnUSnd5Z8gC5DxCJ-tX4Yj9lsRKYysz-Gl8yDAjM7TT0aN3kJICLQEb1Lxqo6x0hWQGMeb7bgnua9Mt7iktt4QfELwvXVy6xJ6XvdfcxUDmf9XEjIucmL8Kkx4zN7tnfICz75r1tQuAtik4WqdJjE3myXXZ5AR679QoxyLqn1jFxViE835z00oFnOEZi6lx91sN_6avnxyCi4AGb4UovS9XZWRVzm-JS5XbUUxiT8BBSSBK06s7YHNRcziZItka7oDDbsEvcnmYZk1382V48WAgmz_M2nzvUqMB8hZFfkJrw0gpgzUBhYD5RlyToO8WxEVqoD-kTA-QaHIT2_uZc5Ap69LTANZ8OBHmS2BTDRoJFcvNrkhJTIrEz1t_YWyaENJRKG4qUHHoXc4RfUGmdtWSbpo71fT5Ma5tTs7HRNqxC8hNb9pfjLXJS5nXFkjwPLNh1rvGzz6U4k3LrrPzdm9GBH2sLin9j7Ue_cKBfp9YWTXlIf_KUcm6sSA3Uq54aRglHjR-JE69AjU9JQfx2xYZHB2T6MiOsT6h0VI4jEpRp84x5x7AdJ2hH7btqnFVriO9fH3wVb8L9bYyGuI8yPXauNAzJ5nbMrQVXtsHPKUAiyQOh2sOeudCH7xdKzRBvMm30yoHExj74A7yJIOZxESpyQG3ppPNbOBCHcNQxBkVFGHx3tb_1ALt_y6aMzMWbO5kFDBh_6bhNkSYSQNhWpukoD0wbwVQ-90RjE7F1j2nNII21gn7d4mgJ45_rrEqLWPDC-IG-oSUXAu2BWQuaAR1k1A5csvvpDor8pae3t_lq2GnjJUGjQxTgdkngafmVUd5JtIJ0jrt2TIUqqIjHdMt8Hebd3Flm66XMuqmFjpudAMtCfybOXXTnj&cid=CAQSSwDUE5ymiDf_Ut9C9bfr_e97pYLBwrzLrmRf6HF8ZAy0YQROU7uGXz0Hy7PIjUJB5_hgkKyw7bnb98dVuj7iSDk0wuTU4nOUnnJ5whgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7298584160913819000&adk=2124396030&idt=190&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:30:54 GMT content-encoding br x-content-type-options nosniff age 5364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4123 x-xss-protection 0 server cafe etag 4541610132340792384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:30:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 1CF1	28 KB 11 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgKcS6-7BMB4yud_qEovoAvi0_u-qwIFvFiATzWQLPUHQqRiq66lHy9cGxB8eHeJH4mHiRvYRy2qq5CR3QAfnPbeohYus9YLyoYk28jRsnJXgCZZqulhPCjZfOd-CioLmquTds6TrXiFar5vYyUPe2cU7d1CjdIEOPJ7EsvzoO43sczEM&dbm_d=AKAmf-AqNUDKQBmf5EbNEG-96KpfZFUDj9fEtrih_c70UULRqjoOSoxE9aQr8pf_e4vj5duNCOtMnFgi-QDIFLWAJeLpDSQUZWHZcJhAjAscjBIfm5u14dhS44U7S-gFjfYRq73eItSmc1g324spkaoGfmqJWKsJsPxHbgR_nrzGYU1mZpSDFwU5kx2mMNjEzKR6SQbooEuI40Qe3g6ba3fuj8MqzXI2x3T8W2d6IXOeRY5yS3XYydnYJ6D4ZYCR8swuqm0-9VaC_BlNrYQI7N2WezgcWWXxePXDUoqR_AM8ljd6yp4ReiR-GkhUqIp4z3CBEHyoyGxT2Rffxur0zOGtg31IS5usSU9Ou17Yx3zF4lqLFDFAFFqCNIO6G0hVD6v57I_jRHgzCp2uZSMXAtxEUM7jkaki6Z4gwG8yc5C6vb_jt4fqrwHTwlCGRsJl09rsW8zzZLrmRW3vbZUgYA7C0gfgy4G3RoVbzbsk_mtB2o5iwJVdJXZ_hkXu9MolVT2XxwglaJQexfEbN2sdnKTtFB0MfBiCMPDHOnSvP9_4d49sCXmnAH_i0jkrIiUcCbndo4J0KvvlCdIZYs4wFlwRm4rOyeF94p0-FGkBgSOpVhb9ekbVvG9maa8iv8TnRkcvv3DLd8QdLupkIjO6HaWk8xzzRbVhxnOLEkTl8G2YpZPg19cQ8VoTze1u06QkILTk96EWgT8iawMqblkO8iyHqSPz_dPZ7S-ttV6YRilkSLhZ9erTX2y6B3pG6oPcWMvjImMKdeRJre4nj2ni0ZzmiEmzhQ3ffm6z-lHzKscxKvMBoSsm7RzL1Hkhs4P48bkata9Rri4-x4yHc2WXBVywlHtt3iy8tD7GB_AnbKTrBix3yfceXwqtmmjHhIlMDQl0Vp5FAQXQavHQnDDp1AE_891MLQw2BopQn_ZjJqGYnaHkOoYhPynywtyfskVbvH9hKy55WNEhwc-RbeFgf22gkbwnA3qqlYQpG2I4xllqoJgdYg_FTMbeNtgNLSJd9hP0RBY0AaD9zncQUnlySKoCDx_prQZRaFCVgkOv-jKIgLTcwABx0VU9_PnbKBGvpQlwbSLjGsFbMKZ0NirAFreVsvQWb0QHgNTsM7PI6hp-h3qinCPymNXT0HZqEVmblwZzXuRlKJGAIc2rlJUcns_47frZW0TZoV1zQGDM1m88g_IHugcAsbvvfqz___Fk6Lt2nZpmKwWSyyuNlzI58HspX_sRR809vvOBvE5zt5O2ktw9VTNz-y0EWbIKU_vnhbUZ5LN-v6VBConFU3EhunMUsD-NX1UQ-2zlsqwyudTJcmXCdiAqYJwFsZSvu9z1LfFnbsQoODBA8v4801e-8BxG6KipwfR5vKGC53gU7T0wFoCZ8tl6sRXJQhylv5lYseZisH6rJ8MqNAK7HhKSWZiWBZ9QKdmZk3ScdNOK5xN8CBuDzabH7DE27xtScDJ3Wx6Vc-Ocw6YpqogP69YSX5uMGvr3ZoDh3AKK3b4GjK06k5I-1NlmeBro39uE1DmWv93CLDmtHGRmqgyQA0r11zEAWzIH3vRXYvAIAe1jLFzDuXUVNZ8K3p9zdLTEnK4dQabdspwtc0-moCQZr9toxlPlrAZ2GKZhJwKkdO6baVqWmQob5yVdSVkoygyRF86ncZyoaPuB1uN0AE9ehYEbfwe_8cO3-EL_yBqebNDhLJaG0t9LF5fqUaBkc4fxu_Q-I-t3N9ZVqBPaVPhC4ZxZj08KpTRj8pPkDsz8mS8M-ZG5suhfY5p38l68idWPFdYLJRopgvmFQ-Wv2jaO2ifWnUXknDBz88xUdpQVuaK5OTW1Lh472xI9msgBiojsr11B4-riAX4phm0Aa2kROht97w5TXIl4AMX--W8JqES6SG7OQ_fxqPByNAclqFAUIOVI8zhtEAm5XXTsJrAd7XRCSf-V9eJIv_j1dNMU8w8KB12hohRQI4grDThDCjJeHOqo0Qe0lMBossIRFx5J0Qfy6SKqfdafVecQ1vyibN18Su5Qq73D7g7G2a7VLBe_pxpDl-k73PhCb62r5Nt4z7bvS0ZedCHliNfdWjKwzLrqZ7-IvWAPTL2nF-O-ob2LLhl7idq7QbMV7Dh3gBs1wiyJE6hjPhv0GXqY4XeeVDgG0txxzokJ4FCVLszK2WyPPx4A4l4cR2zxiMn4sFmH872jwu2PaeF1TGHmz3Pcasvk5p3P0FNzutMcUjy7AvPKJYLhqBHpI3BSWy7CBPLE1A8vEIr1MIiIxlHxFG6Ow_cvWw-ubt3yTEOEKei3hrPRYAM4DDq3uxPobUcwZhwCHg08ySM-oCEVgRGbmTN0Ih6q-Uh1CQcJ9Np_FEDlzEaCK5vtDLTKfkyOroT3M41W1bKXdooeMtAUv_yFv_7iwiXK4lLXvWfrvGVtfUBiWO6d6jnl-VsF1PAx3uXfvbMN0vAZSNPmwmX16ceUcha0HvJvMqruZE4m6MMyi79C4qfrprU1MmdPIoyUYRhLSxcaesnNsLpO1aYxse4ni4mqMRfZIxHelHoeYw5NK8BsNHw8aazZ-NSnAEfc-C9rZ_QF6yAIZD23yYMi5OUNjZIKrdzZeYNalBRx5CZDAhBaWI2z8U2afrovwaLxBPMfi1MhaN8WkyLid4o1BwzicnmhoMfjr3G4Li8sTp7sDhr8d4uVbqAloI9dkXmXpfRPk4rqHYpuCCbGt4Egm7kPC67_R27WRLWt-q-BvK_tC0ZSwFZcL837kyNO9y8rBwOjLXaoCy1oKSGIC2apYQONKO43-nJ996nCq6xDk-GOtkwWKRBxFSPXdfgvRkpQRtPe3QEt05-9nINf37fzVuTTQgJqj3nqALGjeE3p9Ei75pmF3nAzlza6PxpCLBTSEak7R21rtdvgnUSnd5Z8gC5DxCJ-tX4Yj9lsRKYysz-Gl8yDAjM7TT0aN3kJICLQEb1Lxqo6x0hWQGMeb7bgnua9Mt7iktt4QfELwvXVy6xJ6XvdfcxUDmf9XEjIucmL8Kkx4zN7tnfICz75r1tQuAtik4WqdJjE3myXXZ5AR679QoxyLqn1jFxViE835z00oFnOEZi6lx91sN_6avnxyCi4AGb4UovS9XZWRVzm-JS5XbUUxiT8BBSSBK06s7YHNRcziZItka7oDDbsEvcnmYZk1382V48WAgmz_M2nzvUqMB8hZFfkJrw0gpgzUBhYD5RlyToO8WxEVqoD-kTA-QaHIT2_uZc5Ap69LTANZ8OBHmS2BTDRoJFcvNrkhJTIrEz1t_YWyaENJRKG4qUHHoXc4RfUGmdtWSbpo71fT5Ma5tTs7HRNqxC8hNb9pfjLXJS5nXFkjwPLNh1rvGzz6U4k3LrrPzdm9GBH2sLin9j7Ue_cKBfp9YWTXlIf_KUcm6sSA3Uq54aRglHjR-JE69AjU9JQfx2xYZHB2T6MiOsT6h0VI4jEpRp84x5x7AdJ2hH7btqnFVriO9fH3wVb8L9bYyGuI8yPXauNAzJ5nbMrQVXtsHPKUAiyQOh2sOeudCH7xdKzRBvMm30yoHExj74A7yJIOZxESpyQG3ppPNbOBCHcNQxBkVFGHx3tb_1ALt_y6aMzMWbO5kFDBh_6bhNkSYSQNhWpukoD0wbwVQ-90RjE7F1j2nNII21gn7d4mgJ45_rrEqLWPDC-IG-oSUXAu2BWQuaAR1k1A5csvvpDor8pae3t_lq2GnjJUGjQxTgdkngafmVUd5JtIJ0jrt2TIUqqIjHdMt8Hebd3Flm66XMuqmFjpudAMtCfybOXXTnj&cid=CAQSSwDUE5ymiDf_Ut9C9bfr_e97pYLBwrzLrmRf6HF8ZAy0YQROU7uGXz0Hy7PIjUJB5_hgkKyw7bnb98dVuj7iSDk0wuTU4nOUnnJ5whgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7298584160913819000&adk=2124396030&idt=190&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:31:32 GMT content-encoding br x-content-type-options nosniff age 5326 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11009 x-xss-protection 0 server cafe etag 12368014760096651300 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:31:32 GMT
GET H3	200	impl_v95.js Show response www.googletagservices.com/dcm/ Frame 2AE4	60 KB 23 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v95.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:20:52 GMT content-encoding gzip x-content-type-options nosniff age 23966 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23368 x-xss-protection 0 last-modified Mon, 13 Feb 2023 18:47:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 05 Apr 2024 16:20:52 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 1CF1	41 KB 15 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET DATA	200 OK	truncated / Frame 1CF1	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba0d99451167f349c22df7146004ec03ef42ca0d5c1b7da1697bc7a72e164347 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H2	200	B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$... Show response ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 2AE4	57 KB 27 KB	139ms 77ms	Script text/javascript	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$0;xdt=1;crlt=NBsIAdI7CE;stc=1;chaa=1;sttr=100;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v95.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash 6a9feb40ef74bf7424e851e385184cbc8de7008bdb2b3c88a963cb999cc83743 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27147 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE8D	0 20 B	54ms 54ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1819410056685&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE8D	0 20 B	54ms 54ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1819410056685&version=m202301230201&ct=76&x=1&cor=18333858883384824000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame BE8D	72 KB 34 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4ee7c0a28199ab3aae25be347b56d8dc290ee166afd2f93bc1fa4250503c4eaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35093 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame CAE3	22 KB 8 KB	31ms 31ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48171 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/8545329873006492075/ Frame 5C99	142 KB 22 KB	51ms 14ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/8545329873006492075/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 564857 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 22810 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 31 Mar 2023 10:06:01 GMT expires Sat, 30 Mar 2024 10:06:01 GMT last-modified Wed, 09 Feb 2022 10:36:00 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 1CF1	0 0	142ms 95ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZqf-PSTnNZ0BpNbKxnnswKAVRk9KzpBnRlUCTUjOHJMW50g5pCyWnPJDfyvOR2DpfV0kblPFxP8mz-Co0CgwBlfLgPmdFnseQT6yg3lg8GsAMI1oRCFwybNGnHUko6zTezhwokcIvg92Pcj6cXbCVdntLTVdSZ6Xjl4RtbhZkfGNtUBoe1lvaNJUUlVj033uaInu8zBx0vM1Fg-hqEFzjVw9qX4uw8l1D2eh6B_yJV1nTRjB-c_Oolxzy3kFXSv9YXUPsqFfMqJOQ107yVrcG94Eri5apVqw5Y45vgqXq9g-mE7peDMQ5NsXVX9H7r7OvQWsykk48WB3yUFz-Y7aeOZMsX41h7VRF0rJlnEHVonamka37NC_AOPu7rvYTpN5EPUuE7opRlf_GvC3l7sRmvqA2-KKfn2ZOf-GP1vVwxVn8TCeu7CvxLAI7u78r1kdyRzGBaHGGGlf4ujLLttVedMm6w5pb2ug48VxHeEED7IginxvXnX8FSgCAk5Wvx6KQDVHzUb8Y0N5xqDPEwQTOjnKzlzFb8A5kOst-FYs03bUIZ09eX646KBU9LTjvF8GxxtxapcmACME6iszsPL58BlktbwZdRebC6S99XUxyhu4W5JirZKqXZlqEWCkoSQu-0rmDCPXvqprCVcD2NUae-QILAEyEU5eAjkppzX3ynKMCoJwDRfE-gJeQGBXdcuLl7NgFx6NeaFL8IeE6j2ZbMc5quwgFUR6kD5Pjs0pLZMCCcK5geAkTTJzlMuml-UUIn6m1MDGIqWTW9PP2z6W6JHzEHhlXlNQH4xabuRecYhLqfXSBlkIE3ZT_zm29KrnswMIKNW5XQIrOIVZCy0zo7LGEbhCtvUoVE3x3i9cKDr7D2fGGcpZTzvXSWvwyy631agPCGrR7bq_2ku14bW2bgnVogejB52A0exBoHiyT3QpT9TrurLWWmu4lKdzAAROGVpGreMn5_YMAlP50EgsDdmlgFiVSTSkc8npJe_F9oi1QxweKnHxICh9iGhopMh0FK8S2oWJYII1lfDXLlE2CE8w7MiTgnvGmRB_IYNEJnEUd-gNgSZLkbGs4_YHvvwr1b0Z32MAJUmv2RowBXZFpNRUrhZ_KQwIrjDELrpF-WEMv6YZDvfXDLSy5ccGmFSWy9LmR02aVmCUb9ZSl0PhJ9FGaCOZXhy3WADA3TnP_7L3D5spgteTzDKE2TQpyn5_N8ldj5t_nTOflO8LfpN-lV964I2IRWY3uxrOWCyOV4js65pkGGU-7fQCfKzlzG6MRvnlQICMBX6UlZ_A3RQQwJEEfkLRhtqAbOZfbK0KJAyqO0-IxaBbQsu-TqMw&sai=AMfl-YSMblqU_3P1YIKUdSMN3jiTWTMlB-A2vlBLArrRlNQlbTKUHuyp47EWAQefQfto6izHofQZ_gb9avNZrovDYE_5fRbd64dEbdX47eqkavl1bN4OkqkvbxKnoKeAbStI8RO87nlaAvkLtAqaK-IanJd_CIKIAI4EzOkbc4tQdk71U1HxJ0OqlAN8beNhwHGluQa7ey4ZCoUfNOqYG1QOYtpJj2_rlkQDlX75GRUpTdLCoOe7NRkUX0zqn0Vt2MS6pNde8uooxi-qgYqPW34udNBDgCy82Ztk&sig=Cg0ArKJSzP7clgmPIE30EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=139&cisv=r20230405.38118&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EDA	6 KB 3 KB	22ms 21ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1D9F	0 20 B	65ms 64ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvPLtAk8vZJmyFe6qx_AP8peb8AYAAAAAOAHgBAI&bg=!ICOlI3fNAAYIJb0jKCU7ADkAdvg8WlS403iK-kigYM_ngW5JAa0fX65zssz60sgnEFCKXf4HhWRV-S5LEYHtT91Xn2tjOEUaG6ICAAAAu1IAAAACaAEHmQMsS7av99JZyQIlrdmC-8MxUhfGqxPRG877KWulRuVZmixtXHt18HFeSiiaAr7i6aAaZN3YgD1SpjL3SG9AuSkBkG3QKyEWFnoEUcVbr6EGZiZCwOgV6_yfryyPiFmm5z3ddQLX-SVOz0JHMb6TEy4YnPzs2kGlJdAAFgjeuTZE9QBVDDR9PlJ4rVqJ242S2nYUDJjooXKQhq0u_fmdz2s8WRAHfw_CZ5FmimcUkHANlR0EAkl89AF__1JlpsuyXEFVphTofbZsO6rN3Njj_F96Iqt5md2E4yKQoIf5N1p0araCmqHWvg19CASQYW5AfzluI8w5U4OZhiPiIG5dlxDsKVWkphDo2URHEIbQ_E3OH24fc_jX1PN0fWURklzFunhqZtG0pN3kO1F2uN0XOisXZ7doMmGvgupqm2wUXVIsnDBGnLMfROq2IYMKf5NQkRSuPdJ6z_brm_mnHsN9ZAySyjARCnH1Hbv2HfGOCNZVRs5U4GR-yyol8C5Fv8HL1IuvNCKZ8Hzc3uaWLRzQFok6S2s3LDf7--4OJp7GM5RDCgXBHkiiWtWFHlNzHbqqiRnclFGZ1rjVeHGkEopkWg-QIVfri5-Jof-8rr6ZGjNq6ExfaRUZX-jZywnALe2boffe9a_guLiVpXTgBoMPnEDjzT3r_Iq7ABqHLUd39Iy4rsj3MM_DIriRyZD-kWdZk4OPR46uH_s0972gAmiINm_uhABF7JXBhRCUwirfqAMEW0yl4oMNCWPTA5mbIGFkx-yE2cJpYKNedYE12CPdlcat_Daf1AIMzO8vaaQP-EUi1yMWGLbMf7ipzGItY_bRjZ9WXyummDlGsYXf0rF72ztVpWuW2_BgBIkHBAw4j5mJZJOXPDjFhAqnam3G5WV1h7Ati82qrN0z1tI_izFz2AeQLFUTLZg_B4eAOKikYfReXH6iyMWWUt1-RzaquUACxoWtyC8KNve3ra2-6e_LmrzDrKIvqu9bwcMe_uriYs1eClC7sXIIvunQCx-whXwa_9OsLJnqLe5jyOObifPBfGwWwimQ8Lytfs7RGLOBLrickaM09oUC0ismxYMdK_w Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9F16	466 B 238 B	58ms 57ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDC7IioBBip2PHhATAB&v=APEucNVBKD6kkoGWpoaXOQFX6Ab_jOKtxIGTVyATbqliaW0ATu_CEkxsEbljSbs17ZsRNndSQDehVRcJhaTxBGngZtddRTWAqTOr6xDalEnt-j9n4214iNsB-TdcvaAcHTDi_4CH6Vjej7LU8DzsC9fwZYRqVPu_EU5hzCyW2GO0ffWMc7WdrVU Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 215 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:18 GMT expires Thu, 06 Apr 2023 23:00:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 755F	22 KB 9 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8726 x-xss-protection 0 server cafe etag 308001309495089854 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 755F	7 KB 3 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0c655bd4daa994bdb0ab47f86fa1caf51114e7f31f11293fe7e50de22a8c6e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3047 x-xss-protection 0 server cafe etag 2740137744889871072 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 755F	0 0	71ms 69ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyLYKg-EI6k3pr_E8Lu-daxd7PKeAgI0ZAI4zlIu47gFTd0m0Qc1eYCkA77qj8gKLuwlHhI4GzBwuNeXdWrkdCSdQqSTtNBhIgc2zIOcicvrC6szTkiEWXf6OkNB9i4kXQNdd3gRtmz2J9V6LSVlnWLNZcqM415RCDCv0biJM5HzdtIVeeaIkktcPwOMaH0TcmpuvdeQlYn32vKU1GjkyeP4Wsyp1qvXxyvjfPSG9Je9uQm2XyGAAlx-ypM4KGIRExjErhARXXXrk9xLS9UAhFr2cMgzIwZ_ze6hPP9ij2OUbIvWEkX6W1bD0yWng5ocLeCCM0gBKKrAlYlOlE3kgJxlheTuTFJCKdAIFzmeYmNba25V3UlDJjTthBScL6Piq0e_NI3Glayf0UUo2DPj3Px5So5TIOuVX-brW51O8LfG32IUgAcnxvZ45f_abvR8aWLwKdW_VUbmZzrih9VcIkkLYwXAirxMdUHnGmTbMaPKz8T1NTQjBoWGEmmIqImoCtHETDtXH-ym7hpEiyDEfTyzunuBaHuZuobHt5Ke9U8y1RRot7xLj4eaqbH08P9mEHBMRvqWyQevlcMLotF0HkmfeECXgtryvFk6lqrtwI_24VcNVbpM_6nnXZp0jGPEZUv_yolhoAvK2O6y9OcIM5x8xr7dUyfRvnT6AnmVeoLAMNML43c0Qc_BHun54TIzj5_aoV1Xmkkv_443q82roSMLRADbsZDOqWTlte_-dJGzxhfuTMZPemD_ivpRmKtZuCIYYgXh6XK6dFAbQJ3_XjPmvvvqqN49NJACnnU9zMnMv8aQ2IQasYIFJI9d-mcDRcHlehvr_yYOWdwuo4eBwrmvDsgezeEUe5WU1kzEl7kaDtcgjNiUgbEAoQgjtVviyPeS1S_BgMzYDRvipCbC6NdWuTXkCqpamamoXRtkENEk3peCbEhfCn9SpsenVNAlul7nQLGIBM8YAY3FfZq2B2zLsGuQrSSmtTSGjYsDfcnuMMbY4I6bX_oVvgVttUxzTPe4wuO9T74gigWGTN_EccbDsmi3tAyBm-xr4Ae3zGhj32BKvadeT34uEDPUxtKSE3AqlFVbmlsGBQWNXV8DUURbIjHWau8Qj8pxKzF717YjG9-j732jS3pjJRlijzsCslgZfyVpErx9dslh_rGub9M17PiNNttC57qBacRZ9KWUA26LQuAcGL9JmPCfR-QlGi91qDj1pfv39hyyxzha6zz5R1ew&sai=AMfl-YT4yvjBJ27T40EC1TzyaJDKaHSmRrn-wUK9z6kUGjznCT5l22rAZqB_nSqcg7PtCzk8GNat5MjiRKuD2Onp9RyCGWTYdjHkDv8dVJjCGQroH-8BArHc8XtcdSKxQE3p7JLBDl7S-iLuc-FmMZ5iUtK1LL7JG2Z7cttO3k8VacPB61QaxAcK9nbcWYFcywgva7YYXaQNyl0pSsCDssHD6UPzWTGLjd6_GKX6XYB2sHAp08seXFQs79_jZHhaoiLmZ94kibHxeGXfIuXlQ9oO6_STLnsLCE2FrcK5Bod0mPVawuhu8Q6RonnWl8V6uFkO_8FC2csLW2UvUUypn503Gd2N_C3uYDRwJvrYij_V-_kvoPvu31COqx4FEncWJwDkrc1Hym00PX7-siXOCXpLhkNSuRuUXXFdXcPZQcfOljIPtKciSqv__7mmgUDIoJ8itjf8JLmT4xOPXpD5ilMMi6IM-HFmUachWw&sig=Cg0ArKJSzElp0kL6XeCEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230405.22253&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 755F	41 KB 15 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 755F	3 KB 1 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 755F	20 KB 8 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 755F	159 KB 49 KB	57ms 56ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 755F	42 B 63 B	76ms 75ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLiGCXcly3ns6RxKwnR4JgJEpK_CWqWTyvolp9dpfbecGh9EAe3kJ_qgSS5mQXuQrERYLKqC4fwAWxKn07tLKHhgj8MREuCiQ3b_6Vo2p9ad9-nl8 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	957438475819731882 s0.2mdn.net/simgad/ Frame 755F	148 KB 148 KB	18ms 17ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/957438475819731882 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15c5439dbf79d79eb0b9bbbe7678853da2acf7eb1e1215bb754b99a35b4ea7b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 14:48:10 GMT x-content-type-options nosniff age 288728 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151857 x-xss-protection 0 last-modified Wed, 22 Feb 2023 13:52:25 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 02 Apr 2024 14:48:10 GMT
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame CAE3	36 KB 14 KB	69ms 65ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203264 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame 5C99	29 KB 10 KB	69ms 68ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:23:00 GMT content-encoding gzip x-content-type-options nosniff age 23838 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 16:23:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame BE8D	28 KB 11 KB	61ms 60ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:31:32 GMT content-encoding br x-content-type-options nosniff age 5326 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11009 x-xss-protection 0 server cafe etag 12368014760096651300 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:31:32 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame BE8D	11 KB 4 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:30:54 GMT content-encoding br x-content-type-options nosniff age 5364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4123 x-xss-protection 0 server cafe etag 4541610132340792384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:30:54 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame BE8D	0 0	81ms 81ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGIMqgQd0B1szAG2sBjn3NvsdrNa4QA8Ci-9JcPsln2ZCn-S2TsL4fW_8ZGSvdS3fOmcn2_u2Jg9aOqb3TrLVZYzlOUo4cnopTiAHuWc1JTgt7jHT-RnguoxkWOUJPon8qk4IP1ePlOUaqLV2Jku9t20yhsaPzFfHVqDb-7tJRBkOhU0wRqXovgsigLz1OuuNlX6psS8Wp2ReWpF6XhN8Nj6odBgbychp8hc75CKRlQx9Uc0MdaOFJ84mDnB4sbGODOtsSs3pz9hWacMUUoiClxsxkMFyaef43OuOscHS2yJaJIMz3jNj9v6_E7zbJTXcitdoKQYE-5_w6Dop8fl7XjKFgQ-ZiU-wEHoTnTNUWEvWgTDGid_brd73aSnpI4LkVQ6FXo9krU3gnknY5ey4yvxzny3dNyhsGyx0PKJAtX8N3AHPvbYU9wrydDG86xHdqBkobpb1e3tzB3krvhrkCsiztjB66J0MZZ9_qiLW0Oz5zVQDvHGEd2r6_FLY-dp7QhmcNZxcGFiUp9dBOwtO9HUycufxgYYKeZUhiUY5RGZJafGNFPc07hi16y4ZfgpHyHHh5DlG1xJhi2awhAZJbFBt_T4G0EpKtTTBxCPRi5cPtPJcJqvfk7xVd2HPO5uvr28ITjohxbKpE8OXgC4ljmj_JM_YsNT-o99OndaSgQhtVesvaE1lYIcug_kM0wflTFl4Dj4BodukKShy176lK2Xdj1J4gNRfIGexcEjSujAD4ul2aeIhRLnqYZ4nSO4r_eVvERTrV_KyRfqmBI9Q1CihZGo5bsgJGzzG-Adci1loESYjL_35OG3xOnYssK9jGBUEaDDKnRi0LBzYsXDkSFmSkP__Q7zQwmKFr1L4d72x9xFW7hT7gFD9oYf38hpDyvCjl0cGcU2JVF1JKsPlKBdiAz1x-SFDJYRs4ELZdLQ8AykZigLrOkugc1u-ZtGuUAc9dwFS199XRy05EFXOWW0TbD6aLs3tlTPmxWCxc0TiG9LJDoPKIBLtKxwss6UN9cfUuKAeNvYkPDOVJSHm1k4fG8Ej9haMgZoYQzkNxmZvQeCYYT0R0RLdMv2f3CkmXoUHWZVBdcZi3UYVGsK-0CBhv4sxctMpGGHIRn8LvoU0N-lJfi7HalSBD70aKZ-f5yTpA-zBla1FxCZq1tA_Kt7wIpLK07o2fvHdceJSuqIfV5o8X_CpcXgPYQbXiX2hVzfextWrJ5_OsGFLXz16Tb5ApeMDLQPiwOVyRL7w-0D5WiFyJHhyivP-x1k5aN_yU94Vq43i4OMp6MvQLwD6_rjBo4GZbS2BYfsL3-LisjKoecVi3eCLbbPUIl-4nNjg8c5tqFIF3Aw&sai=AMfl-YTpb3wYh47Q1NmMe2Wl_oDshtPVwt-zGeSofyZ9N5zJA29ZCWYGsEDj2Q3yXSw48t_4QlM2CLcj_Sou-l7WhavgTovtG12iO5eDvHwmUgXfIOSlcGNxaY8l8fMw5fxv06JIb7ubIUM1IY2GkVMS3tsf9pu8paahSWnlln43khQlS2iU8vv30dhWjV_O2omHKpf5_GW92akrMd__31Uc_HVv-L0-Mg-4N9LRrFoDgd0BbQIiSQwW1fndUsbbsSIAS6m5VfHkMNIXZbK3efl-rogy6Iy5_bQALAbRdcnCiUeT71p8IdoNHT4Bww&sig=Cg0ArKJSzH-qfrQrWPyBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230405.36222&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Apr 2023 23:00:18 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Apr 2023 23:00:18 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame BE8D	41 KB 15 KB	59ms 59ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET H3	200	13365285964300626592 s0.2mdn.net/simgad/ Frame BE8D	144 KB 144 KB	62ms 62ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/13365285964300626592 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f10cbece4cc15485c71c230153531a4ecc150357ce65695691b7504ae1d2f983 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:13 GMT x-content-type-options nosniff age 536105 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147835 x-xss-protection 0 last-modified Fri, 10 Feb 2023 11:25:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:13 GMT
GET DATA	200 OK	truncated / Frame 755F	206 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e535ff8549f3fded04b82eb545e7c058fb922c84b603c4ab0242e68860d342af Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 2AE4	11 KB 4 KB	91ms 71ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$0;xdt=1;crlt=NBsIAdI7CE;stc=1;chaa=1;sttr=100;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4123 x-xss-protection 0 server cafe etag 4541610132340792384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 23:00:19 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2AE4	0 0	89ms 68ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssthwIpN5TLjpKo2l0BCu0NhcsQ18zD2PflRSfv-61tfMenKVbMl8EozuuIiGMHY5khAS6T3nQzL3kraRDx_YTsU_kFbgBm0WDA_wj8rOb6xafv86Db9du5hMXJqp7MNaCCluN7NZ1qTzVC7Rcptv1lRoynF1E&sai=AMfl-YQLBkBfxOpi7tn_b3SS_4p8WWifH_e33OZ6wHoY1pHCX95S3AuwQSzbBXHu-42PvLKaBDedJPjpj56TqPURUpn2PqOlYjEFXwsWEA&sig=Cg0ArKJSzB8sKOb4cviREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230405.40142&arae=0&ftch=1&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$0;xdt=1;crlt=NBsIAdI7CE;stc=1;chaa=1;sttr=100;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2AE4	41 KB 15 KB	26ms 12ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$0;xdt=1;crlt=NBsIAdI7CE;stc=1;chaa=1;sttr=100;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET H3	200	2418735279377567735 s0.2mdn.net/simgad/ Frame 2AE4	47 KB 47 KB	31ms 17ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/2418735279377567735 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:12 GMT x-content-type-options nosniff age 536106 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48252 x-xss-protection 0 last-modified Thu, 26 May 2022 20:28:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:12 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2AE4	159 KB 49 KB	49ms 36ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4EFC	22 KB 8 KB	25ms 15ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48171 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 9F16 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ0oyCUSA97EWSLOcEzeVMU&google_cver=1	43 B 549 B	103ms 35ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ0oyCUSA97EWSLOcEzeVMU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDC7IioBBip2PHhATAB&v=APEucNVBKD6kkoGWpoaXOQFX6Ab_jOKtxIGTVyATbqliaW0ATu_CEkxsEbljSbs17ZsRNndSQDehVRcJhaTxBGngZtddRTWAqTOr6xDalEnt-j9n4214iNsB-TdcvaAcHTDi_4CH6Vjej7LU8DzsC9fwZYRqVPu_EU5hzCyW2GO0ffWMc7WdrVU Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 06 Apr 2023 23:00:19 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 142 Connection keep-alive Content-Length 43 Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ0oyCUSA97EWSLOcEzeVMU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 306 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F16 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i... https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2Q0ODY3NDYtZDRjZS0xMWVkLWIyNWYtMTkxMzQ0ODgwNDA2	170 B 188 B	38ms 38ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2Q0ODY3NDYtZDRjZS0xMWVkLWIyNWYtMTkxMzQ0ODgwNDA2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDC7IioBBip2PHhATAB&v=APEucNVBKD6kkoGWpoaXOQFX6Ab_jOKtxIGTVyATbqliaW0ATu_CEkxsEbljSbs17ZsRNndSQDehVRcJhaTxBGngZtddRTWAqTOr6xDalEnt-j9n4214iNsB-TdcvaAcHTDi_4CH6Vjej7LU8DzsC9fwZYRqVPu_EU5hzCyW2GO0ffWMc7WdrVU Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 06 Apr 2023 23:00:19 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2Q0ODY3NDYtZDRjZS0xMWVkLWIyNWYtMTkxMzQ0ODgwNDA2 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 61 Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F16 Redirect Chain https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1ERFVkdFVORTJ1RWJnbDkzMEpXMUIxWmxWMTY5dVVlWH5B	170 B 188 B	48ms 47ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1ERFVkdFVORTJ1RWJnbDkzMEpXMUIxWmxWMTY5dVVlWH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDC7IioBBip2PHhATAB&v=APEucNVBKD6kkoGWpoaXOQFX6Ab_jOKtxIGTVyATbqliaW0ATu_CEkxsEbljSbs17ZsRNndSQDehVRcJhaTxBGngZtddRTWAqTOr6xDalEnt-j9n4214iNsB-TdcvaAcHTDi_4CH6Vjej7LU8DzsC9fwZYRqVPu_EU5hzCyW2GO0ffWMc7WdrVU Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1ERFVkdFVORTJ1RWJnbDkzMEpXMUIxWmxWMTY5dVVlWH5B date Thu, 06 Apr 2023 23:00:19 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET DATA	200 OK	truncated / Frame 2AE4	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a06496f63d0871caaacd410730fd382ecd32dd7bc6327e8aaccdd35f4624149a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame 1CF1 Redirect Chain https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=19429846202&bidurl=https://zsshares.com/2022... https://static.adsafeprotected.com/4.js	1 KB 1 KB	30ms 29ms	Script application/javascript	2600:9000:223f:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2600:9000:223f:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id ml8sLXd95uD59cm.BnrTx99uclgxfFZ2 content-encoding gzip via 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront) date Thu, 06 Apr 2023 04:40:57 GMT x-amz-cf-pop FRA56-P5 age 65963 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 21 Mar 2023 18:43:33 GMT server AmazonS3 etag W/"33dffa7df253125904b2f354b5bb5e8d" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id -Ag9HI52C-gnseWVMKMyC8bFH7nJC_s1gboBf0Y9Hy3y-lvkahrZeA== Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name app08.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame CB6E	91 KB 23 KB	91ms 36ms	Script application/javascript	2600:9000:223f:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 17047443 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id -8Ljr6_DHgjOf3a5dDoUWINaWTookM0sssaPN3L3A3gsSl6nxHs7zw==
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 755F	0 0	87ms 87ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyLYKg-EI6k3pr_E8Lu-daxd7PKeAgI0ZAI4zlIu47gFTd0m0Qc1eYCkA77qj8gKLuwlHhI4GzBwuNeXdWrkdCSdQqSTtNBhIgc2zIOcicvrC6szTkiEWXf6OkNB9i4kXQNdd3gRtmz2J9V6LSVlnWLNZcqM415RCDCv0biJM5HzdtIVeeaIkktcPwOMaH0TcmpuvdeQlYn32vKU1GjkyeP4Wsyp1qvXxyvjfPSG9Je9uQm2XyGAAlx-ypM4KGIRExjErhARXXXrk9xLS9UAhFr2cMgzIwZ_ze6hPP9ij2OUbIvWEkX6W1bD0yWng5ocLeCCM0gBKKrAlYlOlE3kgJxlheTuTFJCKdAIFzmeYmNba25V3UlDJjTthBScL6Piq0e_NI3Glayf0UUo2DPj3Px5So5TIOuVX-brW51O8LfG32IUgAcnxvZ45f_abvR8aWLwKdW_VUbmZzrih9VcIkkLYwXAirxMdUHnGmTbMaPKz8T1NTQjBoWGEmmIqImoCtHETDtXH-ym7hpEiyDEfTyzunuBaHuZuobHt5Ke9U8y1RRot7xLj4eaqbH08P9mEHBMRvqWyQevlcMLotF0HkmfeECXgtryvFk6lqrtwI_24VcNVbpM_6nnXZp0jGPEZUv_yolhoAvK2O6y9OcIM5x8xr7dUyfRvnT6AnmVeoLAMNML43c0Qc_BHun54TIzj5_aoV1Xmkkv_443q82roSMLRADbsZDOqWTlte_-dJGzxhfuTMZPemD_ivpRmKtZuCIYYgXh6XK6dFAbQJ3_XjPmvvvqqN49NJACnnU9zMnMv8aQ2IQasYIFJI9d-mcDRcHlehvr_yYOWdwuo4eBwrmvDsgezeEUe5WU1kzEl7kaDtcgjNiUgbEAoQgjtVviyPeS1S_BgMzYDRvipCbC6NdWuTXkCqpamamoXRtkENEk3peCbEhfCn9SpsenVNAlul7nQLGIBM8YAY3FfZq2B2zLsGuQrSSmtTSGjYsDfcnuMMbY4I6bX_oVvgVttUxzTPe4wuO9T74gigWGTN_EccbDsmi3tAyBm-xr4Ae3zGhj32BKvadeT34uEDPUxtKSE3AqlFVbmlsGBQWNXV8DUURbIjHWau8Qj8pxKzF717YjG9-j732jS3pjJRlijzsCslgZfyVpErx9dslh_rGub9M17PiNNttC57qBacRZ9KWUA26LQuAcGL9JmPCfR-QlGi91qDj1pfv39hyyxzha6zz5R1ew&sai=AMfl-YT4yvjBJ27T40EC1TzyaJDKaHSmRrn-wUK9z6kUGjznCT5l22rAZqB_nSqcg7PtCzk8GNat5MjiRKuD2Onp9RyCGWTYdjHkDv8dVJjCGQroH-8BArHc8XtcdSKxQE3p7JLBDl7S-iLuc-FmMZ5iUtK1LL7JG2Z7cttO3k8VacPB61QaxAcK9nbcWYFcywgva7YYXaQNyl0pSsCDssHD6UPzWTGLjd6_GKX6XYB2sHAp08seXFQs79_jZHhaoiLmZ94kibHxeGXfIuXlQ9oO6_STLnsLCE2FrcK5Bod0mPVawuhu8Q6RonnWl8V6uFkO_8FC2csLW2UvUUypn503Gd2N_C3uYDRwJvrYij_V-_kvoPvu31COqx4FEncWJwDkrc1Hym00PX7-siXOCXpLhkNSuRuUXXFdXcPZQcfOljIPtKciSqv__7mmgUDIoJ8itjf8JLmT4xOPXpD5ilMMi6IM-HFmUachWw&sig=Cg0ArKJSzElp0kL6XeCEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&vt=11&dtpt=255&dett=2&cstd=0&cisv=r20230405.22253&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:19 GMT
GET DATA	200 OK	truncated / Frame BE8D	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4de27ce14de43ccbeca9db47f5989994f559c877c49d915e2b0bbc875a184915 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B32	6 KB 3 KB	38ms 37ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 1CF1	43 B 215 B	565ms 183ms	Image image/gif	2600:1f13:800:7780:d8c6:407e:f233:e54a AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a9c84382-91c3-7556-ebcb-9a7c066ab554&tv=%7Bc:935qOu,pingTime:-3,time:165,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAGVTLf+11%7C1211%7C1212%7C131*.990511-61634100%7C1311%7C1312%7C1313%7C1411%7C1511%7C1512,idMap:131*,rmeas:1,rend:0,renddet:na,siq:25%7D&br=c Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:d8c6:407e:f233:e54a Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name dt08.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1CF1	43 B 216 B	560ms 182ms	Image image/gif	2600:1f13:800:7780:d8c6:407e:f233:e54a AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a9c84382-91c3-7556-ebcb-9a7c066ab554&tv=%7Bc:935qOw,pingTime:-6,time:167,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B160~0%5D,as:%5B160~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAGVTLf+11%7C1211%7C1212%7C131*.990511-61634100%7C1311%7C1312%7C1313%7C1411%7C1511%7C1512,idMap:131*,rmeas:1,rend:0,renddet:na,siq:25%7D&tpiLookup=ao:zsshares.com*%2C2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com*&br=c Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:d8c6:407e:f233:e54a Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name dt10.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame BE8D	0 0	73ms 72ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGIMqgQd0B1szAG2sBjn3NvsdrNa4QA8Ci-9JcPsln2ZCn-S2TsL4fW_8ZGSvdS3fOmcn2_u2Jg9aOqb3TrLVZYzlOUo4cnopTiAHuWc1JTgt7jHT-RnguoxkWOUJPon8qk4IP1ePlOUaqLV2Jku9t20yhsaPzFfHVqDb-7tJRBkOhU0wRqXovgsigLz1OuuNlX6psS8Wp2ReWpF6XhN8Nj6odBgbychp8hc75CKRlQx9Uc0MdaOFJ84mDnB4sbGODOtsSs3pz9hWacMUUoiClxsxkMFyaef43OuOscHS2yJaJIMz3jNj9v6_E7zbJTXcitdoKQYE-5_w6Dop8fl7XjKFgQ-ZiU-wEHoTnTNUWEvWgTDGid_brd73aSnpI4LkVQ6FXo9krU3gnknY5ey4yvxzny3dNyhsGyx0PKJAtX8N3AHPvbYU9wrydDG86xHdqBkobpb1e3tzB3krvhrkCsiztjB66J0MZZ9_qiLW0Oz5zVQDvHGEd2r6_FLY-dp7QhmcNZxcGFiUp9dBOwtO9HUycufxgYYKeZUhiUY5RGZJafGNFPc07hi16y4ZfgpHyHHh5DlG1xJhi2awhAZJbFBt_T4G0EpKtTTBxCPRi5cPtPJcJqvfk7xVd2HPO5uvr28ITjohxbKpE8OXgC4ljmj_JM_YsNT-o99OndaSgQhtVesvaE1lYIcug_kM0wflTFl4Dj4BodukKShy176lK2Xdj1J4gNRfIGexcEjSujAD4ul2aeIhRLnqYZ4nSO4r_eVvERTrV_KyRfqmBI9Q1CihZGo5bsgJGzzG-Adci1loESYjL_35OG3xOnYssK9jGBUEaDDKnRi0LBzYsXDkSFmSkP__Q7zQwmKFr1L4d72x9xFW7hT7gFD9oYf38hpDyvCjl0cGcU2JVF1JKsPlKBdiAz1x-SFDJYRs4ELZdLQ8AykZigLrOkugc1u-ZtGuUAc9dwFS199XRy05EFXOWW0TbD6aLs3tlTPmxWCxc0TiG9LJDoPKIBLtKxwss6UN9cfUuKAeNvYkPDOVJSHm1k4fG8Ej9haMgZoYQzkNxmZvQeCYYT0R0RLdMv2f3CkmXoUHWZVBdcZi3UYVGsK-0CBhv4sxctMpGGHIRn8LvoU0N-lJfi7HalSBD70aKZ-f5yTpA-zBla1FxCZq1tA_Kt7wIpLK07o2fvHdceJSuqIfV5o8X_CpcXgPYQbXiX2hVzfextWrJ5_OsGFLXz16Tb5ApeMDLQPiwOVyRL7w-0D5WiFyJHhyivP-x1k5aN_yU94Vq43i4OMp6MvQLwD6_rjBo4GZbS2BYfsL3-LisjKoecVi3eCLbbPUIl-4nNjg8c5tqFIF3Aw&sai=AMfl-YTpb3wYh47Q1NmMe2Wl_oDshtPVwt-zGeSofyZ9N5zJA29ZCWYGsEDj2Q3yXSw48t_4QlM2CLcj_Sou-l7WhavgTovtG12iO5eDvHwmUgXfIOSlcGNxaY8l8fMw5fxv06JIb7ubIUM1IY2GkVMS3tsf9pu8paahSWnlln43khQlS2iU8vv30dhWjV_O2omHKpf5_GW92akrMd__31Uc_HVv-L0-Mg-4N9LRrFoDgd0BbQIiSQwW1fndUsbbsSIAS6m5VfHkMNIXZbK3efl-rogy6Iy5_bQALAbRdcnCiUeT71p8IdoNHT4Bww&sig=Cg0ArKJSzH-qfrQrWPyBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=296&dett=2&cstd=0&cisv=r20230405.36222&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ahq6z9IHu65Tqfu_sRji_zcypMDEHZ9wPjEyDmWLM4rJETwOCY69nXIUE30runOCZUOC57n-DCdo0eREqxryz56Wd3tQ&cry=1&dbm_d=AKAmf-BIBThIQzwYxI_Qc4xLUBySPv25Z6j3AqfTxdAsW-t_YLjnnr2lT0OZBeQWY5zo-5lAyXbgpNQLIKc5YMaHbipqjCZtS3XUXZEUWQhDdIM6oJwAuYnJB0i4oSXMEbspUUHcWbwqs9mXL8faoVSaFCCeAEqT_7t-DWCLO-UQI79qnNmZeYwzlVPabyFmyAAyOXPFVgSPuj1IMGsI1HDNee20FhdLcD3-NqjZM0eGa465We6_XUeG28BTX6oJXQhHJeRSq4wsoyPNFR0RY9GKZn5_Yk3HFWeitFqbK-HXMXIaaC6Jr7MBVkbks8jdwkQENQtHKFOckM9oSCq1NqvxM-rGSd5R27I06oUQnR42Xn7IHCIvyXvinWBw8HXjj5tZXzT9boFqtA-492BfXJCfpfektLOjzw2vPYJ8p5BrjEkHJnLxHlICTMaHWUVmulpp8kxF0LPDS9qvlMo2uNpbcVe-IDVhxE8fRVmnUZY3iDN_1LsRRl2Hghd_JzUjzVHHJpMy9Le7Lmc7--VIflw64EY2d0RLZywRnJAJ0Efa2J5M1liRPuYLd1RbRG-jVQc40nUbMzX-DLOuIFQp9P4ddHSXZVeHQjj5bnwxbJy1NrBn852GSe5EYlrk65ecmvUvgR96ciXdyPYRAlPJp4zSC0vV63UTlDP4xUHDHu-9HhLEMobmCuGTtOAZwagDs1oKESlU1SL5nAqF6_vB6_19g7rqWaM-1ta25SJgM3VqQs07upHAdg11HJH8-lYrQz-_W90-Z1SONPaIZwSbLS5_C_kjEx-HiznxdvBhYmyHNzgWItCABV6KPtUm_dMphXLMh4BDWmbm_3mY-0BP_AFGU_68h2HnwEmspdgEa20nU-Vs8PilanHxaSusbjUtOmMR1j0XUXjPXEtLGAHhe8O2EXbNQsbHWNW9dfZrsIThdaOdK--0ohhYLz39jlX0AryzBegRwb-VCNjRUDqUzxq9uBjGJdTdrAG4SGj9HXmeWAkWL1H6coOoaZJIQoHaZBnwNOR-imHB7w1-P4CmrAi_zJyUImnFJ-XU5EROPd4Q7saNxUXmHzFwVCfWiF2ekQEIYDQ69dAGhXhKgnWJpTR4XAiQ6ZBu-BXFkcD9YueipcjMSzF5sDivyUliha2FHyZTwRFcpxn6JGhbi43uikFbtH-F1dzyxd3X37NW6-73J56Xrv6yxRqL-1pAQSGyE_Rb1BYGl7k0wGX_3z9JT8fD1o9mY_BJ0Q-CN1osjHcsWAS6C0gLo8eUDZx774qKhcjrYU4ALOoPWtPmgASIR63D66aU62WdDNyXeHj5yrrMzmN6RSzaytIZR11zSB3uDrAw3869DVwQbjutF4LDfeYURC23T-_uZXxmQw76oBuzkyYoBKA2LtgNdie_ct3DhIcP7bIg-mGn03fOL58gSHla8Ck3dQWWAjm4FLzm4xO3e_Td6xbNfeSbhQLSoeklgyFzCQND0xZnx8KgR1oGYVCDcyCV142hGUgXRcQUtn6iAJYu7CExbyaJnWcI7-PM94Zt9JzHWFqsxCLE1SlcNVValttWZ1-Y10pAIrocMOzr-3pSMJn--jXBXiCwRV1T7gZwJUPJnUHR_K5lPu5XeEI3OSi-m4xRAbz3O8CiI4KhEG48y20mA8LprSZkD1D-8Oeg9CQqkb-RCs0DVl7rpM-UVhH2m5vV5k07iu4UV9uvAKQLrDcK6iQPPPQTT20IB-YYgTq2mGKzq152KIRUf5b-1sNSH0PYRDOM464L9SxDr2p23cn9zuoqp08a13fEfdu3z5er9E0cWYwSQGvIX6wtFbckRW8-hvzE52ZS_PbkiurlNBNfWhv_k2LfAgLdnWQJcWK7qn2YFalzhsk7gMFJTZE1MYBF1aHkkZTXoe2kWu3n2AW8lBEM4yKCqiw4yk6DJs3PUinDjUtYc4k3bdt_jLsFnnm98PzoLUm4e-yxQHMtR5iljB1lIaUv6v630zZmKXZdSYRhVLcrt-8pTVQCd3hrtulIHEpJmQcqVBPoS9o2cbqt3p1rdqT5s6pV9uiVC_HhvWVhN88laXSFohtyDzgaXz2X8G59YOxwc_ZtkmQDn_Pm5k9oOcFmaiYLnYQafNFG9ZoP97I57iaKiZOVzMfiNxaqX-fKLuvQ1IqJEnPGqfo70O19MO-2lDZ4WfuwEbO88YQJC6u6-7Sn00Ict5Ak2sBVu8mqq14_O8VvfrXlWNdBltPydZiUaaDUHmE1fu4lH0WCPwDYpdjC1NRd8XyhCw-krEsmrjNunYPlsoPLhciUxFBHa94Pw-uBK90fBh6U2eoq9daXa3PzttLpIg6i_yM_p1biCW8kO6I8rGVHfgdwAJx4KA8SjOivCGVHXOUX6YUvCg8X7kMpK90U1ntYnvCVPJVkNF23gZdcmHrRH5H0qp9wXrLpIrQdJO5xXFwYl2v4IOyJxZ8mJe1-Os4VtAOZMHsn02Z9XQH571VRfXi6JwMLjDbbmRNC909b05n5IMa7NgyMj6AKUrenXr9C_XcozNblMZ3EkjvVRtTpVW_AoNzCi_MdfVpce5Yq_7dbkoVs-eJKBnFYOnTng9dxt-5RLf_SWne7dBVuCem52dl86XYHYdFct4_sbCugfOhRcr8VpR1kuyI6i5Pib_nUwlNEByEhowzDOFm3PK96LG6ukwVnj3efZBrXMMBFUE-Icbh4blgA42Fp-gmmyEfelwS2oGgJPCSWN-9_hPtiZpbnTagT7txveo2tWBDjDmuF48lXKkPfzJlOR0RYcTKpMlgTKNw_WFilolhwSf6Mf6GWEvBt7-YToPWYSjUnHrAClPeNlu-O9tQaHtV2YZrlrbACyqR2Icnai_F68og02ohIDdcWziSCzskZfZIvTVJMBklcc8Hnn25soAgKGKad-K_0BVV3xYx1NHmCCo9XQ7wCdZ2YZBE9GgY7TQO2ut4XILuEX1Ucl5utio39k4GpQEX92os8YNSxF86SAjc3v5cKCgPasaw5y1m7JXl_hPac7trGHEy1b_OyqqE_mZNQwkbqt9OfTBu42IWU92aiK5_Iden3I0ouhn0eFMJOO_W8LZxrba860V16M1-T2Zx8KIChrjdnOQed4yQ2KEFppYn0oLin4FVD4Z3QNFGGZnk6COCqEolfor15HoXzttLMBV7s1Y0uf5oX6EHQWGqWvFcRUOz4HI3UUBSY4DxaPAPulcxgvRpEgNTWuj8r6-T1uVDnSzfRrQpuHcUUKUFoUIfZKD_Ho2fBZMbEwatSz2xbIJZjozO6wGzRwEE8W8ZMZWJubqr1XeoTRQVXxWv48ILGk2M_vyCJ-ha9lde6D3qWkZa87I3Qw22UsE4NOTWYBuq14E8qUxYbi7yPH0vdkyCpkaqDiOAfSYQBwW8PCcjtXeG_mWqmR2xB3XSoxaBFC5CFA2ckqG2rRIE0_-e2GrObG38IuhcHArnLaD9Lme-YSTrtdwn3jA10pXTdj6XD8-yUzMwEJ6cdiKgIBdMJWZzKQjFaNv6Jx92KllX63aiRhjTSMiCaQp5lvAs7njHF4fCrDYw8U1RmqjLlBvMlI-TOuPudWHv3VZUHSkVuCs_1MatpoZvXolsb-NIUfCAqMrGx5xieOdV6Dm-oGEe2LTEZ0ostEXn4_eS7yCYcQTQUUR5oq36vFPSD7q2OCn7GETA-XplkSe1htHoVG8Lf0Jgi1zG4SPVHQs8jtx4L_RQcnpdd&cid=CAQSSwDUE5ymIU1yd80TgChPNlMGZb3N6_N_YMG8BHKkvXG57ysDuPMjr9jbfcc0E-6Coh_MDT9gQELejgGpODGtR-6eFF3j_OtHbiNrTRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=18333858883384824000&adk=497053795&idt=184&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2AE4	0 0	72ms 72ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssthwIpN5TLjpKo2l0BCu0NhcsQ18zD2PflRSfv-61tfMenKVbMl8EozuuIiGMHY5khAS6T3nQzL3kraRDx_YTsU_kFbgBm0WDA_wj8rOb6xafv86Db9du5hMXJqp7MNaCCluN7NZ1qTzVC7Rcptv1lRoynF1E&sai=AMfl-YQLBkBfxOpi7tn_b3SS_4p8WWifH_e33OZ6wHoY1pHCX95S3AuwQSzbBXHu-42PvLKaBDedJPjpj56TqPURUpn2PqOlYjEFXwsWEA&sig=Cg0ArKJSzB8sKOb4cviREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=265&vt=11&dtpt=263&dett=2&cstd=0&cisv=r20230405.40142&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2591737333;ord=5epyk4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fzsshares.com%2F$0;xdt=1;crlt=NBsIAdI7CE;stc=1;chaa=1;sttr=100;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:19 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1CF1	43 B 215 B	512ms 184ms	Image image/gif	2600:1f13:800:7780:d8c6:407e:f233:e54a AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a9c84382-91c3-7556-ebcb-9a7c066ab554&tv=%7Bc:935qPl,pingTime:-2,time:218,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:684,beZ:685,mfA:688,cmA:689,inA:689,inZ:694,prA:695,prZ:703,si:709,poA:710,poZ:735,cmZ:735,mfZ:735,loA:851,loZ:854,ltA:902,ltZ:902%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B211~0%5D,as:%5B211~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAGVTLf+11%7C1211%7C1212%7C131*.990511-61634100%7C1311%7C1312%7C1313%7C1411%7C1511%7C1512,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:25,sinceFw:192,readyFired:true%7D&br=c Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:d8c6:407e:f233:e54a Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name dt09.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A854	22 KB 8 KB	39ms 37ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48172 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 1CF1	0 0	77ms 76ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZqf-PSTnNZ0BpNbKxnnswKAVRk9KzpBnRlUCTUjOHJMW50g5pCyWnPJDfyvOR2DpfV0kblPFxP8mz-Co0CgwBlfLgPmdFnseQT6yg3lg8GsAMI1oRCFwybNGnHUko6zTezhwokcIvg92Pcj6cXbCVdntLTVdSZ6Xjl4RtbhZkfGNtUBoe1lvaNJUUlVj033uaInu8zBx0vM1Fg-hqEFzjVw9qX4uw8l1D2eh6B_yJV1nTRjB-c_Oolxzy3kFXSv9YXUPsqFfMqJOQ107yVrcG94Eri5apVqw5Y45vgqXq9g-mE7peDMQ5NsXVX9H7r7OvQWsykk48WB3yUFz-Y7aeOZMsX41h7VRF0rJlnEHVonamka37NC_AOPu7rvYTpN5EPUuE7opRlf_GvC3l7sRmvqA2-KKfn2ZOf-GP1vVwxVn8TCeu7CvxLAI7u78r1kdyRzGBaHGGGlf4ujLLttVedMm6w5pb2ug48VxHeEED7IginxvXnX8FSgCAk5Wvx6KQDVHzUb8Y0N5xqDPEwQTOjnKzlzFb8A5kOst-FYs03bUIZ09eX646KBU9LTjvF8GxxtxapcmACME6iszsPL58BlktbwZdRebC6S99XUxyhu4W5JirZKqXZlqEWCkoSQu-0rmDCPXvqprCVcD2NUae-QILAEyEU5eAjkppzX3ynKMCoJwDRfE-gJeQGBXdcuLl7NgFx6NeaFL8IeE6j2ZbMc5quwgFUR6kD5Pjs0pLZMCCcK5geAkTTJzlMuml-UUIn6m1MDGIqWTW9PP2z6W6JHzEHhlXlNQH4xabuRecYhLqfXSBlkIE3ZT_zm29KrnswMIKNW5XQIrOIVZCy0zo7LGEbhCtvUoVE3x3i9cKDr7D2fGGcpZTzvXSWvwyy631agPCGrR7bq_2ku14bW2bgnVogejB52A0exBoHiyT3QpT9TrurLWWmu4lKdzAAROGVpGreMn5_YMAlP50EgsDdmlgFiVSTSkc8npJe_F9oi1QxweKnHxICh9iGhopMh0FK8S2oWJYII1lfDXLlE2CE8w7MiTgnvGmRB_IYNEJnEUd-gNgSZLkbGs4_YHvvwr1b0Z32MAJUmv2RowBXZFpNRUrhZ_KQwIrjDELrpF-WEMv6YZDvfXDLSy5ccGmFSWy9LmR02aVmCUb9ZSl0PhJ9FGaCOZXhy3WADA3TnP_7L3D5spgteTzDKE2TQpyn5_N8ldj5t_nTOflO8LfpN-lV964I2IRWY3uxrOWCyOV4js65pkGGU-7fQCfKzlzG6MRvnlQICMBX6UlZ_A3RQQwJEEfkLRhtqAbOZfbK0KJAyqO0-IxaBbQsu-TqMw&sai=AMfl-YSMblqU_3P1YIKUdSMN3jiTWTMlB-A2vlBLArrRlNQlbTKUHuyp47EWAQefQfto6izHofQZ_gb9avNZrovDYE_5fRbd64dEbdX47eqkavl1bN4OkqkvbxKnoKeAbStI8RO87nlaAvkLtAqaK-IanJd_CIKIAI4EzOkbc4tQdk71U1HxJ0OqlAN8beNhwHGluQa7ey4ZCoUfNOqYG1QOYtpJj2_rlkQDlX75GRUpTdLCoOe7NRkUX0zqn0Vt2MS6pNde8uooxi-qgYqPW34udNBDgCy82Ztk&sig=Cg0ArKJSzP7clgmPIE30EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=615&vt=11&dtpt=472&dett=3&cstd=139&cisv=r20230405.38118&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 4EFC	36 KB 14 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame FA64	22 KB 8 KB	34ms 29ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48172 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4A0A	398 B 225 B	47ms 44ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUHMq5D6TmgyOKalTA5wkGpKrZf-QQvRbkp7n9dIuzJ_6601STTI7Ul7IkFmp1-owOiDQix_YnJ61I7zTheb8R7n6NmIKPZeKL5qaMYz_jIXolAm6-kioJzyJnoGRae36ulwKSoi3LEBDbxesg6Ikm8lP4979WKnrITPxq_eZsgf0j1I9Y Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 202 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:19 GMT expires Thu, 06 Apr 2023 23:00:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 3408	78 KB 27 KB	140ms 138ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28043 x-xss-protection 0 server cafe etag 15270303690107644053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 3408	3 KB 1 KB	39ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 3408	20 KB 8 KB	40ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3408	159 KB 49 KB	47ms 45ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3408	42 B 63 B	55ms 53ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAgfPMyU6Xplk9bItQ4vx2Y4ncEcSYQW1XumgD2KHeTAERvps8jjwV1RBRwlhGlqCitBPJJdFVjjb5wzSdJNPqnHSWRqD5wNVaXQbiSBQdczCr82w Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3408	0 20 B	56ms 54ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13433772056104003683&x=1&ct=76 Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	cta_jetzt_buchen.svg s0.2mdn.net/creatives/assets/4331440/ Frame 5C99	2 KB 1 KB	15ms 14ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:47:28 GMT content-encoding gzip x-content-type-options nosniff age 771 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1056 x-xss-protection 0 last-modified Wed, 13 Oct 2021 09:19:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:02:28 GMT
GET H3	200	flex_tarif_white.svg s0.2mdn.net/creatives/assets/4453672/ Frame 5C99	4 KB 2 KB	19ms 17ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:49:26 GMT content-encoding gzip x-content-type-options nosniff age 653 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1508 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:27 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:04:26 GMT
GET H3	200	head2_3line_paare.svg s0.2mdn.net/creatives/assets/4453672/ Frame 5C99	11 KB 3 KB	18ms 17ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:59:39 GMT content-encoding gzip x-content-type-options nosniff age 40 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3285 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:14:39 GMT
GET H3	200	head1_1line_paare.svg s0.2mdn.net/creatives/assets/4453672/ Frame 5C99	4 KB 2 KB	20ms 18ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:55:37 GMT content-encoding gzip x-content-type-options nosniff age 282 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1610 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:24 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:10:37 GMT
GET H3	200	tui_logo_live_happy.svg s0.2mdn.net/creatives/assets/4364511/ Frame 5C99	6 KB 2 KB	20ms 19ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:48:47 GMT content-encoding gzip x-content-type-options nosniff age 692 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2072 x-xss-protection 0 last-modified Mon, 08 Nov 2021 07:44:21 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:03:47 GMT
GET H3	200	300x250_kv_paar.jpg s0.2mdn.net/creatives/assets/4453672/ Frame 5C99	38 KB 38 KB	21ms 20ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/8545329873006492075/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:47:47 GMT x-content-type-options nosniff age 752 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38528 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:02:47 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 4A0A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN0fXXn9CBakJ9ZPicgNd-g&google_cver=1	43 B 163 B	352ms 258ms	Image image/gif	185.86.138.151 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN0fXXn9CBakJ9ZPicgNd-g&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUHMq5D6TmgyOKalTA5wkGpKrZf-QQvRbkp7n9dIuzJ_6601STTI7Ul7IkFmp1-owOiDQix_YnJ61I7zTheb8R7n6NmIKPZeKL5qaMYz_jIXolAm6-kioJzyJnoGRae36ulwKSoi3LEBDbxesg6Ikm8lP4979WKnrITPxq_eZsgf0j1I9Y Protocol HTTP/1.1 Server 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT transfer-encoding chunked content-type image/gif Redirect headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEN0fXXn9CBakJ9ZPicgNd-g&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 316 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 4A0A	43 B 163 B	180ms 46ms	Image image/gif	185.86.138.151 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUHMq5D6TmgyOKalTA5wkGpKrZf-QQvRbkp7n9dIuzJ_6601STTI7Ul7IkFmp1-owOiDQix_YnJ61I7zTheb8R7n6NmIKPZeKL5qaMYz_jIXolAm6-kioJzyJnoGRae36ulwKSoi3LEBDbxesg6Ikm8lP4979WKnrITPxq_eZsgf0j1I9Y Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT transfer-encoding chunked content-type image/gif
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame A854	36 KB 14 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96EB	6 KB 3 KB	11ms 10ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response pagead2.googlesyndication.com/bg/ Frame FA64	36 KB 14 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 13:44:00 GMT content-encoding br x-content-type-options nosniff age 33379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14213 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 05 Apr 2024 13:44:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4E85	0 19 B	50ms 48ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNWO1KiXb0RY68bo1NWm92q3nPswHSgLaJgfcpzr1l2vHNb634ufhVWvwMRsSBqBerxpvk62eYJV7Kyouk0oPaJts1ihFQ7h-Q0IWOC88WGe7GzEZPrRHhIVbsGr-x0fgt0-n2Lkqs3Th7w4xzgY3G_ARn3NrVdjS8cUFpdMgNPun619T-M Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:19 GMT expires Thu, 06 Apr 2023 23:00:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 96EB	78 KB 27 KB	149ms 146ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28043 x-xss-protection 0 server cafe etag 15270303690107644053 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96EB	42 B 63 B	82ms 79ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzxmcoTnMxbRmd2A3s4R2GyGOYFi8znRCPenBj_srxZ1wYnX0BAxblt0p77AiIHuD9qtF9VOw8KU6KR2NaSdeia3nFJY0sOFZWEbGp_nKjwInWmWM Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96EB	0 20 B	83ms 81ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7962766181263103031&x=1&ct=76 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 96EB	3 KB 1 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 96EB	20 KB 8 KB	44ms 42ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 96EB	159 KB 49 KB	55ms 53ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49753 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1680694322409811" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3408	0 20 B	72ms 72ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1245042451195&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3408	0 20 B	71ms 71ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1245042451195&version=m202301230201&ct=76&x=1&cor=13433772056104004000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 3408	89 KB 36 KB	75ms 75ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLZ3pYuAreknftY3melGHb41CySCke4XgEubwMVPMjq0eo_BEh2KW9eJHYOrdwxXqHpxH6QnWG8rIo3VcwkW7w9k8HDI9EU-KlYaDfu5zw2sHAU4M&cry=1&dbm_d=AKAmf-CUiJ89PeIs3noVagtQsFODZx8ETBfwseXvnWq8jJpUOSEXDsBMKsLivQwBs7NdaF8QGR0WQDZ3Ev5ksw4Ar3YERhUWKgVNMNLbRc4Ji3I_Vz4lQRE5Rxg6h6cIQHTi5DAqVf3gTGQY7_78iHWOawtsOqxs9ILcCYYpxd5GjmP5orxxe5ZKyyJ-tNtHcVKdmzsF1xlj4FieWkskZoZ0OTMztcYt6J-eNKd9AVORdWG2JMMa2jUdi-OOSP1G5WHoeYjfCYfVnbG4nfz8e4UstUHKtav2ZVMfLsEGzvDTJXRZOAmq57x9jWe8Gu6GFhIXH9rTR9lokPiUvDYJCGIlpIEEtpBvl3tYgAZqCM5dve4PuZouzk2L-BFV0Yno6r4YL8iclf9WhxT0G4KW00nhhETITkv0Ps1I82Ke2zUM5fY6k7B8i46cV081X5tTYtnZ3dd6utd4XVqPKrPpoIpEBkVZw7j0K2LZSdK2Goe6rDp4PZVSyjwO9dkDEXRHvHjXoemuZHHXZdA3UChfU_yjw1X6I-0ZfPRKe7SvjKVf6SRTbOTcWVcq16zAIlFnL1dOh8yf8Sq-lmVapbRvUhv4GanG4TZOIBfIHcHZFXJ1oOrNmaGjvZ491KMMlyw2uoRLH-eA6vCt6a-pxqJerNART209Vox6fnh9VstRbErpjq6oDrVYba4zTMXR1bJmOd4C9diud9prKyk55q5k2AsCRw6wSAuooqHo-BWRaf_jOlYIfaT_dnKphDdpj_LpEHuTfuCFUS4nfgG8r8Nsh6-DktTelQXZBDiNsCPdsDqh2ghE8rdEbpDaJ_OSEZwDzAT_7XdkfZdytYQyk87Ta4Ik3Y32b0TgSzvpzNlmVHaVHF4GDZw9ToHW_ZsX5qG7IsyTm33mWkfkiDQC4IPbkMOWgx0JSOQCcchCQCwmaqkXARkeoWRcG9h6_O38Sa2lInnM143WIHiaEy_L8cZikuqEzroJlGesmM_QX74cAP3r5Or7v4c8h0UukRFgrbGH90d3NkjHxM78qhxoXf6wSzFPWPmprU6uegXwgoH0_jGBjopmRf0UUSEai5Po9nKzdxdoa8Lygpz_lVa7C9j9vvWHzFYOwZdfBcvTkW44Nl7n_yIvObYvnrBvBt0h33lRbkp6YZWJnxO5Z77cCTzdkMPOYwiyA6mfduVdrBgfo2vKSOiMTY5iuFOP-TOCs1WtHwS15fWY8RS-DbDkZVntoMczjbMmgnDVvSKSUuUsA4JMjtXroFZ_LRPtPRVpmtmiCD7BTPhQmGaXwgsFfaK-WIsKRvuE3kSKRA00EHP9oU2piQT5zFZuGiLdlcoHJZb2QT0b9y5xFJoAV_Xiqg5VzsyBc--5jez-89mhPH4RwL6DXDPt4U9OxMgCGUIjHHL60QtJYgtYniU7Gb5IezGMCNiE9heHJDY0v5zcrzBw-jW1wTX0CbTuxTsCtqYfQvHii7NK6189bvEXzGijxpYNebtYtq6kiwpfSbpA-Cu7KibGsB9uIoY8AWsroWaetVjrRldIMuT8cp_I5_mpIdxEj4qf4t5vCyQUPBM7q94w2d8R2ZZhS_VAEq48RtNFpvlCdxmQQQrJ2H72hRk-whtesc9OGmERnu1MF2CCcurLhywuoi3RaUps833qI3z3JshXe_3TC3tWKwBFnjL37Tc5TdrnVbFGisRN_Lx_n3wPI8N7cTIQ9f7kRY9fVeqHIhtbDNpxgGT_OtRrIAeTrROSV9HnKAiEzqYWidDqkKauEOOOWbB-8xNy--KwuKk-XHccfFcD14lhfmIrvpMm39RfAtk1tlZ4XKDGczlQd40Y7fhLloFAZg4jzxJni99sZKdsDwOYr4OY8dvkyqNm2oFTrOAtLKue9g8w5HxT6Dc7VQzE0T6W2AqCS3zBG0PG0ePOkmLgO9X9xYhAA-MrIK3S1e7ULD5AKql1N22wOlhrkprUPbwdlWB84FNUwEc-zJDDSMKqwdSKhK2V6Ct-XgvOhh7SsH_ScfqxBpFCUM_g0cUB4ie8Uu1Pt4oYJ4fbIAwnDfR4XmqI6O6krs5J2AFfj_MxSLQARZpsWfg40_aDW6PWuJfBovGpFu2FRFPCjl6QBnpWYG9kqrohatqNbpar9hrkMYyBjpap3M6fi3lA9ExdNFlsskapEvcZ8VmIj0QolVtHa2guUX2mPbkWoY6B9HljdpTaqXVMfCrlLNpk57QkERw0S2zPtaM3faCcpccxMw_I-fW4AoFmfneWpYFW4gOKcheXceYxFawkLaIi2_1-N-gpM9eRAf_KXp9KeGekpw4M23gbh-pi5PGH50nHf78TOUIsRU6AaoD1e5d04i-4Cc5jGM1z16KFAJoN2MI5yXLf7qlM8nOCfgu0NkCRU9HHxk2-IYiVSSCT6F38kQbwwKLlMU36Puy4-B2l0nvwnJ3xkrmE9Jl4rZ-CrkXa8_7lH2qjixdaxjizKtRzvpYytb1F4mVp051no6F2AraYZ7zMxWU5RG_wM8R-TW5Q5yr1zrOWX0Ss50n-AhlTRgrLZP4-nxh8CPRBvroCQsusFFSz4oF1sPQMM1e1-3PTkfUft8uszPrA0QFiBVW0nKX4EVwx-D29dH4usa0wyeZgup1aAEh_M_XZnYmr_oVFTD1b1B0qfxfMtcx3FNsbNENBmZcQDSxsep2uFkLLVqDIdpN6Xhl2Q0UzcV-qr2QQrQTIQu5bWfWTlkvB4zGaR11Lb7mmyn1rUnX6zm2vrLdaKvfFt0Vto6iq5nXLzx7vT15Pq7-YvQ5georcrv0_HkT2XHhpbIQkGxm5xxXPB9SPffMZtrx6YhkVF5SsQWkSuhINjPxc2GPLwUFF7T1OBG7LBONVnHikpj7-QhmECVvCFbc4s9VMzpyIbzyHLoCyn6Olsc7nqCbGxfM_GMjsHnSXpHnBsCA3vtBZxptJaIsJJ3ur2-6zTYOqEvlBnZR4nJae1PBeEmRnrAVVJp7gI8kM-zmRoAzxG18ChjDfZOxAIkHImBj2TJ2i49DAfEcwuamkmZD92AmyUG1GfmY3lhcSlTOtRG2YpT0_GAvlCtqm4MeO8h5wHfm7sENfOyYhtt0IKdJ1wUJzi3XRAikcSfU_3-6J7xpujTKyV6pNJ0ZIEXMMN1ud6Z04PoATN4NQ6asoT40LHj6IG4PdEMxjGEvi_wCuM89_1iWy936HkNFOpxjOznydHAnmAZ1qGf9kTk2gjPkthT8OT8xs9Crh3QyXgO_Mcssnn2LILfWHTnuE1Va4WIXUuuh2sTpdji3hOzQmZh3AgWUY2K2NBmsVIrDFmRvaTKXttJP-6_WgiYBYZxwI1S9bpEzlvtpjnoRCOyRGmTSfMSSx4o9I8mm2z9ZQGt67KPrUfcG_4KFCoWw7BDr138SyGNFKshVbbwcZoJRo2yH97fgOMVXDvRrUa7FOWW4QLLjo1abfszn1n2jQ40frZYY2-NDGX256t49HV1qQjjLgCxnODMQJRN-losYJrW0FE4siS51gguj1VQyGorhoRhSFOnSa_pkfN2hJl-70lmOsoBl1pRaYpPIl1sygrhcKjgA-TmicaHiGD0pvQWgbyk8gh328A_8PNqsUmzk0lP5ZYrcdXWb47iLXAHVVpJiNVvFK6BV7iJWX3e6DbiTKghmUwZVQMEkHSLesiLN3MqU0UOWmiFe4Jqr4Si91J5b-bdmoOqI&cid=CAQSTADUE5ymxnlDKO1mz82_aYxD9OpPv9m1Ns9FGl27OUiSf77bs-DFCQMoczJZ9py7S5LSwNp6mbal_fGmIAKu13zCjUKJ04LR2JvvF5kYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=13433772056104004000&adk=1726166460&idt=154&cac=0&dtd=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 95e47324f139c9262a5f11c1fd2cda068250ace458ed23b6dd6ff760449dcf0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37025 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1CF1	43 B 215 B	198ms 198ms	Image image/gif	2600:1f13:800:7780:d8c6:407e:f233:e54a AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a9c84382-91c3-7556-ebcb-9a7c066ab554&tv=%7Bc:935qV3,time:572,type:e,im:%7Bpci:%7Btdr:230%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:572,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B565~0%5D,as:%5B565~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tAGVTLf+11%7C1211%7C1212%7C131*.990511-61634100%7C1311%7C1312%7C1313%7C1411%7C1511%7C1512,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:313%7D&br=c Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:d8c6:407e:f233:e54a Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name dt01.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 3408	170 KB 59 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 09:09:31 GMT content-encoding gzip x-content-type-options nosniff age 49848 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60311 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:25 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 09:09:31 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 3408	11 KB 4 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLZ3pYuAreknftY3melGHb41CySCke4XgEubwMVPMjq0eo_BEh2KW9eJHYOrdwxXqHpxH6QnWG8rIo3VcwkW7w9k8HDI9EU-KlYaDfu5zw2sHAU4M&cry=1&dbm_d=AKAmf-CUiJ89PeIs3noVagtQsFODZx8ETBfwseXvnWq8jJpUOSEXDsBMKsLivQwBs7NdaF8QGR0WQDZ3Ev5ksw4Ar3YERhUWKgVNMNLbRc4Ji3I_Vz4lQRE5Rxg6h6cIQHTi5DAqVf3gTGQY7_78iHWOawtsOqxs9ILcCYYpxd5GjmP5orxxe5ZKyyJ-tNtHcVKdmzsF1xlj4FieWkskZoZ0OTMztcYt6J-eNKd9AVORdWG2JMMa2jUdi-OOSP1G5WHoeYjfCYfVnbG4nfz8e4UstUHKtav2ZVMfLsEGzvDTJXRZOAmq57x9jWe8Gu6GFhIXH9rTR9lokPiUvDYJCGIlpIEEtpBvl3tYgAZqCM5dve4PuZouzk2L-BFV0Yno6r4YL8iclf9WhxT0G4KW00nhhETITkv0Ps1I82Ke2zUM5fY6k7B8i46cV081X5tTYtnZ3dd6utd4XVqPKrPpoIpEBkVZw7j0K2LZSdK2Goe6rDp4PZVSyjwO9dkDEXRHvHjXoemuZHHXZdA3UChfU_yjw1X6I-0ZfPRKe7SvjKVf6SRTbOTcWVcq16zAIlFnL1dOh8yf8Sq-lmVapbRvUhv4GanG4TZOIBfIHcHZFXJ1oOrNmaGjvZ491KMMlyw2uoRLH-eA6vCt6a-pxqJerNART209Vox6fnh9VstRbErpjq6oDrVYba4zTMXR1bJmOd4C9diud9prKyk55q5k2AsCRw6wSAuooqHo-BWRaf_jOlYIfaT_dnKphDdpj_LpEHuTfuCFUS4nfgG8r8Nsh6-DktTelQXZBDiNsCPdsDqh2ghE8rdEbpDaJ_OSEZwDzAT_7XdkfZdytYQyk87Ta4Ik3Y32b0TgSzvpzNlmVHaVHF4GDZw9ToHW_ZsX5qG7IsyTm33mWkfkiDQC4IPbkMOWgx0JSOQCcchCQCwmaqkXARkeoWRcG9h6_O38Sa2lInnM143WIHiaEy_L8cZikuqEzroJlGesmM_QX74cAP3r5Or7v4c8h0UukRFgrbGH90d3NkjHxM78qhxoXf6wSzFPWPmprU6uegXwgoH0_jGBjopmRf0UUSEai5Po9nKzdxdoa8Lygpz_lVa7C9j9vvWHzFYOwZdfBcvTkW44Nl7n_yIvObYvnrBvBt0h33lRbkp6YZWJnxO5Z77cCTzdkMPOYwiyA6mfduVdrBgfo2vKSOiMTY5iuFOP-TOCs1WtHwS15fWY8RS-DbDkZVntoMczjbMmgnDVvSKSUuUsA4JMjtXroFZ_LRPtPRVpmtmiCD7BTPhQmGaXwgsFfaK-WIsKRvuE3kSKRA00EHP9oU2piQT5zFZuGiLdlcoHJZb2QT0b9y5xFJoAV_Xiqg5VzsyBc--5jez-89mhPH4RwL6DXDPt4U9OxMgCGUIjHHL60QtJYgtYniU7Gb5IezGMCNiE9heHJDY0v5zcrzBw-jW1wTX0CbTuxTsCtqYfQvHii7NK6189bvEXzGijxpYNebtYtq6kiwpfSbpA-Cu7KibGsB9uIoY8AWsroWaetVjrRldIMuT8cp_I5_mpIdxEj4qf4t5vCyQUPBM7q94w2d8R2ZZhS_VAEq48RtNFpvlCdxmQQQrJ2H72hRk-whtesc9OGmERnu1MF2CCcurLhywuoi3RaUps833qI3z3JshXe_3TC3tWKwBFnjL37Tc5TdrnVbFGisRN_Lx_n3wPI8N7cTIQ9f7kRY9fVeqHIhtbDNpxgGT_OtRrIAeTrROSV9HnKAiEzqYWidDqkKauEOOOWbB-8xNy--KwuKk-XHccfFcD14lhfmIrvpMm39RfAtk1tlZ4XKDGczlQd40Y7fhLloFAZg4jzxJni99sZKdsDwOYr4OY8dvkyqNm2oFTrOAtLKue9g8w5HxT6Dc7VQzE0T6W2AqCS3zBG0PG0ePOkmLgO9X9xYhAA-MrIK3S1e7ULD5AKql1N22wOlhrkprUPbwdlWB84FNUwEc-zJDDSMKqwdSKhK2V6Ct-XgvOhh7SsH_ScfqxBpFCUM_g0cUB4ie8Uu1Pt4oYJ4fbIAwnDfR4XmqI6O6krs5J2AFfj_MxSLQARZpsWfg40_aDW6PWuJfBovGpFu2FRFPCjl6QBnpWYG9kqrohatqNbpar9hrkMYyBjpap3M6fi3lA9ExdNFlsskapEvcZ8VmIj0QolVtHa2guUX2mPbkWoY6B9HljdpTaqXVMfCrlLNpk57QkERw0S2zPtaM3faCcpccxMw_I-fW4AoFmfneWpYFW4gOKcheXceYxFawkLaIi2_1-N-gpM9eRAf_KXp9KeGekpw4M23gbh-pi5PGH50nHf78TOUIsRU6AaoD1e5d04i-4Cc5jGM1z16KFAJoN2MI5yXLf7qlM8nOCfgu0NkCRU9HHxk2-IYiVSSCT6F38kQbwwKLlMU36Puy4-B2l0nvwnJ3xkrmE9Jl4rZ-CrkXa8_7lH2qjixdaxjizKtRzvpYytb1F4mVp051no6F2AraYZ7zMxWU5RG_wM8R-TW5Q5yr1zrOWX0Ss50n-AhlTRgrLZP4-nxh8CPRBvroCQsusFFSz4oF1sPQMM1e1-3PTkfUft8uszPrA0QFiBVW0nKX4EVwx-D29dH4usa0wyeZgup1aAEh_M_XZnYmr_oVFTD1b1B0qfxfMtcx3FNsbNENBmZcQDSxsep2uFkLLVqDIdpN6Xhl2Q0UzcV-qr2QQrQTIQu5bWfWTlkvB4zGaR11Lb7mmyn1rUnX6zm2vrLdaKvfFt0Vto6iq5nXLzx7vT15Pq7-YvQ5georcrv0_HkT2XHhpbIQkGxm5xxXPB9SPffMZtrx6YhkVF5SsQWkSuhINjPxc2GPLwUFF7T1OBG7LBONVnHikpj7-QhmECVvCFbc4s9VMzpyIbzyHLoCyn6Olsc7nqCbGxfM_GMjsHnSXpHnBsCA3vtBZxptJaIsJJ3ur2-6zTYOqEvlBnZR4nJae1PBeEmRnrAVVJp7gI8kM-zmRoAzxG18ChjDfZOxAIkHImBj2TJ2i49DAfEcwuamkmZD92AmyUG1GfmY3lhcSlTOtRG2YpT0_GAvlCtqm4MeO8h5wHfm7sENfOyYhtt0IKdJ1wUJzi3XRAikcSfU_3-6J7xpujTKyV6pNJ0ZIEXMMN1ud6Z04PoATN4NQ6asoT40LHj6IG4PdEMxjGEvi_wCuM89_1iWy936HkNFOpxjOznydHAnmAZ1qGf9kTk2gjPkthT8OT8xs9Crh3QyXgO_Mcssnn2LILfWHTnuE1Va4WIXUuuh2sTpdji3hOzQmZh3AgWUY2K2NBmsVIrDFmRvaTKXttJP-6_WgiYBYZxwI1S9bpEzlvtpjnoRCOyRGmTSfMSSx4o9I8mm2z9ZQGt67KPrUfcG_4KFCoWw7BDr138SyGNFKshVbbwcZoJRo2yH97fgOMVXDvRrUa7FOWW4QLLjo1abfszn1n2jQ40frZYY2-NDGX256t49HV1qQjjLgCxnODMQJRN-losYJrW0FE4siS51gguj1VQyGorhoRhSFOnSa_pkfN2hJl-70lmOsoBl1pRaYpPIl1sygrhcKjgA-TmicaHiGD0pvQWgbyk8gh328A_8PNqsUmzk0lP5ZYrcdXWb47iLXAHVVpJiNVvFK6BV7iJWX3e6DbiTKghmUwZVQMEkHSLesiLN3MqU0UOWmiFe4Jqr4Si91J5b-bdmoOqI&cid=CAQSTADUE5ymxnlDKO1mz82_aYxD9OpPv9m1Ns9FGl27OUiSf77bs-DFCQMoczJZ9py7S5LSwNp6mbal_fGmIAKu13zCjUKJ04LR2JvvF5kYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=13433772056104004000&adk=1726166460&idt=154&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:30:54 GMT content-encoding br x-content-type-options nosniff age 5365 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4123 x-xss-protection 0 server cafe etag 4541610132340792384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:30:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 3408	28 KB 11 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLZ3pYuAreknftY3melGHb41CySCke4XgEubwMVPMjq0eo_BEh2KW9eJHYOrdwxXqHpxH6QnWG8rIo3VcwkW7w9k8HDI9EU-KlYaDfu5zw2sHAU4M&cry=1&dbm_d=AKAmf-CUiJ89PeIs3noVagtQsFODZx8ETBfwseXvnWq8jJpUOSEXDsBMKsLivQwBs7NdaF8QGR0WQDZ3Ev5ksw4Ar3YERhUWKgVNMNLbRc4Ji3I_Vz4lQRE5Rxg6h6cIQHTi5DAqVf3gTGQY7_78iHWOawtsOqxs9ILcCYYpxd5GjmP5orxxe5ZKyyJ-tNtHcVKdmzsF1xlj4FieWkskZoZ0OTMztcYt6J-eNKd9AVORdWG2JMMa2jUdi-OOSP1G5WHoeYjfCYfVnbG4nfz8e4UstUHKtav2ZVMfLsEGzvDTJXRZOAmq57x9jWe8Gu6GFhIXH9rTR9lokPiUvDYJCGIlpIEEtpBvl3tYgAZqCM5dve4PuZouzk2L-BFV0Yno6r4YL8iclf9WhxT0G4KW00nhhETITkv0Ps1I82Ke2zUM5fY6k7B8i46cV081X5tTYtnZ3dd6utd4XVqPKrPpoIpEBkVZw7j0K2LZSdK2Goe6rDp4PZVSyjwO9dkDEXRHvHjXoemuZHHXZdA3UChfU_yjw1X6I-0ZfPRKe7SvjKVf6SRTbOTcWVcq16zAIlFnL1dOh8yf8Sq-lmVapbRvUhv4GanG4TZOIBfIHcHZFXJ1oOrNmaGjvZ491KMMlyw2uoRLH-eA6vCt6a-pxqJerNART209Vox6fnh9VstRbErpjq6oDrVYba4zTMXR1bJmOd4C9diud9prKyk55q5k2AsCRw6wSAuooqHo-BWRaf_jOlYIfaT_dnKphDdpj_LpEHuTfuCFUS4nfgG8r8Nsh6-DktTelQXZBDiNsCPdsDqh2ghE8rdEbpDaJ_OSEZwDzAT_7XdkfZdytYQyk87Ta4Ik3Y32b0TgSzvpzNlmVHaVHF4GDZw9ToHW_ZsX5qG7IsyTm33mWkfkiDQC4IPbkMOWgx0JSOQCcchCQCwmaqkXARkeoWRcG9h6_O38Sa2lInnM143WIHiaEy_L8cZikuqEzroJlGesmM_QX74cAP3r5Or7v4c8h0UukRFgrbGH90d3NkjHxM78qhxoXf6wSzFPWPmprU6uegXwgoH0_jGBjopmRf0UUSEai5Po9nKzdxdoa8Lygpz_lVa7C9j9vvWHzFYOwZdfBcvTkW44Nl7n_yIvObYvnrBvBt0h33lRbkp6YZWJnxO5Z77cCTzdkMPOYwiyA6mfduVdrBgfo2vKSOiMTY5iuFOP-TOCs1WtHwS15fWY8RS-DbDkZVntoMczjbMmgnDVvSKSUuUsA4JMjtXroFZ_LRPtPRVpmtmiCD7BTPhQmGaXwgsFfaK-WIsKRvuE3kSKRA00EHP9oU2piQT5zFZuGiLdlcoHJZb2QT0b9y5xFJoAV_Xiqg5VzsyBc--5jez-89mhPH4RwL6DXDPt4U9OxMgCGUIjHHL60QtJYgtYniU7Gb5IezGMCNiE9heHJDY0v5zcrzBw-jW1wTX0CbTuxTsCtqYfQvHii7NK6189bvEXzGijxpYNebtYtq6kiwpfSbpA-Cu7KibGsB9uIoY8AWsroWaetVjrRldIMuT8cp_I5_mpIdxEj4qf4t5vCyQUPBM7q94w2d8R2ZZhS_VAEq48RtNFpvlCdxmQQQrJ2H72hRk-whtesc9OGmERnu1MF2CCcurLhywuoi3RaUps833qI3z3JshXe_3TC3tWKwBFnjL37Tc5TdrnVbFGisRN_Lx_n3wPI8N7cTIQ9f7kRY9fVeqHIhtbDNpxgGT_OtRrIAeTrROSV9HnKAiEzqYWidDqkKauEOOOWbB-8xNy--KwuKk-XHccfFcD14lhfmIrvpMm39RfAtk1tlZ4XKDGczlQd40Y7fhLloFAZg4jzxJni99sZKdsDwOYr4OY8dvkyqNm2oFTrOAtLKue9g8w5HxT6Dc7VQzE0T6W2AqCS3zBG0PG0ePOkmLgO9X9xYhAA-MrIK3S1e7ULD5AKql1N22wOlhrkprUPbwdlWB84FNUwEc-zJDDSMKqwdSKhK2V6Ct-XgvOhh7SsH_ScfqxBpFCUM_g0cUB4ie8Uu1Pt4oYJ4fbIAwnDfR4XmqI6O6krs5J2AFfj_MxSLQARZpsWfg40_aDW6PWuJfBovGpFu2FRFPCjl6QBnpWYG9kqrohatqNbpar9hrkMYyBjpap3M6fi3lA9ExdNFlsskapEvcZ8VmIj0QolVtHa2guUX2mPbkWoY6B9HljdpTaqXVMfCrlLNpk57QkERw0S2zPtaM3faCcpccxMw_I-fW4AoFmfneWpYFW4gOKcheXceYxFawkLaIi2_1-N-gpM9eRAf_KXp9KeGekpw4M23gbh-pi5PGH50nHf78TOUIsRU6AaoD1e5d04i-4Cc5jGM1z16KFAJoN2MI5yXLf7qlM8nOCfgu0NkCRU9HHxk2-IYiVSSCT6F38kQbwwKLlMU36Puy4-B2l0nvwnJ3xkrmE9Jl4rZ-CrkXa8_7lH2qjixdaxjizKtRzvpYytb1F4mVp051no6F2AraYZ7zMxWU5RG_wM8R-TW5Q5yr1zrOWX0Ss50n-AhlTRgrLZP4-nxh8CPRBvroCQsusFFSz4oF1sPQMM1e1-3PTkfUft8uszPrA0QFiBVW0nKX4EVwx-D29dH4usa0wyeZgup1aAEh_M_XZnYmr_oVFTD1b1B0qfxfMtcx3FNsbNENBmZcQDSxsep2uFkLLVqDIdpN6Xhl2Q0UzcV-qr2QQrQTIQu5bWfWTlkvB4zGaR11Lb7mmyn1rUnX6zm2vrLdaKvfFt0Vto6iq5nXLzx7vT15Pq7-YvQ5georcrv0_HkT2XHhpbIQkGxm5xxXPB9SPffMZtrx6YhkVF5SsQWkSuhINjPxc2GPLwUFF7T1OBG7LBONVnHikpj7-QhmECVvCFbc4s9VMzpyIbzyHLoCyn6Olsc7nqCbGxfM_GMjsHnSXpHnBsCA3vtBZxptJaIsJJ3ur2-6zTYOqEvlBnZR4nJae1PBeEmRnrAVVJp7gI8kM-zmRoAzxG18ChjDfZOxAIkHImBj2TJ2i49DAfEcwuamkmZD92AmyUG1GfmY3lhcSlTOtRG2YpT0_GAvlCtqm4MeO8h5wHfm7sENfOyYhtt0IKdJ1wUJzi3XRAikcSfU_3-6J7xpujTKyV6pNJ0ZIEXMMN1ud6Z04PoATN4NQ6asoT40LHj6IG4PdEMxjGEvi_wCuM89_1iWy936HkNFOpxjOznydHAnmAZ1qGf9kTk2gjPkthT8OT8xs9Crh3QyXgO_Mcssnn2LILfWHTnuE1Va4WIXUuuh2sTpdji3hOzQmZh3AgWUY2K2NBmsVIrDFmRvaTKXttJP-6_WgiYBYZxwI1S9bpEzlvtpjnoRCOyRGmTSfMSSx4o9I8mm2z9ZQGt67KPrUfcG_4KFCoWw7BDr138SyGNFKshVbbwcZoJRo2yH97fgOMVXDvRrUa7FOWW4QLLjo1abfszn1n2jQ40frZYY2-NDGX256t49HV1qQjjLgCxnODMQJRN-losYJrW0FE4siS51gguj1VQyGorhoRhSFOnSa_pkfN2hJl-70lmOsoBl1pRaYpPIl1sygrhcKjgA-TmicaHiGD0pvQWgbyk8gh328A_8PNqsUmzk0lP5ZYrcdXWb47iLXAHVVpJiNVvFK6BV7iJWX3e6DbiTKghmUwZVQMEkHSLesiLN3MqU0UOWmiFe4Jqr4Si91J5b-bdmoOqI&cid=CAQSTADUE5ymxnlDKO1mz82_aYxD9OpPv9m1Ns9FGl27OUiSf77bs-DFCQMoczJZ9py7S5LSwNp6mbal_fGmIAKu13zCjUKJ04LR2JvvF5kYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=13433772056104004000&adk=1726166460&idt=154&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:31:32 GMT content-encoding br x-content-type-options nosniff age 5327 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11009 x-xss-protection 0 server cafe etag 12368014760096651300 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:31:32 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1CF1	43 B 215 B	200ms 199ms	Image image/gif	2600:1f13:800:7780:d8c6:407e:f233:e54a AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a9c84382-91c3-7556-ebcb-9a7c066ab554&tv=%7Bc:935qWR,pingTime:-10,time:684,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My4xNDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1680822019726%7C%7C72ff9b26f21a4d10f1ab94e0ef5ae7dd%7C%7C54018389c7a32a8d685baa10091bc39c%7C%7Cf9d12e6559e8a4a55dfc9330b884d70e%7C%7Ce0d4b2457e9ea312f864002936778631%7C%7Cb2aae41efe4c046191987e3f7668c1d0%7C%7C1d2c3f8a8f1f60541cc2d8b751d34293%7C%7C0e6740c85908d200e87f3c72bef6799a%7C%7C1663701684%7D Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:d8c6:407e:f233:e54a Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT server nginx x-server-name dt08.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	container.html Show response 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D86	6 KB 3 KB	34ms 33ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:17 GMT expires Fri, 05 Apr 2024 23:00:17 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96EB	0 20 B	80ms 79ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5249486037392&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96EB	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5249486037392&version=m202301230201&ct=76&x=1&cor=7962766181263103000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 96EB	89 KB 36 KB	80ms 78ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEKvuIqciLMnmbMduGG-h-dqNwl3ieYJitzG62CIg8FcHT9E04UBCdnRbyHjWPHh8i4oOOn1gawOhcHNtjC07a0W0UEaDDfPdQyl-PZ48lkqTlMpw&cry=1&dbm_d=AKAmf-BvaCTtmdLlX-TQ428wPqFkCzcJQ8WQ69a-Jhi16uZJCnnZN6ufy8CyMzudtGYSmTHwnVfGbEd7tzZfau8WlAFaA-BYy8kTIIOOEc26_Lm8NcXk1stX2ftZGYx0re5I2GK3zwZrml1yfgpaAlSZx9zW-9PnB2x2JHaHrc9ITH1bw8wu8MmDDb3cga8aZ1RAupSCa-nV1Qaak6P0sgAQXv2WTevQBqPKfNooSM09byCuP15ZKDJZQUjC38crGNONyQ6X5EehhBrQGwrT0RRd5kOxPhwMe3e_KClZ8XIJm7KdYO6gXVDl_uuK7H4j6zBpEWul76dRdSpfg-RqkJqdbYP1wMNou-1di8f3WXTyOq7N2CnErNSDM3WJnUUQFjCbEumjcwA6yeKobc-CR4AVTfcfKiZDoLdoPk2Bq8w4vkJ-6Z0LTIn_9mAhNdIlhXHS_37RfxAGmtXKJ7EcLAh8c5VlyKJOkgS8Uy5BnVRbz0sEmfpDR-4DZgahMsqr8YHQwbvvbuag0b4ey-fOdjebLNGD3ijf_LdO2impCZZ9g0nYhaVe_IkvPZx7DXv2ttEzTqD3aQbqBlFrBTGCzCk9lxoghHRFWASDY2ZIXiZ3LQbnHQAvv0XZsH4BsXS2RMgPyi8wVuovTGNZUeKqYIDbqAddBKUvMvenuL0o-q9fKDh4tmFKzAwV43kdVY3gdArSjxQpumxVHwpJtKb31ppAdMl9WMlSBOypxl-o-dT9miYdHJ0ZD71CHDyvG6jDOHU0wjf1hts9fgy2NuoBagVLII_EO4kLZP_FXBJg7ncOM8VV2PKo_nt35p5vmnO0Pcsn5OTNYN7kcO1bTAypZGc6AF3LfQ8OWSLc7cWFe-kBLTLf5xdGz_UsVn24JfRa6V-zVgo2D-GsQhCRPK8sJlyWhlx8XxtnTHPzAoElM-R9W-K108vh0XZXNare5CkhVJSkrj_5Vj8XmVlkU0PiXayYKY9tP3Ehe4Atp1egP1ILCS0fBh_sxAMUa87UYbHV2x1MAISP4hVvx85sHt5EMusgOz2TraexnNX0aJMgENLCj0u2GIEfcW7fnSVQR0y4ZkZSY1GRVwhRxfc3W93mvrdYq45gkwU5lAlCvmtdZyHYAoEZ1VdULQJQODB3rxzk1S1IOrXZb5RKxmmBGzGxh27EqbDI9llvFCbvMw3Mr74YY2I2jBwJDioU-0vFmqZkF2OwUDRboI5CjtcfResG6BD1JBCxuXM5160WAfgSqt1ZvHeEh7_SR9dvKsF6nroEKI-IFhhPvzx5_m1i8vXDSY_8ik7Jg7IKGUwjUegYwQFjzvVxPc7sOsx_GnkME97DOfFvCzjRV224DnsCkmpSW_uly9Rlqkc-KD67g56lywGSBtT3I0upZhhVHbQ79X6YYpL12v4f-j1zXgeznv9G9ru3lfiLsvgeWDSruWfVi68KWtRvpHrdnWshFeKxArTT6l0fKZVAiQn3E3kPzaHQy0UgYeBzNcC2qu_h3Ss92iwMiPBqVQzaOVaISXBsEmlNcSwUu32tlFULrQCc5fI8nwzMnljkL-7lXgVizoxr15_z0Vdy3z_B_GG5kMvWWPMgr-jvfPvScKaLa4AmADNKwU_VhWJSMdZx3TnOOXufEu9ZrKVpyloQJzGtVYmvrk0cKKSWWbKXbd8bGi_WxBWlM3M4FFIUOs-WqUWVS6tcC0rzmmT7Q70oRxdW-hHW5gm8e-oP2Jia89k1QiId0jNC0AKRvJvk2lmpjOixtQVhQO4QB0pXbQ99zbZ3dotvzajPWSoHgCZn4Wghk-PS2GObXUzTxEQFk4oK_4JnVYsZsBSs16AsajLQCt4hSktmtVq-zmfATmIW0hU4XnnLKljKQe68_9_76joF09M3DtZOAH6B0McE7WhD1hUTGBBfybEtPSkuOBunaYVoVSfnugfRhLu0JAzFAhGZrNdhn7jKnAMWoX7xZeOAWEOF15C1Ew36xlPQrudFXQJtd15QrxQLt9Bcxv0t5d_7t0bG76I5RoDa6s2lHE7VV9usTUD-Y2DsTRbDRoaYA_MzoxLiAxDII6eXJIjFekDaH8l9WS4tkYOWLIAyyNgpxOtV08iXjyiN-tcQCgDwENy5tgQOHcwh2krvZ7CGsXzvlZiIy1Mz8Fa1eyRpcrHqUD9C4_Yjtj7eds1dijbqRO06WyZZTJ44nV2uCwIIPwTnv59iLSOrvzhoZt4rFk4wZN2QGthS__eTJoxW4qkoCgsUbOwyifLXN9TvV7MLIxYQRyDEgN-4IgYZ9JARG8hz2245VUsT-qEmvBXnakqWFDlXLzCNbVywQn4ofyKqewJgetIoXhmhh_6au2Kb_9tnkWHA_Reswjc42rv4E8UMmoIgfq0uhdF0gKi3uNb4AuJz-TCj4NbUX01Vp8NjJ7bFNELSUOfZ32GceI7xYGk11KtS02q61xtcclCQvmfaa0FLRr9HjF0ro4XHqgKNz9QjCdhF0PBsHGBPzCjtwcsGaw7K27t0rMv9J6dVpvjE7yzSkz_wBB2mj-9dtUUcd0JQengus0saD3SxcPznF2emOxRwYe48tvmCsVeD1ZjiLkidZ5gteBvLmOk0usILDgfZTDk6Su1hOvnSm_lnziArnTbObnsIu8npt-uLP7t5B_P4iq82zWZpCbT5i6CFvheyWS_b56cRXB7lr07jyf3h1jhCYr0FhsHr7w0zkcS3ukbdXvIznQIw8hHrlKPcx3cfyTP7Ad5ftiK6ai1Dq0o84ZFGfxFdyRnVxavt0pyV7VO24pviRtuLwPQV2WEecfYs8w9Y6P2gI_3Ra4NiBqq4aTsdUlLjSH4jVyL5poYyhJWYv8HNnr6zAXSvdP6nTRq9zplMwQuecUw9Fm9AuN0mgj3ZrqcjVgxJaultBQq4JpmDK7CW9PPU395Bw6GNnMMvNlp1uRR6IZYzDYQkh7Ss9I3G37JSlpDSgnTcCBjg2ZZXDMnmUC7Q0vc26krgD-22xC9fu30b8uyGlrx2CJ2a2AEyBAP1ABwzft97lQDPMdKwCxhXuBsdKnXaHd5L7K_B0a1Y5T54rb6IOIGFAQBPt4e1uiwNcOppm_rYs_ca3w-15DctPFu-lizy7RbQLR0HNlLqT8T5wz3AESi6B-i5NGpcIl6ckWyUeL0NCg0PdEwzONw5FOOfXADYT5HYBbUGlsRq8pCXyzrziVx7wpEIEL1LvhU0CVGWmcU0eGUjRc8XN_OvMUpZBZQqh2DXv3H84YxxPkX6Yz05siy9dT5WP5YaEzZ8YwdHo6F3BxIt1OY9jbZy_980pXL3JrLClp0EfdOwD5XG3VElHuAeQdKjuUAZ5jCdXBwIBIgiZ9HysDG2h2qTZwS9bNADAMhPXdVZJVpdlvRW1nBj8eI5rAWR4e7Nncnelk8RcnxtLqZ24gU-NzeQHvt_kz4h8ICxYV3avhk06kmPFxMZGYfviNF1bCL8ljNKAqNOcjefazgQm6_ar1NRjldQdsiyxgE3UO6oLjqF06JeG2x5MJcV4FiBzXl-XKQ6E8JaxL8RWZK9NVs90G2iKtsb388W2tySC6MzJ2s2J-9gFHt6_0Y9I3PbUuD75K91wFbOLP1kup65yZ5UE3MSvO6fHE9ecZJogfdIyzGQLa9VCzTYVwGQgLNvUWJaZmKZ6CntfpmOvO8htwxskzHg9aZP48iL2wPhSau_KL7FW2ehGigdDq82480F4gEVu9iBAIBWdLp9mCuon8a1FryS64UdoAsc_K4sXSGyMQGWZQFQk3bV6_1Ye40B_kgM&cid=CAQSSwDUE5ymP4C-rWALapuWoiFi0l_LA1A-VAz6hDk3-i6fLMnPrIQFOlrb1clMpZpPkHm3bbs-QrT4RgGrD57wySIt-k6uvYmQ_RfTMBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7962766181263103000&adk=3047537735&idt=164&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d4939d68be4851649841c909c4cc4caebed49adc5f8b11b20235199b40b6fd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37323 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CAE3	0 20 B	79ms 78ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzTNdAk8vZOmVJIOn3gON16KoDQAAAAA4AeAEAg&bg=!dXaldiLNAAYIJb0jKCU7ADkAdvg8Wu2SZvT-So5R5NDOO8TuY-nq5tdvovDJZ-NXlpHpRW7RCtne0ICx-bxXQ3usboIKxMFoGGICAAABtVIAAAAHaAEHmQMvIr-duVJY_XvxjFZ_GzFqu6V1b7Q40VHR0lIOZN0Te9wxXDpoRoUULpZ88x-PDPz2ICRjaODp8Kr1KTw9x0mMBH7h2jvkDdTbH1BYs8QnOioYWCSVeD7utBa6yfI1fbGmUQkuaK-gVKVtcJ2zoYdHYNhKO5cGTkptQGAhkDX1m73JzbEHXecX1m3WzgDnvF-6icCXSY9ce7p02Nj01IMnoEBBb9UFUXXvltjexzC0LrUndGkNCSP0og-w14vbIEW6N1SV8oqs7mwDmWlwMsCrTGK7Goowo9U0CcfHGut-qRxLb0xEi2rnZaJYQK5g190QFTSt_BYx_0oJIrCg73cFjtSi4vTmSlGkklOw9SIcl5cCaqbd6fWQUBU32c7s7tw2jN8Lx7WJGIUjU4mxwwU2wGoSLeRTmmctF5kLVywmtALw-vGe2IkNSKD5QB6vS_dhkS9WvsXrNbJW4fjLbd8m6TfIh3LjkNP5u8JD5ErTf5NsPRquHobHSZFoGtuVBqcN19Rv19C7flsJIfePcXx9w4E_xtqMnsxc7igTzxtYeeaMJ4RkbgsXUJLezd4zVyDMDZjM7UShsKu6S32GS17XjLn_8N0wK0cftnY6c476i8EKKIc-gl_Q5Nryfm48WKCneLHVbIeAALloB25ROLsBcfZ1Fjh8dh_Z08Ay2i-c9C60tI-ZTVrhC0tDO4yw3qJ281g6YKXSH-UiQwynBRyjDJ_ss9oB4IAbmZVd5BwiG3OefOimShrlBY0DKhmlJ_Ke2PEf1T5xGQcndzNYtDEDrnegqRXn7nVJ7h591v9OONEcIGdmVmofLeMWyXx3-gCTHkp0k4U1lC4_l3EmgsUnjJIuekByLZdqXxvSWFlbUKSu5JYDoQnSWt87zDXETeqS6_jwmVNQO0TzieWpctkdeFfMpsFMC1JtPT23HOgLV3KeA7-cZm-nm3bWrjSdcjup5kSZRYUxO9I8FFe4L5BXBmazbZQsaWQE3Dqq1V_CFJnG_7eCpszAMSkGOKVRci8XBfEq8ij23MKytZEr5rj2lY0M4WZOMZroR6nnhABPgJqLldTN3p621u1GOEIKtIg Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	13 KB 3 KB	39ms 35ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae3a0957fc5669d282e41e4d6107d528898f07b480ec550cb34ba6797a384b8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 3256 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:19 GMT expires Fri, 05 Apr 2024 23:00:19 GMT last-modified Fri, 23 Dec 2022 09:31:26 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 3408	0 0	80ms 80ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuow3koEiQoIDh8DVtUIsYYJ2onCoDmWnBRu-CTvvAp1PMHUJ9Op2dl2v-Nq3hjzZEBDE8jMFYqcjmnXSOXFuLFIqcvG_GSenBXxAioTK7ULDCWSdJt_VYv5TkCyoY56lSicUvoVIg-MYx8d3-yR2LMvMAUWDVyvJ1B0ynkWePU9RavKC4nRx2xuq33An13AHiAo0L5B95RCvAdbT2zx35CiXOZPORXBnQIPa-KKQwB8ePjY2hJFgy-j5o57IIGZjUHlSODZrwinJhgOkU8mUNvqB6O8vQ-sPYcXvSdeqJXh4V8inhc2sU_ghjIeRsIgS1jaEjNel7qfaIPTDyFuIKDsvi7mQtQvoIjUYB3bbJWW88-WmgP_8fcYVgnjYovM2bGnlKfXVVKg9kTdpnZW_oIDVlqWLdPG4TidjdTWLWMX_DQ4pwnAE-fHQk_3Bc-5PLGS9c-s2es4NFAbj_WEsYho9OyghWETBPDLLk8_mWB0pmvq59Cy5vvOzx7W2jD3RjDFbVXV8mMvG6nxxJ3BClXflgLYRqf0Ro-yC8JEDBqfJQsrNADnYHDEoD6YwR2bpxdbj-tLlYyni_Q0Fx26022zVM2hiZVSbjdDKrrxYqnpf_uDXeNW0cd-0vKfuD1FGKQ9O8lIyunLLkp7uUToJgH8lJpgD0UyOPq-EQHwAjqSOVSBadvqeKjf9tZ_eWDbkjtReFpoI4KCygi35Tycs-DMtfT4MRkhQjOM340llMZMukBe-Riw-vvmRbP3KXQc_JKdpMUu1XaAzdrkfyM9D5mItyWxJckZcV4nGuZWmZTVM-kRo0HmrJBdTCH2QScZ0aV4g5I1oWH4nlrFEimCSHzulrxfgb7fqJb8mSA7cg_GEEvxRzGOcZfvkYCIduQHKmmwntwpXbiAnRKMIinaOXwrnq-u4-rTQ8oNE9ddUWWzeaYSaKZrjqawU9fA7x0U6aEhVr8byY3QhvXonB0epUcvIMNGk7cBLHu13Dc3gfNxnMsTGddYajEb8igA918P8OBF40VRvbB30QwKdgypr9qYDaNe0KRzC2u7DllpKt70aY1Yr52z1Kcw4kt1qsVzwz0q7s6z9QlcULV9kcPsvrisAz4VqMZ8GBH8q0fV1lEQBCgXjxM1dFAK-AYazBo01F3-IIKHwundFgFn0e7T5ZQP5Pj92TKAEVF2U6JKGd6LLZKRB_DkS5J5bqVeXdj86h3GN-ofhAUPubRrscL5HNd0sHAul0ooDdblArn_u0v9Vj8ed3YCzwe5XOMi9FqHv1KuRyV6Nu-4ty-3ltBnJNyHvLvZzpJGHzgzcu1&sai=AMfl-YSKoZ3D_S_KfEA6H54tFfE58vFKp-vVStXr8LtPMrSuXyOV9SK49D7_8KrTONLwcRo9Oz8-Voiw_-5WRQ_zHbvbU-jgLHq1iSGPu-JWQJ6QqrsKswwLnnGigJwKvRKVnXMEyB68U7CHyKxG8PDIKW1Hc9_JP76K1xVV2w4gnEJiBmYbZyd1-ftxsZB9E7GgEH_2BXkeGXjB4MQCLkED90wn9T1QY1zu4YeqApUM50bW3inP5lWZkJ1nD9SJz3KDvs30ARJZmOfDl7QJGaXU1i_QIA2UA95WoUa9CHJRTwpy14L0blGY81GxX4Tl-hg&sig=Cg0ArKJSzN29P5CUg5_QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=198&cbvp=1&cstd=190&cisv=r20230405.25613&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Apr 2023 23:00:19 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 3408	41 KB 15 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103739 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET DATA	200 OK	truncated / Frame 3408	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05932626ba99dd5d07a9b9649dfbdc13eb8e1227e1a79c6e0c3f29ff5be295dd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 4D86	22 KB 9 KB	40ms 31ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8726 x-xss-protection 0 server cafe etag 308001309495089854 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4D86	8 KB 1 KB	175ms 48ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 06 Apr 2023 23:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 06 Apr 2023 22:34:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 06 Apr 2023 23:00:20 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/ Frame 4D86	14 KB 3 KB	161ms 32ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.css Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1fba9c137973a10da57f6fb5a99315f47821bb085e7632378943dd6650fb11ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 12:23:42 GMT content-encoding gzip x-content-type-options nosniff age 124598 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2820 x-xss-protection 0 last-modified Wed, 05 Apr 2023 10:38:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 12:23:42 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/ Frame 4D86	378 KB 129 KB	162ms 33ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 63d659adb13bd05380d90711122316745a9d13158460a9db0d39a77ce18010a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 12:23:42 GMT content-encoding gzip x-content-type-options nosniff age 124598 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132332 x-xss-protection 0 last-modified Wed, 05 Apr 2023 10:38:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 12:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4D86	20 KB 8 KB	58ms 49ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:26:57 GMT content-encoding br x-content-type-options nosniff age 5602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8268 x-xss-protection 0 server cafe etag 8048349561987089234 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:26:57 GMT
GET H3	200	adlib.css s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	6 KB 2 KB	38ms 35ms	Stylesheet text/css	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adlib.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:19 GMT content-encoding gzip x-content-type-options nosniff age 536100 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1924 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:19 GMT
GET H3	200	adStyle.css s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	3 KB 775 B	39ms 37ms	Stylesheet text/css	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adStyle.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash be5de26b4c662c492dc47273afe90d3c778ec25998dd2a3a6f7f291c26ca5803 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:19 GMT content-encoding gzip x-content-type-options nosniff age 536100 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:19 GMT
GET H3	200	CanvaSansDisplayBold.woff s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	37 KB 37 KB	47ms 44ms	Font font/woff	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/CanvaSansDisplayBold.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 79630aa66a2fd742af143103e8114c9ea35d4308fd3523bd101a89d8b908923a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:19 GMT x-content-type-options nosniff age 536100 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37712 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:19 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 0F16	118 KB 40 KB	33ms 31ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 15:21:19 GMT content-encoding gzip x-content-type-options nosniff age 27540 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 15:21:19 GMT
GET H3	200	gsap_3.2.4_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 0F16	57 KB 23 KB	60ms 58ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:19 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23276 x-xss-protection 0 last-modified Thu, 05 Mar 2020 03:53:22 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:00:19 GMT
GET H3	200	textFit.js Show response s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	8 KB 3 KB	45ms 43ms	Script application/x-javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/textFit.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:19 GMT content-encoding gzip x-content-type-options nosniff age 536100 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2875 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:19 GMT
GET H3	200	adlibUtils-v3.js Show response s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	25 KB 11 KB	39ms 37ms	Script application/x-javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adlibUtils-v3.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:19 GMT content-encoding gzip x-content-type-options nosniff age 536100 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10802 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Mar 2024 18:05:19 GMT
GET H3	200	animation.js Show response s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 0F16	3 KB 1 KB	43ms 41ms	Script application/x-javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/animation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d473d1cb26421c33200e6a1e036a17e738f4ca3dce4f404b708e9f8ab4f75c82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 09:21:20 GMT content-encoding gzip x-content-type-options nosniff age 481139 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1014 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:31:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 31 Mar 2024 09:21:20 GMT
GET H3	200	html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 96EB	170 KB 59 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 09:09:31 GMT content-encoding gzip x-content-type-options nosniff age 49848 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60311 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:25 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 09:09:31 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 96EB	11 KB 4 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEKvuIqciLMnmbMduGG-h-dqNwl3ieYJitzG62CIg8FcHT9E04UBCdnRbyHjWPHh8i4oOOn1gawOhcHNtjC07a0W0UEaDDfPdQyl-PZ48lkqTlMpw&cry=1&dbm_d=AKAmf-BvaCTtmdLlX-TQ428wPqFkCzcJQ8WQ69a-Jhi16uZJCnnZN6ufy8CyMzudtGYSmTHwnVfGbEd7tzZfau8WlAFaA-BYy8kTIIOOEc26_Lm8NcXk1stX2ftZGYx0re5I2GK3zwZrml1yfgpaAlSZx9zW-9PnB2x2JHaHrc9ITH1bw8wu8MmDDb3cga8aZ1RAupSCa-nV1Qaak6P0sgAQXv2WTevQBqPKfNooSM09byCuP15ZKDJZQUjC38crGNONyQ6X5EehhBrQGwrT0RRd5kOxPhwMe3e_KClZ8XIJm7KdYO6gXVDl_uuK7H4j6zBpEWul76dRdSpfg-RqkJqdbYP1wMNou-1di8f3WXTyOq7N2CnErNSDM3WJnUUQFjCbEumjcwA6yeKobc-CR4AVTfcfKiZDoLdoPk2Bq8w4vkJ-6Z0LTIn_9mAhNdIlhXHS_37RfxAGmtXKJ7EcLAh8c5VlyKJOkgS8Uy5BnVRbz0sEmfpDR-4DZgahMsqr8YHQwbvvbuag0b4ey-fOdjebLNGD3ijf_LdO2impCZZ9g0nYhaVe_IkvPZx7DXv2ttEzTqD3aQbqBlFrBTGCzCk9lxoghHRFWASDY2ZIXiZ3LQbnHQAvv0XZsH4BsXS2RMgPyi8wVuovTGNZUeKqYIDbqAddBKUvMvenuL0o-q9fKDh4tmFKzAwV43kdVY3gdArSjxQpumxVHwpJtKb31ppAdMl9WMlSBOypxl-o-dT9miYdHJ0ZD71CHDyvG6jDOHU0wjf1hts9fgy2NuoBagVLII_EO4kLZP_FXBJg7ncOM8VV2PKo_nt35p5vmnO0Pcsn5OTNYN7kcO1bTAypZGc6AF3LfQ8OWSLc7cWFe-kBLTLf5xdGz_UsVn24JfRa6V-zVgo2D-GsQhCRPK8sJlyWhlx8XxtnTHPzAoElM-R9W-K108vh0XZXNare5CkhVJSkrj_5Vj8XmVlkU0PiXayYKY9tP3Ehe4Atp1egP1ILCS0fBh_sxAMUa87UYbHV2x1MAISP4hVvx85sHt5EMusgOz2TraexnNX0aJMgENLCj0u2GIEfcW7fnSVQR0y4ZkZSY1GRVwhRxfc3W93mvrdYq45gkwU5lAlCvmtdZyHYAoEZ1VdULQJQODB3rxzk1S1IOrXZb5RKxmmBGzGxh27EqbDI9llvFCbvMw3Mr74YY2I2jBwJDioU-0vFmqZkF2OwUDRboI5CjtcfResG6BD1JBCxuXM5160WAfgSqt1ZvHeEh7_SR9dvKsF6nroEKI-IFhhPvzx5_m1i8vXDSY_8ik7Jg7IKGUwjUegYwQFjzvVxPc7sOsx_GnkME97DOfFvCzjRV224DnsCkmpSW_uly9Rlqkc-KD67g56lywGSBtT3I0upZhhVHbQ79X6YYpL12v4f-j1zXgeznv9G9ru3lfiLsvgeWDSruWfVi68KWtRvpHrdnWshFeKxArTT6l0fKZVAiQn3E3kPzaHQy0UgYeBzNcC2qu_h3Ss92iwMiPBqVQzaOVaISXBsEmlNcSwUu32tlFULrQCc5fI8nwzMnljkL-7lXgVizoxr15_z0Vdy3z_B_GG5kMvWWPMgr-jvfPvScKaLa4AmADNKwU_VhWJSMdZx3TnOOXufEu9ZrKVpyloQJzGtVYmvrk0cKKSWWbKXbd8bGi_WxBWlM3M4FFIUOs-WqUWVS6tcC0rzmmT7Q70oRxdW-hHW5gm8e-oP2Jia89k1QiId0jNC0AKRvJvk2lmpjOixtQVhQO4QB0pXbQ99zbZ3dotvzajPWSoHgCZn4Wghk-PS2GObXUzTxEQFk4oK_4JnVYsZsBSs16AsajLQCt4hSktmtVq-zmfATmIW0hU4XnnLKljKQe68_9_76joF09M3DtZOAH6B0McE7WhD1hUTGBBfybEtPSkuOBunaYVoVSfnugfRhLu0JAzFAhGZrNdhn7jKnAMWoX7xZeOAWEOF15C1Ew36xlPQrudFXQJtd15QrxQLt9Bcxv0t5d_7t0bG76I5RoDa6s2lHE7VV9usTUD-Y2DsTRbDRoaYA_MzoxLiAxDII6eXJIjFekDaH8l9WS4tkYOWLIAyyNgpxOtV08iXjyiN-tcQCgDwENy5tgQOHcwh2krvZ7CGsXzvlZiIy1Mz8Fa1eyRpcrHqUD9C4_Yjtj7eds1dijbqRO06WyZZTJ44nV2uCwIIPwTnv59iLSOrvzhoZt4rFk4wZN2QGthS__eTJoxW4qkoCgsUbOwyifLXN9TvV7MLIxYQRyDEgN-4IgYZ9JARG8hz2245VUsT-qEmvBXnakqWFDlXLzCNbVywQn4ofyKqewJgetIoXhmhh_6au2Kb_9tnkWHA_Reswjc42rv4E8UMmoIgfq0uhdF0gKi3uNb4AuJz-TCj4NbUX01Vp8NjJ7bFNELSUOfZ32GceI7xYGk11KtS02q61xtcclCQvmfaa0FLRr9HjF0ro4XHqgKNz9QjCdhF0PBsHGBPzCjtwcsGaw7K27t0rMv9J6dVpvjE7yzSkz_wBB2mj-9dtUUcd0JQengus0saD3SxcPznF2emOxRwYe48tvmCsVeD1ZjiLkidZ5gteBvLmOk0usILDgfZTDk6Su1hOvnSm_lnziArnTbObnsIu8npt-uLP7t5B_P4iq82zWZpCbT5i6CFvheyWS_b56cRXB7lr07jyf3h1jhCYr0FhsHr7w0zkcS3ukbdXvIznQIw8hHrlKPcx3cfyTP7Ad5ftiK6ai1Dq0o84ZFGfxFdyRnVxavt0pyV7VO24pviRtuLwPQV2WEecfYs8w9Y6P2gI_3Ra4NiBqq4aTsdUlLjSH4jVyL5poYyhJWYv8HNnr6zAXSvdP6nTRq9zplMwQuecUw9Fm9AuN0mgj3ZrqcjVgxJaultBQq4JpmDK7CW9PPU395Bw6GNnMMvNlp1uRR6IZYzDYQkh7Ss9I3G37JSlpDSgnTcCBjg2ZZXDMnmUC7Q0vc26krgD-22xC9fu30b8uyGlrx2CJ2a2AEyBAP1ABwzft97lQDPMdKwCxhXuBsdKnXaHd5L7K_B0a1Y5T54rb6IOIGFAQBPt4e1uiwNcOppm_rYs_ca3w-15DctPFu-lizy7RbQLR0HNlLqT8T5wz3AESi6B-i5NGpcIl6ckWyUeL0NCg0PdEwzONw5FOOfXADYT5HYBbUGlsRq8pCXyzrziVx7wpEIEL1LvhU0CVGWmcU0eGUjRc8XN_OvMUpZBZQqh2DXv3H84YxxPkX6Yz05siy9dT5WP5YaEzZ8YwdHo6F3BxIt1OY9jbZy_980pXL3JrLClp0EfdOwD5XG3VElHuAeQdKjuUAZ5jCdXBwIBIgiZ9HysDG2h2qTZwS9bNADAMhPXdVZJVpdlvRW1nBj8eI5rAWR4e7Nncnelk8RcnxtLqZ24gU-NzeQHvt_kz4h8ICxYV3avhk06kmPFxMZGYfviNF1bCL8ljNKAqNOcjefazgQm6_ar1NRjldQdsiyxgE3UO6oLjqF06JeG2x5MJcV4FiBzXl-XKQ6E8JaxL8RWZK9NVs90G2iKtsb388W2tySC6MzJ2s2J-9gFHt6_0Y9I3PbUuD75K91wFbOLP1kup65yZ5UE3MSvO6fHE9ecZJogfdIyzGQLa9VCzTYVwGQgLNvUWJaZmKZ6CntfpmOvO8htwxskzHg9aZP48iL2wPhSau_KL7FW2ehGigdDq82480F4gEVu9iBAIBWdLp9mCuon8a1FryS64UdoAsc_K4sXSGyMQGWZQFQk3bV6_1Ye40B_kgM&cid=CAQSSwDUE5ymP4C-rWALapuWoiFi0l_LA1A-VAz6hDk3-i6fLMnPrIQFOlrb1clMpZpPkHm3bbs-QrT4RgGrD57wySIt-k6uvYmQ_RfTMBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7962766181263103000&adk=3047537735&idt=164&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:30:54 GMT content-encoding br x-content-type-options nosniff age 5365 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4123 x-xss-protection 0 server cafe etag 4541610132340792384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:30:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 96EB	28 KB 11 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEKvuIqciLMnmbMduGG-h-dqNwl3ieYJitzG62CIg8FcHT9E04UBCdnRbyHjWPHh8i4oOOn1gawOhcHNtjC07a0W0UEaDDfPdQyl-PZ48lkqTlMpw&cry=1&dbm_d=AKAmf-BvaCTtmdLlX-TQ428wPqFkCzcJQ8WQ69a-Jhi16uZJCnnZN6ufy8CyMzudtGYSmTHwnVfGbEd7tzZfau8WlAFaA-BYy8kTIIOOEc26_Lm8NcXk1stX2ftZGYx0re5I2GK3zwZrml1yfgpaAlSZx9zW-9PnB2x2JHaHrc9ITH1bw8wu8MmDDb3cga8aZ1RAupSCa-nV1Qaak6P0sgAQXv2WTevQBqPKfNooSM09byCuP15ZKDJZQUjC38crGNONyQ6X5EehhBrQGwrT0RRd5kOxPhwMe3e_KClZ8XIJm7KdYO6gXVDl_uuK7H4j6zBpEWul76dRdSpfg-RqkJqdbYP1wMNou-1di8f3WXTyOq7N2CnErNSDM3WJnUUQFjCbEumjcwA6yeKobc-CR4AVTfcfKiZDoLdoPk2Bq8w4vkJ-6Z0LTIn_9mAhNdIlhXHS_37RfxAGmtXKJ7EcLAh8c5VlyKJOkgS8Uy5BnVRbz0sEmfpDR-4DZgahMsqr8YHQwbvvbuag0b4ey-fOdjebLNGD3ijf_LdO2impCZZ9g0nYhaVe_IkvPZx7DXv2ttEzTqD3aQbqBlFrBTGCzCk9lxoghHRFWASDY2ZIXiZ3LQbnHQAvv0XZsH4BsXS2RMgPyi8wVuovTGNZUeKqYIDbqAddBKUvMvenuL0o-q9fKDh4tmFKzAwV43kdVY3gdArSjxQpumxVHwpJtKb31ppAdMl9WMlSBOypxl-o-dT9miYdHJ0ZD71CHDyvG6jDOHU0wjf1hts9fgy2NuoBagVLII_EO4kLZP_FXBJg7ncOM8VV2PKo_nt35p5vmnO0Pcsn5OTNYN7kcO1bTAypZGc6AF3LfQ8OWSLc7cWFe-kBLTLf5xdGz_UsVn24JfRa6V-zVgo2D-GsQhCRPK8sJlyWhlx8XxtnTHPzAoElM-R9W-K108vh0XZXNare5CkhVJSkrj_5Vj8XmVlkU0PiXayYKY9tP3Ehe4Atp1egP1ILCS0fBh_sxAMUa87UYbHV2x1MAISP4hVvx85sHt5EMusgOz2TraexnNX0aJMgENLCj0u2GIEfcW7fnSVQR0y4ZkZSY1GRVwhRxfc3W93mvrdYq45gkwU5lAlCvmtdZyHYAoEZ1VdULQJQODB3rxzk1S1IOrXZb5RKxmmBGzGxh27EqbDI9llvFCbvMw3Mr74YY2I2jBwJDioU-0vFmqZkF2OwUDRboI5CjtcfResG6BD1JBCxuXM5160WAfgSqt1ZvHeEh7_SR9dvKsF6nroEKI-IFhhPvzx5_m1i8vXDSY_8ik7Jg7IKGUwjUegYwQFjzvVxPc7sOsx_GnkME97DOfFvCzjRV224DnsCkmpSW_uly9Rlqkc-KD67g56lywGSBtT3I0upZhhVHbQ79X6YYpL12v4f-j1zXgeznv9G9ru3lfiLsvgeWDSruWfVi68KWtRvpHrdnWshFeKxArTT6l0fKZVAiQn3E3kPzaHQy0UgYeBzNcC2qu_h3Ss92iwMiPBqVQzaOVaISXBsEmlNcSwUu32tlFULrQCc5fI8nwzMnljkL-7lXgVizoxr15_z0Vdy3z_B_GG5kMvWWPMgr-jvfPvScKaLa4AmADNKwU_VhWJSMdZx3TnOOXufEu9ZrKVpyloQJzGtVYmvrk0cKKSWWbKXbd8bGi_WxBWlM3M4FFIUOs-WqUWVS6tcC0rzmmT7Q70oRxdW-hHW5gm8e-oP2Jia89k1QiId0jNC0AKRvJvk2lmpjOixtQVhQO4QB0pXbQ99zbZ3dotvzajPWSoHgCZn4Wghk-PS2GObXUzTxEQFk4oK_4JnVYsZsBSs16AsajLQCt4hSktmtVq-zmfATmIW0hU4XnnLKljKQe68_9_76joF09M3DtZOAH6B0McE7WhD1hUTGBBfybEtPSkuOBunaYVoVSfnugfRhLu0JAzFAhGZrNdhn7jKnAMWoX7xZeOAWEOF15C1Ew36xlPQrudFXQJtd15QrxQLt9Bcxv0t5d_7t0bG76I5RoDa6s2lHE7VV9usTUD-Y2DsTRbDRoaYA_MzoxLiAxDII6eXJIjFekDaH8l9WS4tkYOWLIAyyNgpxOtV08iXjyiN-tcQCgDwENy5tgQOHcwh2krvZ7CGsXzvlZiIy1Mz8Fa1eyRpcrHqUD9C4_Yjtj7eds1dijbqRO06WyZZTJ44nV2uCwIIPwTnv59iLSOrvzhoZt4rFk4wZN2QGthS__eTJoxW4qkoCgsUbOwyifLXN9TvV7MLIxYQRyDEgN-4IgYZ9JARG8hz2245VUsT-qEmvBXnakqWFDlXLzCNbVywQn4ofyKqewJgetIoXhmhh_6au2Kb_9tnkWHA_Reswjc42rv4E8UMmoIgfq0uhdF0gKi3uNb4AuJz-TCj4NbUX01Vp8NjJ7bFNELSUOfZ32GceI7xYGk11KtS02q61xtcclCQvmfaa0FLRr9HjF0ro4XHqgKNz9QjCdhF0PBsHGBPzCjtwcsGaw7K27t0rMv9J6dVpvjE7yzSkz_wBB2mj-9dtUUcd0JQengus0saD3SxcPznF2emOxRwYe48tvmCsVeD1ZjiLkidZ5gteBvLmOk0usILDgfZTDk6Su1hOvnSm_lnziArnTbObnsIu8npt-uLP7t5B_P4iq82zWZpCbT5i6CFvheyWS_b56cRXB7lr07jyf3h1jhCYr0FhsHr7w0zkcS3ukbdXvIznQIw8hHrlKPcx3cfyTP7Ad5ftiK6ai1Dq0o84ZFGfxFdyRnVxavt0pyV7VO24pviRtuLwPQV2WEecfYs8w9Y6P2gI_3Ra4NiBqq4aTsdUlLjSH4jVyL5poYyhJWYv8HNnr6zAXSvdP6nTRq9zplMwQuecUw9Fm9AuN0mgj3ZrqcjVgxJaultBQq4JpmDK7CW9PPU395Bw6GNnMMvNlp1uRR6IZYzDYQkh7Ss9I3G37JSlpDSgnTcCBjg2ZZXDMnmUC7Q0vc26krgD-22xC9fu30b8uyGlrx2CJ2a2AEyBAP1ABwzft97lQDPMdKwCxhXuBsdKnXaHd5L7K_B0a1Y5T54rb6IOIGFAQBPt4e1uiwNcOppm_rYs_ca3w-15DctPFu-lizy7RbQLR0HNlLqT8T5wz3AESi6B-i5NGpcIl6ckWyUeL0NCg0PdEwzONw5FOOfXADYT5HYBbUGlsRq8pCXyzrziVx7wpEIEL1LvhU0CVGWmcU0eGUjRc8XN_OvMUpZBZQqh2DXv3H84YxxPkX6Yz05siy9dT5WP5YaEzZ8YwdHo6F3BxIt1OY9jbZy_980pXL3JrLClp0EfdOwD5XG3VElHuAeQdKjuUAZ5jCdXBwIBIgiZ9HysDG2h2qTZwS9bNADAMhPXdVZJVpdlvRW1nBj8eI5rAWR4e7Nncnelk8RcnxtLqZ24gU-NzeQHvt_kz4h8ICxYV3avhk06kmPFxMZGYfviNF1bCL8ljNKAqNOcjefazgQm6_ar1NRjldQdsiyxgE3UO6oLjqF06JeG2x5MJcV4FiBzXl-XKQ6E8JaxL8RWZK9NVs90G2iKtsb388W2tySC6MzJ2s2J-9gFHt6_0Y9I3PbUuD75K91wFbOLP1kup65yZ5UE3MSvO6fHE9ecZJogfdIyzGQLa9VCzTYVwGQgLNvUWJaZmKZ6CntfpmOvO8htwxskzHg9aZP48iL2wPhSau_KL7FW2ehGigdDq82480F4gEVu9iBAIBWdLp9mCuon8a1FryS64UdoAsc_K4sXSGyMQGWZQFQk3bV6_1Ye40B_kgM&cid=CAQSSwDUE5ymP4C-rWALapuWoiFi0l_LA1A-VAz6hDk3-i6fLMnPrIQFOlrb1clMpZpPkHm3bbs-QrT4RgGrD57wySIt-k6uvYmQ_RfTMBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fzsshares.com%2F&ds=l&xdt=1&iif=1&cor=7962766181263103000&adk=3047537735&idt=164&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:31:32 GMT content-encoding br x-content-type-options nosniff age 5327 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11009 x-xss-protection 0 server cafe etag 12368014760096651300 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Apr 2023 21:31:32 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4EFC	0 25 B	100ms 67ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVd3tAk8vZK2jHsym3gPJjYngAQAAAAA4AeAEAg&bg=!HR6lHkrNAAYIJb0jKCU7ADkAdvg8WlAD5-uwX0cVsrQcgD65o-yocgna586qUXPyidntTPdo1-1631cwWtZbz7UkEoZaKGTArIACAAABsVIAAAADaAEHCgADohl2mQMmFDYVzcY3ff-4ywVXnHhQRKqIHixpODL25rokpbxbnCCXFq0mSlNzeLsyCh1QIRQ7xnoEx03A956AfHJyFSOPLP23-9XuRmbZpg0AL0xRK8Rm-5_iWVXtpMmQtLYSEU8_IIrMGsQiAgkJmdkwEUJ5Au40RmIqAQEKT4xj58bWHENpNsknxVkBl_QkSPm4kxRUAERVz2GVxs2ekuhXMkCX9bjJzQ-PwUiJmOtzZXHh9RDwmGheA4REXHgwvG2QH9iApjtv8XIAXZsTIUZU5Wx0zJvXpR30mQzdj5nFTpfGC-x_xcizd78jLV-p45mpZS_Fa2tRRnep2f9oB-MyAfV_y8tVhgRFzSq_hg63ciqhKY7UC2-Mjvj14lNGX4uOApkbdDSE07DUpBTE9Z5cLzkmtjt2f2-155W1aCLs6oXsxii13bPU6mMP05kAX5iSD2DExTVgj8VFl-SXDWC0fvr6j3B6oU61QSFuaiBFUzwUQYxHCeILk_4fCiREB22iv8g3ld-B0ald4ppF821OK08yx19JMsuH99vp0AqJIbR_ZhEQushyGOwjfY0v5zO_7guqv9rysyPoHPs4GqEWiANw3e2Z7z6VKLrZL3U_MYZcNgLpGvnoiSfLL5s8i3tsV_DcvsAR6fJH3wZGuFCJKzVPTWr8HIrP1j89hkK5mXGJS8wTH-V31OuM-BXb2lZtxfoipsH4v5LAGX8deVfPIvbDcb2BTMbOmDh6K5WrBYjlmjk3YAREgtjrGxhWbJ4MRz4_d_aalwTHWzf5R2YtQoT13VeEO97L8TJ8SPebkNXBaXU_GV4HJ5JFrxcii5LRqoqe6-qPMaWFOXZ4iEihuF6GjNWdA6dXI0ZPMYM8hMuyQyvkkOSYbNjR3bRhId2IPSOgmG7QCTUDCd08MnvgTNBE7lUu4N79IONd3bPCXQHEqM-BTZJE50VyZsGo2A5BqZnpD2h1Kkmih7O4aB5iSkVgptqBa65TpfwSDtFE_G6JqqP-KahEmx7cmKAfXGepn8xOsVAMR2zWQLV5r-NoF3Tu_-l6JzpOCmHYBloV6W4wQmltH3HRP1w Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1B0D	22 KB 8 KB	54ms 32ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48173 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A854	0 25 B	64ms 63ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdxRFAk8vZJKoM7S59u8PppqF2A8AAAAAOAHgBAI&bg=!1tWl1YHNAAYIJb0jKCU7ADkAdvg8WiS2TU1yKOgX5WuyxpTIehtIC4VWr9a7WfVpWyXupgDYHbQlsipOnhFJ8nOhhJTxy9gvmN8CAAAB2VIAAAAMaAEHmQM2GrqzrTvzy85ISO2Ifoxdx7jkuEDTSYmLpKTqd_dnMEpnUxBBzR2GNZUnEwqSlPK6toaCxPMizPES2OUYOsFwPMcoyaNNASpu5IzmzVa-iXC_nuCwTmMMk5_zpGHwNGv1vEyDbP3CeshDc8pUcXGhR5wKZ_oDsbLoUqXFqfskEXa5rh5KxnJULeuJkNYitwUQ-7WSGkLd7onGAgwTnHkYAENzhTEf22Gf6pff_O5TOj3Kb72Y6w9JG6EQR1ZrSFQFHx2N0v2IvKbWCkhVAsIsMNjqw-_v0Ne-k3AfjS50hzUV7oYJkyc96iDR8YGph6l4Ktc9jouRU04KbmwiGfj7oBM0aR9bPljjF6C6fmsyzyB3PrMofTl2Z4syJbmUzS4Z1Zp9BC_k33t2UhK5RnycxkB1BMPilmbz_0URYh22KbJcuovI4BKVwurovuV-2kywBIOEOnW1t4vtSqaj0kybqFiHOgixkt53zLwBVuxRI-Osm3EtOgXr-q6LU__QDRLzz9zS7EgJkqkzrWpV-_4Mo2OmUCIfKj4DHoDnBHZHmAUR0gJEbtwgWknnmmyvIbtVVoriy2PJ_HNPfje3HyGBySDl00uWAEv9Y_dhFnMrqwt7IXwWJJ9l6RZA1cafnbVbGHJMghryRbKssg3EVhqmqwKfnZSS5jSQx1ip58dR3uOwhIeXFyM9eWI1QKBsyOtpAl2_uC9RUW7dJvcCOmoGr-cb-HpTKdb45U3LAjznzGLqheMVQM88CzaZAqpBf3J2wlYZteJ3yIyvk4p-BifugWrB4yPFJtaiMS4Iq-VQtd3-2INYmwVB10-l2tWgnYqANvf5Czj4MUeA2YP7fUnES-4udNBH7S5A6IYPoF7pY2_CDyXUhpGMjIR-5V1Z6UfOKOSCx336pqMOK1dFMwqa4GzrgU8xOd0ZPiuQ945pyh1ofAGglqPYvQSIQ3gTfjkWbUexbeSrCXXrEX-x9hHA5ZqaYrcPtrDCqhpSuONWcumu4IUZ5VP6jJCG59ibJm53QePfezNF_mcpn7ARHgCp_1QPSnPyro-1bpvnBxNSw1yzvlwvKd7zpUeeK8IncVUri1lvyLlR Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame FA64	0 25 B	64ms 64ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_DmlAk8vZIDtNb3Gx_APg76ZkAoAAAAAOAHgBAI&bg=!p6SlpPDNAAYIJb0jKCU7ADkAdvg8WhbC5cdeqp8ZAAHg_wXu00aVBJ7SlczaIG9g8EIQMhW1sXnxnYp_K_ggC-DCY9jZqeGFvLcCAAAB0FIAAAAEaAEHmQNKzFqwM0PEr3M8qvsRL2KPBKMTzn9OVKklxS2QQIuxmoAPX3S-vs3voEKFXMIEAAg2ZxPjkJCT1ZTPb5ccCqk0OTY5PEet52pHOfvtFQzAlFny9q19g3571K0dLc2NDmdbphjyE_QCHKh5a0o5FTqGtRK9mYtt_MLAJ3P1_hrgewIlyCc5Eb0ShGNU17BBFakZSUS5SGhL54STbMI5Mi-LsmQVjQGxUwx_oSpEAw5PNwGMyS_-1Il5mOZNNgbqWD3sMMqpwECjMj6zXfVMufDLRkZTBrKmXUXhF7qxDLoLhyNvDk1FoQMGEyoqTIqokomOGI6kqDUYMjpH625z8gisDSuhUQwJ0YVa2vZWw4mmsaZSO0KKfE9tr9Kx-JCyR9Gb-RUYuGfYNXr9luyQaXcA8Plu5IMK7QfqwV5GtbI3YTi-3Y1cpGDHYURf_XOOVVNUAqGKCudzLr6145DpTWfPZONEUwE71oNJn2rVB70-SMybBPy5uqEiZ6arjCwZzwergsOVY2RuGMgzMBMOoGcfI5-A2wg1WDI5vIXrNhkbHjNntYJyliVWcUmSn_BnsXCvwyeUYbERXl3jwjTLeqD5_2wwiUstX-hB_siaaN3Tpc4nHAzfSxvV09H8fwvhNOP-o5uBICYTD5R_43fO8-3xA75st__Fl5COE5DEsaJtZExAvagOKiLu6fo8lj-sfG4pUUGfwL9NQd0oj-RgrwS3OWa-Jht_76igjntmDTg49fPX68bGy9NUWfelbv6N9eE8W5t7vRbc78UgOwJXKIdR-0nusNoS2GL0fsCNR0R1VIiHLFWXWdb_yIqmfFFTYLJWP68WUNucoX6DG-dDOkWZd8dD-jZsImGQX0OyryapHTbBjedLCXABt1WMKX0c4wbYjGwZ6XIcQ39lIIhlBGEigb1BorBJ8-vFY2-hAygVBJMNhyRGEuQk_ZoPcLG2uja17bDqDZCyC-oeUbZOnPnxl2oN2Zn47RxsO0krPICR6qixLhr09xSWfL3teFoB2gG3jqJV580KaooXSq1mpCieSZmr18NW2vOvctt7vOZw7ftk-VKCVzh2nhPKbV9QLgJ4ayL0P_3eHYFddVwzrne8rSXXK9zuJPOfTTc Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	300x250.html Show response s0.2mdn.net/sadbundle/11065803848835661824/ Frame 8CDB	47 KB 12 KB	47ms 46ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:20 GMT expires Fri, 05 Apr 2024 23:00:20 GMT last-modified Wed, 15 Feb 2023 15:30:17 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 96EB	0 0	73ms 73ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHhn1nloxhj2OnPLGL3JAxiwDgCWPqE7MUQ6GzfzOPpCn4nhDeJimG1EgYc4u8NlzUycoQNbWNsn8HaLvJ4BJmWw0YYkAW4arKxjt9SlyczdrqZT-35otHfnrX68Gw_5HKpIKjP9Tt8TNPpNKlsf4L2IS3z7dLLmvXqqxulvRFk-ZjYtT1w6i3OP4ds4bHugYl3-xAOECZIHe945P3RLCWwnJWRymF0EUujzM5h5sCQUv7vggqR3xI5tkPKxoHuwL5S86yDHRRWP_GgI4aoy4cC163E6VNcTHCRJAjJnzjNFilEBDTJ3a_qUnQ1JixeYayjwODcNv2ZLRe6JeNxrOKWhzJBm6udyadKdtSdFKzjshHnI84JIT1DULa93zEIYHBhC3M7_7NSFz4et1MFqugVxmfx-KXJRFZkJAuGpPJjNyDDliYytpLEL0uxyQQ1OrTLf7-9-d7Bffq1NryOCFovBlehULOrG1EzhDFIbEOM3P5pBCe2lVTTr0plBHTTU6S3b0Jr6kYPHiAZYyiNvkW4DI4IbR9fzzM21NUWLMCzp79EsvQ70hN-3ZktCmj_3Fa6Y0_EKvdY1RzTc-XxRSeNSMXWjWCkeXwJn5hzoIy3mGApUykSjD1BuvCZI79RL1C5Ska_yLXWwYVlOIxsYrO4s_DmYIU2Sskl0dsjVhJYvyNs2uObZY5d7d-4gDqq_o0hihHTC8okG0pMSAPlg_fZgODJo_nXfa3MECkziBtNH9IgBV_ppi7sTO68IUIzpfxB0MVbboSPmMevoajWTYl6TYEQ9wH5nrVKQDvJP0fPNhi1p3IfvAsuIBX0r5dI55NOnmioWLpMSfeycwr4FjLzc7rKYpnkHR84wgu23-tIasrIUsrQbh_SxeHER2OaQVO5H7jerr04f3ALACbRfIjATpIAtLynId20JDJsNEsfa9LFb_x00Zj8ydHtxr-W2NNCKPY0VO9L-0iIp8MU6lhmC9ecEgMW8D-kvDieXP8qYSnbjLSNOizl1vFsBnk2a7-5fIjuznD-f4kBnkuEyANZJNf1vPWlvcOCrjLeBipANJ4s63UnqREValcojvVK3ixMoTKRifD-tlwEaUr8v_44bP5uHUZRB9WiUT0cQ8cH33U-JOKBy3FH5rLibEFZnIZDtu__vttzWMOtvSmmKW75JF7HJGiPkf3hXYxQZWOG3k5hHRzchZebP8RegzL2-NAgjUwXtGu-2srV5PS9uRUYnHmSmMuoOeM_Su_Wm1-5NiMNO20tutITSKVwtgqT0ARJ5fedne5fW39KVZhL1GO06dn4owgQALgI0lgNHG3XLmlzXLUq0fSqXFKKEH27h8vL-2i5aAM64ZUw04FML7Ss2qT-SKBv6APC_FbYh5vDOEe&sai=AMfl-YTvYL9iXXKHqZTqaP6W_2el3MlI5_I_dDRIQED_iI0BkbgfJribWUnCL67Ob4kgdeP2kXsmWwsMmguls62ieICSMN786D0L8EoVzzU4TeC4UhqRt3LperWeaqaNsEDzudPtNPyMrQ74_6zB-wnBG0xaYVItUj5SH-CNoJxbiPFn7ifT67XU6Hw4c2VZggoUGL7dVrU_m2T-gRKo0yFak-_RRjuak0Gcntx7UC02FGhrpcB-44eX3p0RyvCHwECDKXdBm7Ugv8kxhwHaMevSKl6T3NgKhdFS3MXqpczkNwspA6o8zsDKTOGoSw&sig=Cg0ArKJSzMSHf7Uao_nnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=167&cisv=r20230405.15006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Apr 2023 23:00:20 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 96EB	41 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:11:20 GMT content-encoding gzip x-content-type-options nosniff age 103740 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Apr 2024 18:11:20 GMT
GET DATA	200 OK	truncated / Frame 96EB	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5fcce39ff5b5151fe19490e798361ea6934b323da68d0058ac839b75bfdd1814 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 3408	0 0	52ms 52ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuow3koEiQoIDh8DVtUIsYYJ2onCoDmWnBRu-CTvvAp1PMHUJ9Op2dl2v-Nq3hjzZEBDE8jMFYqcjmnXSOXFuLFIqcvG_GSenBXxAioTK7ULDCWSdJt_VYv5TkCyoY56lSicUvoVIg-MYx8d3-yR2LMvMAUWDVyvJ1B0ynkWePU9RavKC4nRx2xuq33An13AHiAo0L5B95RCvAdbT2zx35CiXOZPORXBnQIPa-KKQwB8ePjY2hJFgy-j5o57IIGZjUHlSODZrwinJhgOkU8mUNvqB6O8vQ-sPYcXvSdeqJXh4V8inhc2sU_ghjIeRsIgS1jaEjNel7qfaIPTDyFuIKDsvi7mQtQvoIjUYB3bbJWW88-WmgP_8fcYVgnjYovM2bGnlKfXVVKg9kTdpnZW_oIDVlqWLdPG4TidjdTWLWMX_DQ4pwnAE-fHQk_3Bc-5PLGS9c-s2es4NFAbj_WEsYho9OyghWETBPDLLk8_mWB0pmvq59Cy5vvOzx7W2jD3RjDFbVXV8mMvG6nxxJ3BClXflgLYRqf0Ro-yC8JEDBqfJQsrNADnYHDEoD6YwR2bpxdbj-tLlYyni_Q0Fx26022zVM2hiZVSbjdDKrrxYqnpf_uDXeNW0cd-0vKfuD1FGKQ9O8lIyunLLkp7uUToJgH8lJpgD0UyOPq-EQHwAjqSOVSBadvqeKjf9tZ_eWDbkjtReFpoI4KCygi35Tycs-DMtfT4MRkhQjOM340llMZMukBe-Riw-vvmRbP3KXQc_JKdpMUu1XaAzdrkfyM9D5mItyWxJckZcV4nGuZWmZTVM-kRo0HmrJBdTCH2QScZ0aV4g5I1oWH4nlrFEimCSHzulrxfgb7fqJb8mSA7cg_GEEvxRzGOcZfvkYCIduQHKmmwntwpXbiAnRKMIinaOXwrnq-u4-rTQ8oNE9ddUWWzeaYSaKZrjqawU9fA7x0U6aEhVr8byY3QhvXonB0epUcvIMNGk7cBLHu13Dc3gfNxnMsTGddYajEb8igA918P8OBF40VRvbB30QwKdgypr9qYDaNe0KRzC2u7DllpKt70aY1Yr52z1Kcw4kt1qsVzwz0q7s6z9QlcULV9kcPsvrisAz4VqMZ8GBH8q0fV1lEQBCgXjxM1dFAK-AYazBo01F3-IIKHwundFgFn0e7T5ZQP5Pj92TKAEVF2U6JKGd6LLZKRB_DkS5J5bqVeXdj86h3GN-ofhAUPubRrscL5HNd0sHAul0ooDdblArn_u0v9Vj8ed3YCzwe5XOMi9FqHv1KuRyV6Nu-4ty-3ltBnJNyHvLvZzpJGHzgzcu1&sai=AMfl-YSKoZ3D_S_KfEA6H54tFfE58vFKp-vVStXr8LtPMrSuXyOV9SK49D7_8KrTONLwcRo9Oz8-Voiw_-5WRQ_zHbvbU-jgLHq1iSGPu-JWQJ6QqrsKswwLnnGigJwKvRKVnXMEyB68U7CHyKxG8PDIKW1Hc9_JP76K1xVV2w4gnEJiBmYbZyd1-ftxsZB9E7GgEH_2BXkeGXjB4MQCLkED90wn9T1QY1zu4YeqApUM50bW3inP5lWZkJ1nD9SJz3KDvs30ARJZmOfDl7QJGaXU1i_QIA2UA95WoUa9CHJRTwpy14L0blGY81GxX4Tl-hg&sig=Cg0ArKJSzN29P5CUg5_QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=517&vt=11&dtpt=319&dett=3&cstd=190&cisv=r20230405.25613&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:20 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 8CDB	118 KB 40 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 15:21:19 GMT content-encoding gzip x-content-type-options nosniff age 27541 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 15:21:19 GMT
GET H3	200	gsap_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 8CDB	63 KB 25 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25329 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:00:20 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4D86	0 54 B	1088ms 368ms	Ping image/gif	2404:6800:4007:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lg5q174h&c=3416499742560&slotId=1708249871280&qqid=CI_hlfutlv4CFcWVdwoddtYBCA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4007:814::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4D86	15 KB 16 KB	46ms 17ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:31:10 GMT x-content-type-options nosniff age 217750 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:31:10 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4D86	15 KB 15 KB	52ms 23ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:31:11 GMT x-content-type-options nosniff age 217749 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:31:11 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4D86	0 25 B	53ms 52ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C7QY6A08vZM_TF8Wr3gP2rIdA7M_PuG_M5-6l8hDAk8rxgjkQASD_vu4sYJXikIKgB6AB9Z3yngLIAQWpAp6NxVFDWLI-qAMByAObBKoE-wFP0Pl-4Asuumj7PengoPx7WKIF8dOAabUARp0VS0lMG9-ymuVhyxsm7tH6EEWrKcFd2xxaLc-r83HPThLeiWjxUmZjH7LlwwD35BuGO1uwN2oS1TM9Ixt8UExE6RD51ZUPvjne2GTFs2CfmDzd-7k5JWBQnO7GoybPWTGW0DwzgCOQT4q3kMZPS8nN-Xrz8kHpA_b7WhvOIS0YHv4uJRVB35Atrpx6f2o-NKMLx_lYNlrxNa6B_G3-eALyPkJObM6gWXrh8fr4RcRLUv3C7zlJKUrzs6J0r-f06Fhx5xHk_ky0rv9i93FEuoMnJ1uIGTTqELo2GoHTMMTSz8AE--CxsKEE4AQDkAYBoAZOgAfz4Y3hAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTg4Njk0ODMyNTEwMzQwNIAKA5gLAcgLAYAMAbATraHdEsgTkcOA4gPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1680822020211&ai=C7QY6A08vZM_TF8Wr3gP2rIdA7M_PuG_M5-6l8hDAk8rxgjkQASD_vu4sYJXikIKgB6AB9Z3yngLIAQWpAp6NxVFDWLI-qAMByAObBKoE-wFP0Pl-4Asuumj7PengoPx7WKIF8dOAabUARp0VS0lMG9-ymuVhyxsm7tH6EEWrKcFd2xxaLc-r83HPThLeiWjxUmZjH7LlwwD35BuGO1uwN2oS1TM9Ixt8UExE6RD51ZUPvjne2GTFs2CfmDzd-7k5JWBQnO7GoybPWTGW0DwzgCOQT4q3kMZPS8nN-Xrz8kHpA_b7WhvOIS0YHv4uJRVB35Atrpx6f2o-NKMLx_lYNlrxNa6B_G3-eALyPkJObM6gWXrh8fr4RcRLUv3C7zlJKUrzs6J0r-f06Fhx5xHk_ky0rv9i93FEuoMnJ1uIGTTqELo2GoHTMMTSz8AE--CxsKEE4AQDkAYBoAZOgAfz4Y3hAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTg4Njk0ODMyNTEwMzQwNIAKA5gLAcgLAYAMAbATraHdEsgTkcOA4gPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4D86	0 54 B	1069ms 367ms	Ping image/gif	2404:6800:4007:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lg5q175h&c=3416499742560&slotId=1708249871280&qqid=CI_hlfutlv4CFcWVdwoddtYBCA&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4007:814::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 4D86	29 KB 17 KB	132ms 57ms	XHR text/xml	64.233.184.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DAPMP0FMnxUxzoeWmCNM5dHRcGRl_GbpTRpc6kiI3YU_MWYD_1R-tMsjOFjPh7k7Wsrklsz0NLNyN0Wo2qrbLxogz-mg&cry=1&dbm_d=AKAmf-A9m9PFLgvkS_VvUAibET05X56lbq4fahXedf3PlmXV3CRVIdmIDHVhSQGLqTsoyvqa9bjqbv3hCRcmj_c0V1nmZNHWCAYUdWdBcAaZ_F_Dpoa7_FTtNPu1j2zXyDcVMY7mAU4eCAhKmx5RbL-NhdqC8o-xgQUum8bs8lXZt1875zrhcGaf_V7sFpGx5N43kSAkSYa2rcLmP6P5AgiSyQYu9zO2XnpB0Xc2R5MHO_k2ddpnhIPY7rePBuxZbTu4h_Xe3rUJ8H2R5g5PoFrr-BkTGzJLduerw4Ldvig8LaLl8HcUlKBuwO7UuthKwYPLIvUtsKk91q_vysdl6QE14ENIVQeRxYe1FUVOEjLAKA7Q13iUSlUCkeXNX9TPXDOFC3KOAJnDblSr16UN1dexExmijmldVhIjnvOSrby0t2tBuYJ5NEJrt9cbwFxWOQJfNPPrhgTOT0Kr4pXyf4mPREaK0YPMM69h8nKFFUBJ0HngglSlg9Rhlrw2DaXs04s2RXxM-50mj1zwVY61VnDBG-pWmeFywGyT9pk5lyILReY27lhd_feSqyfkvSPB77RGydzqc4CdTG8uD3K2OmpMnCyRpG84UQXU6XxhePpqfmIL6vDSDvUNG2fRwAWNlNo6pVKF1JgpNohahLVUe06j6xOzVGj5bY9S3ywz5vjAEdFUJmMnaJtnPGwBEN3w4pmAJw0zeHoOU_VxadeHRU2O7wBayb9RqAQgj4MDm95umwf0iDIJsEmYlfbFfySoIMYiiwTSK9OkSqSK0_L040FjNtsOIMgzsVrZxQacBIITRsJsdgRB6VDi0yPcVBCmpBWa4xbEJ4_fM-RQgNHu4Zjheyp5xPvrEZILyYJmFuUjVQ8jrD-zYByFbw0hOf1kDpCtHM0AnUILqtEzjExOGXcBW_20mzHO7YD2TXiAGgyocKOVujShAMvGEPW5vAL5LDmNQCxTcncBf6sftG3Wnd0rQ9jGGpYODggrKmCqOTa2wpP5wEYMWquaUeo1BsstlZ61vfJaMApZHwFOTj1jljBzBEspLzXff093Vrzqv43amQ242bQohl-DstQQgJdjlaIUm2H7QAEenTMa0EpN05WXZNt3g5hrNb_ZI2nUtfp193M8v0Sd8WT5u9TUjiKVb8XzgLxhdzCHA8j8-xdhRLG4YaFO9FC9S5wwxIp2lE3abevAfW0BNhXColIvVTW01yGEKHW8mu45qCJeynKhCSQYq5emp3DSNWG9QyQYM6eORWhqkZ43XzyQxYJ2saVRZUnQ05MEAmv9umwPj1jsbT1mS31OyuTE49RPJbFOYxdWuinzX550CnBfeWUjqJBPh8vA9B4uLFsIvyf80GhvPDzl-C-UjXOdHU-eYqTh9k9c70rOutV3_Y8BdBuTA2nlmOs_94S8Ln9StQ2rQgdimgvtGPz-CMoWdzmAoIi36eZ9b1btMJdxI8zrfXmhoC_MPqSQzClhnO2Qe6SWD8Ra4Ng30siVc6_6uKK5KiIG9R3Z6zPLZTP8G6dCGNey8onDIGkGmzAvclGcToiReT3qJnvww6TJdZzxZP_xrKX9ZRN9CTqI5At3niVcjcVDZbJnEXKw7Gcdqhej_MWWL6R02PwehczoBxjatvXK66udyyEWmpTFduFHvsCGUh4JApxGFwkahAW9vF-mCC_RPH461qtTLz1qapSW4xXQ6J73Rl4yIAtSOTOhqV3tBtFTV3XO0TWglU_qdMpGFTqOCO9X0LFuOKoID-qvGGwx1wcIsgBmsqmjcYdoX576Sxxbv-JwGuTGy-dmNeoRphlQQ4a9oTt8wGclQ-ng2ttSD1CZxkww_Yu5RO9dSElxrmB5qw7KTpldC4JeHGc9b2_1d-tmOHwP1JiNd-hGG18NHSPMI7CttAtruZMO_tDIl6Az4GeJZXaEL_s3548wTww2aYL6xZgMOyoXLeK0U3B_xoneV9Hhfo6n6mObCO4YjxWDtYwqqschft5R7ueuQK5pgUnOmKIVOOMXpaHtUVASn2glx9YjVMo0VGOrs70AHW4QDE9r8LwwK5Z5fUMDTwrG_5Q5mhIpGD1IrJV4bXW-FOF_e3jvTnBfl64sC9RZk4JFM3yAP7mCmS7ffzVJTqq_9QFGMWabdx9pTjujt0e4QEfrelPZjRwUDXx9lRksBB5mU8tU2S9pdlc24ighWQPcK2BBH0EnJQmrB_c12KSTIb2mDwcV5Ti-AIeRNfuykQRgshrnsCYGPHcQRFKdvyMjHC4wfSnJ9iCXKOc_MejKF3_xwNhR9txWC0wOjTvT2lEVlf06KNY_AL45k7rwxFLXMruLpFIamR1lxqoc682BRephmLYhIvJmHCo0MIKSKbOLYyqZuI_JZV3ZCrd4wPnXx9ZWsskg3TBZSwOhSHg-qg8VKzNvXcnclmBkkwl0ekCeY9N8-osLMSITHdtAe0M0-j1qj9FwN5dS18JEyR-H8TT4Fl2x34Efj0PYX6oWl5LsQ2_KhRI_txWFWJ-riBeGOcLmtpTpUZdddFoUAHY_J--NXJU44vrQ3gZyzVX3qjqZQukX30vDOPR6XVF_DKupVaIlVfiqDnEAJbR-vAcgsKn_id1MFoki5OKLAVDU2V3mH3SexpQ6My6gRRYCb3qfNHFMEekmvFeCX311WI6UEr9xQ5YA95QQMhcWL-aD6GCU1K7jb6QaGP20DitqAHrNQWF1r0q-Q91wG4VcglhUtryHyVW9hAguNi-321OohvPA1i3Pr8LkIMiAjVJ7sXsxJ-_oBrihOgpHMeYkYWwbCPFQKIK96eR_D_N6ePxQhX9W6_2e_Y6nBO0Lr7I37UDulhlxFtgcU_A62lnU27otF9_jyE88yEiIH7WqeXDVf0iq4RtNiIojA8CKDtFX3ljNMlquOv5F8mUS5WPQ_iop-YgGl2X78srOsdCJcXW54r6OM38iC8EunznTkfwEtinpu3HqOiD_Gyybr6KuIk2attCQFS_L7mTDfxDdsSMXZ8TebudsE5TX9r3rZ5_FDXuNDn3HNVDmX-tO-85FHZt898Xkk0CkLyWELK1IzKMi3MoSky46j1vaTD3irhOrbq-M27wiaKjTZREQuJ4j6c4B-6U61J0_Fpn997MCLAUp5MxrcualyCLx98_CBtC3DZxmvUlzF4DxbeMdIoFWre6yWd9_Ot3xG6FHK-w1oH_E7w4EzoFCADBtScG2p-iPoeAzlIEf6KbksdjhC_fBD5jivWqcjKbDxTi9kbbhrAQhhLJhvdEPqT0TPvP8aKStkOEDtR8p-5irPQ25Y_LwK3P9EgSuzdJkYv5bH2s9G8o4dSgqhPkZHsp3PHT4lsbyHI2udPRiey-K-VTgYGAT7rIPDsnWDbH9JwLtwLqLCAqpjsioX4dnrM2Z6A423STzB9gbept9ndikgMBfxWXSNfWxQ6qf0XxMQfWT8IefurDokp6mmpMiDc-5otLSgKVNZHL-S6duFtQuq2Jg1rFK-6JML-k23HNonJpukeSvVnKuIDkPlYny41qPqPx0WnG552tQ7rs-C-fnjZMhdJVS7FDsEc-KO5uig1sZu_8gNYQ&cid=CAQSSwDUE5ym0T3OkcLjjlsYwPRA5KCKGfv709XYGwAT0hGkvWVMRZAfEdtWtueqopVWF-e9LQ4t45tCyBFm-y6bhNljikhL-9HoDa4x0RgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.184.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f157.1e100.net Software cafe / Resource Hash 0e651b9a6ed995dbd04eab16c7f2de0789d0965992c19505edff722bbd4cccd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16476 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 1B0D	36 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 0F16	7 KB 6 KB	88ms 52ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd2259afd60adaaa7ec84cd0d0c57d6bcae627143c74dd611df0c45c11a520fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5763 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4D86	0 0	49ms 48ms	Fetch text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CnAstA08vZM_TF8Wr3gP2rIdA7M_PuG_M5-6l8hDAk8rxgjkQASD_vu4sYJXikIKgB6AB9Z3yngLIAQWpAp6NxVFDWLI-qAMBqgT4AU_Q-X7gCy66aPs96eCg_HtYogXx04BptQBGnRVLSUwb37Ka5WHLGybu0foQRaspwV3bHFotz6vzcc9OEt6JaPFSZmMfsuXDAPfkG4Y7W7A3ahLVMz0jG3xQTETpEPnVlQ--Od7YZMWzYJ-YPN37uTklYFCc7sajJs9ZMZbQPDOAI5BPireQxk9Lyc35evPyQekD9vtaG84hLRge_i4lFUHfkC2unHp_aj40owvH-Vg2WvE1roH8bf4gA2jL0dwqXCHWuoJaOpPTCQrxMMIhm1bnwIWTqNelzuwit8v432QrZpq2dOciMOdVSQ0LQwuj7Im7j8moW4avwAT74LGwoQTgBAOIBeXf291JkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfz4Y3hAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMu7DBjviYjmAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01ODg2OTQ4MzI1MTAzNDA0gAoDyAsBsBOtod0SyBORw4DiA9ATANgTCogUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi0xOTQ2Mzc3Njk1MzY3MDM3GP_5HegXBQ&sigh=oSGNME3EChw&uach_m=[UACH]&cid=CAQSSwDUE5ym0T3OkcLjjlsYwPRA5KCKGfv709XYGwAT0hGkvWVMRZAfEdtWtueqopVWF-e9LQ4t45tCyBFm-y6bhNljikhL-9HoDa4x0RgB&vt=10 Requested by Host: 2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com URL: https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0146	22 KB 8 KB	20ms 19ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 48173 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 09:37:27 GMT expires Fri, 05 Apr 2024 09:37:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 4D86	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f4433ef1a1b37e438b84d9eb6617d9036ab7d146b3eeef7297df763a83cf6e56 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 96EB	0 0	49ms 49ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHhn1nloxhj2OnPLGL3JAxiwDgCWPqE7MUQ6GzfzOPpCn4nhDeJimG1EgYc4u8NlzUycoQNbWNsn8HaLvJ4BJmWw0YYkAW4arKxjt9SlyczdrqZT-35otHfnrX68Gw_5HKpIKjP9Tt8TNPpNKlsf4L2IS3z7dLLmvXqqxulvRFk-ZjYtT1w6i3OP4ds4bHugYl3-xAOECZIHe945P3RLCWwnJWRymF0EUujzM5h5sCQUv7vggqR3xI5tkPKxoHuwL5S86yDHRRWP_GgI4aoy4cC163E6VNcTHCRJAjJnzjNFilEBDTJ3a_qUnQ1JixeYayjwODcNv2ZLRe6JeNxrOKWhzJBm6udyadKdtSdFKzjshHnI84JIT1DULa93zEIYHBhC3M7_7NSFz4et1MFqugVxmfx-KXJRFZkJAuGpPJjNyDDliYytpLEL0uxyQQ1OrTLf7-9-d7Bffq1NryOCFovBlehULOrG1EzhDFIbEOM3P5pBCe2lVTTr0plBHTTU6S3b0Jr6kYPHiAZYyiNvkW4DI4IbR9fzzM21NUWLMCzp79EsvQ70hN-3ZktCmj_3Fa6Y0_EKvdY1RzTc-XxRSeNSMXWjWCkeXwJn5hzoIy3mGApUykSjD1BuvCZI79RL1C5Ska_yLXWwYVlOIxsYrO4s_DmYIU2Sskl0dsjVhJYvyNs2uObZY5d7d-4gDqq_o0hihHTC8okG0pMSAPlg_fZgODJo_nXfa3MECkziBtNH9IgBV_ppi7sTO68IUIzpfxB0MVbboSPmMevoajWTYl6TYEQ9wH5nrVKQDvJP0fPNhi1p3IfvAsuIBX0r5dI55NOnmioWLpMSfeycwr4FjLzc7rKYpnkHR84wgu23-tIasrIUsrQbh_SxeHER2OaQVO5H7jerr04f3ALACbRfIjATpIAtLynId20JDJsNEsfa9LFb_x00Zj8ydHtxr-W2NNCKPY0VO9L-0iIp8MU6lhmC9ecEgMW8D-kvDieXP8qYSnbjLSNOizl1vFsBnk2a7-5fIjuznD-f4kBnkuEyANZJNf1vPWlvcOCrjLeBipANJ4s63UnqREValcojvVK3ixMoTKRifD-tlwEaUr8v_44bP5uHUZRB9WiUT0cQ8cH33U-JOKBy3FH5rLibEFZnIZDtu__vttzWMOtvSmmKW75JF7HJGiPkf3hXYxQZWOG3k5hHRzchZebP8RegzL2-NAgjUwXtGu-2srV5PS9uRUYnHmSmMuoOeM_Su_Wm1-5NiMNO20tutITSKVwtgqT0ARJ5fedne5fW39KVZhL1GO06dn4owgQALgI0lgNHG3XLmlzXLUq0fSqXFKKEH27h8vL-2i5aAM64ZUw04FML7Ss2qT-SKBv6APC_FbYh5vDOEe&sai=AMfl-YTvYL9iXXKHqZTqaP6W_2el3MlI5_I_dDRIQED_iI0BkbgfJribWUnCL67Ob4kgdeP2kXsmWwsMmguls62ieICSMN786D0L8EoVzzU4TeC4UhqRt3LperWeaqaNsEDzudPtNPyMrQ74_6zB-wnBG0xaYVItUj5SH-CNoJxbiPFn7ifT67XU6Hw4c2VZggoUGL7dVrU_m2T-gRKo0yFak-_RRjuak0Gcntx7UC02FGhrpcB-44eX3p0RyvCHwECDKXdBm7Ugv8kxhwHaMevSKl6T3NgKhdFS3MXqpczkNwspA6o8zsDKTOGoSw&sig=Cg0ArKJSzMSHf7Uao_nnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=373&vt=11&dtpt=202&dett=3&cstd=167&cisv=r20230405.15006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: zsshares.com URL: https://zsshares.com/2022/02/15/assistir-futebol-online-veja-os-jogos-com-qualidade/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Apr 2023 23:00:20 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 0F16	17 KB 6 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 06 Apr 2023 23:00:20 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	63ms 62ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 90451a40b84efad5e00e00ce3b885c2943c0b9ac7c5e271a27f39cb0378bda2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11124 x-xss-protection 0
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 0146	36 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	frame1Background.png_1671714812913_frame1Background.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	195 KB 195 KB	8ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/frame1Background.png_1671714812913_frame1Background.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f088c64037818e781f6357d237de7dfb8b1800b2d27a222b79e08aff9b6c96ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 22:19:15 GMT x-content-type-options nosniff age 348065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 199187 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 01 Apr 2024 22:19:15 GMT
GET H3	200	blank.png_1671714812913_blank.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3f0cb03497090adda2da6/original/ Frame 0F16	191 B 220 B	20ms 15ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3f0cb03497090adda2da6/original/blank.png_1671714812913_blank.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80a466c320c6c23384298a00c8a1192195225a11d1bce68328cf37a6bce29aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:28:59 GMT x-content-type-options nosniff age 279081 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 191 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 02 Apr 2024 17:28:59 GMT
GET H3	200	logo2.png_1671714812913_logo2.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	3 KB 3 KB	20ms 16ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/logo2.png_1671714812913_logo2.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c3e404f048288e67b6048f88e121f4c5f3927377058000a01e057b1ff218839 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3138 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	logo3.png_1671714812913_logo3.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	3 KB 3 KB	31ms 27ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/logo3.png_1671714812913_logo3.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c0bdc4694a5f3bdd17a15d5dfc5375fe32ca435f5d81cff6c3bda066e18ebb2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2974 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	spritesheet.png_1671714812913_spritesheet.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/ Frame 0F16	628 KB 629 KB	31ms 28ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/spritesheet.png_1671714812913_spritesheet.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2decfcea631dc6e5a39e44aa0bf4be206b10870490d78d75996c896b5a6825df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 643531 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	frame1Image2.png_1671714812913_frame1Image2.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	27 KB 27 KB	21ms 18ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/frame1Image2.png_1671714812913_frame1Image2.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3aa12d2d3f125294a2bb3ef90ef5cc4d99e2e26f2b05f1fd44eba25fe1674823 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28114 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	blank.png_1671714812913_blank.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	927 B 956 B	29ms 25ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/blank.png_1671714812913_blank.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 21:45:58 GMT x-content-type-options nosniff age 4462 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 927 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 05 Apr 2024 21:45:58 GMT
GET H3	200	frame1Image4.png_1671714812913_frame1Image4.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	31 KB 31 KB	21ms 18ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/frame1Image4.png_1671714812913_frame1Image4.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b0254fd8f86e2ca0c495ad707da3cf3003df8bd6be01c70a5afbc68f8234b80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31984 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	logo.png_1671714812913_logo.png s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/ Frame 0F16	12 KB 12 KB	26ms 23ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a1666b011c425078e946ce/content/logo.png_1671714812913_logo.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61eb4bd63b7ad05757982fcfd7badeeb3d592fa56e6999698e9f65b7ffeadf38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=m2a7Ta5oSJ&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:20 GMT x-content-type-options nosniff age 536100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12375 x-xss-protection 0 last-modified Thu, 22 Dec 2022 13:13:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Mar 2024 18:05:20 GMT
GET H3	200	OnAir-Bold.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame 8CDB	47 KB 47 KB	28ms 13ms	Font font/woff2	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:51:21 GMT x-content-type-options nosniff age 539 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47676 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:06:21 GMT
GET H3	200	OnAir-Light.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame 8CDB	46 KB 46 KB	29ms 14ms	Font font/woff2	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:50:17 GMT x-content-type-options nosniff age 603 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46936 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:50 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:05:17 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 8CDB	7 KB 6 KB	79ms 65ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3d81037cda52098eaa3d9a2fb84356e331a83f76cbf626a9e32495fde43654e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5661 x-xss-protection 0
GET H3	200	60005582_20230403054618305_APP_iPhone_14_Airpods_Pro.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8CDB	160 KB 160 KB	36ms 23ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403054618305_APP_iPhone_14_Airpods_Pro.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c9331a76e62dd3e0053a589d108a922eb800d3790823ecb916a02a26a84b4e1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 11:57:35 GMT x-content-type-options nosniff age 39765 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 163495 x-xss-protection 0 last-modified Mon, 03 Apr 2023 12:46:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 11:57:35 GMT
GET H3	200	60005582_20220825085147454_300x250_BG.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8CDB	28 KB 28 KB	34ms 21ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 18:05:12 GMT x-content-type-options nosniff age 17708 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28198 x-xss-protection 0 last-modified Thu, 25 Aug 2022 15:51:47 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Apr 2023 18:05:12 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame 8CDB	43 B 608 B	78ms 21ms	Image image/gif	141.101.90.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO0401A20230405&ref=29118705_4307561_354695495_145340772_PO0401A20230405 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 06 Apr 2023 23:00:20 GMT via 1.1 varnish-live-2-2 CF-Cache-Status HIT age 3292496 x-cache MISS p3p policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 43 last-modified Wed, 15 Feb 2023 15:39:24 GMT Server cloudflare etag "2b-5f4bee2778300" Vary Accept-Encoding Content-Type image/gif x-varnish 71553153 cache-control public, max-age=31536000 Accept-Ranges bytes CF-RAY 7b3da57bcefc39da-FRA Expires Fri, 05 Apr 2024 23:00:20 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4D86	0 234 B	892ms 366ms	Ping image/gif	2404:6800:4007:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lg5q175z&c=3416499742560&slotId=1708249871280&qqid=CI_hlfutlv4CFcWVdwoddtYBCA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4007:814::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 4D86	41 KB 15 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 31 Mar 2023 18:05:12 GMT content-encoding gzip x-content-type-options nosniff age 536108 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Mar 2024 18:05:12 GMT
HEAD H/1.1	200 OK	file.mp4 r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4D86 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa... https://r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	82ms 13ms	Fetch video/mp4	2a00:1450:400e:9::9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C492646E1324515E1AADE4DA415F79429BC49DE.1C02BDC3A6A7A01E1FA69766BA2B957416273B3B/key/cms1/cms_redirect/yes/mh/gs/mip/2001:ac8:20:3b00:1011:4651:b353:9507/mm/42/mn/sn-5hne6nzs/ms/onc/mt/1680821335/mv/m/mvi/4/pl/49/file/file.mp4 Protocol HTTP/1.1 Server 2a00:1450:400e:9::9 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 06 Apr 2023 23:00:20 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2240567 Last-Modified Thu, 06 Apr 2023 12:01:57 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Thu, 06 Apr 2023 23:00:20 GMT Redirect headers date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 666 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com location https://r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C492646E1324515E1AADE4DA415F79429BC49DE.1C02BDC3A6A7A01E1FA69766BA2B957416273B3B/key/cms1/cms_redirect/yes/mh/gs/mip/2001:ac8:20:3b00:1011:4651:b353:9507/mm/42/mn/sn-5hne6nzs/ms/onc/mt/1680821335/mv/m/mvi/4/pl/49/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE8D	0 25 B	68ms 67ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1819410056685&version=m202301230201&ct=76&x=1&cor=18333858883384824000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 06 Apr 2023 23:00:20 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AE4	0 25 B	51ms 50ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7545222042197&version=m202301230201&ct=76&x=1&cor=15215314333841594000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 8CDB	17 KB 6 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 06 Apr 2023 23:00:20 GMT
GET H3	200	bubblespritesheettiny.png s0.2mdn.net/creatives/assets/4085730/ Frame 8CDB	26 KB 26 KB	10ms 9ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=dEcr9jzD6u&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:50:17 GMT x-content-type-options nosniff age 603 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27068 x-xss-protection 0 last-modified Fri, 12 Mar 2021 15:44:55 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 23:05:17 GMT
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 964A	36 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame B2B0	23 KB 9 KB	20ms 18ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 308040 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8727 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 03 Apr 2023 09:26:20 GMT expires Tue, 02 Apr 2024 09:26:20 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8251	13 KB 5 KB	10ms 10ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 35535 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 13:08:05 GMT expires Fri, 05 Apr 2024 13:08:05 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 9C68	783 B 1 KB	64ms 21ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c1849e36744e753fb10396d666cd54fedffaec6f4ff29f9906d7b648babbeb3e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-uQpKeUyhDsxopOnmrXDTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://zsshares.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-uQpKeUyhDsxopOnmrXDTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 06 Apr 2023 23:00:20 GMT expires Thu, 06 Apr 2023 23:00:20 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame D5A7	36 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B0D	0 25 B	47ms 46ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7kjJA08vZMeHIea59u8P3tyksAwAAAAAOAHgBAI&bg=!g4ClgNTNAAYIJb0jKCU7ADkAdvg8WpqC6Yng2Dru7OwrIfSsz7C3bqnBX4aYc0sSTBR4sLUmDA_irdrOh_qgJZL95_6rxhF3WMgCAAABKVIAAAAIaAEHmQM73Sx9SPfmL7gYl300tS1kPQOov6UsdlftDncfa3PqSQVLQbLmP2sStlOt0_d3-9vrnM0zzerqfWYyB2joCkO61dhygMP05jNcEvDU_hwLow3l6dVM4_nQsV9u3yy6ToFI90mXJrYIcbLNn3RSwg3Nc_YKksOgCK8SowjJCddStJ0ZsN56hjf_pfvle6tzXsyUOpP0Og5URE93F3NbJACgJ0bap4hSylYoxAkFEXQbQ__OKyBMt2fSYBY5XAeW9Xx96p7PLj7IWQszaZUHrdjUREXf6NkS9HMnjLKqqlWEb6Hg2oRbKvkqCNC1Wvw6FBQK8Z2P5IZiuDjaj3isAVEXowYlOtmKJh8uwswVOAJ85vhWnNbbRf9U4YlFWHdBvuqLIVYN_AiG1SDmPKlk0d8RNi7ZvlQEfNAvOCaxKRpLjMRten7T9jlONSxDLI8MFl1vLWG1Aj3Y0kxb2Ah93P8PJiS-7kjYjjQnh6hTb7ax4Ih6EguGpAqISSvObNQCUbqtORdDCullkyyTa_TWBk02rV5etAzOx4rrupy-LyHzkThZ849vZOuxzaC139Spli-ZGF3z7yVNvszm61_A80pOCWfCe8kczoNZHKmqOJYNNExqGZM54Z4oA5BOWLSSOndgslE6xAwyO0rsuCTbwKoUDlreXdaQcpSeYP_XuNVBeY2k-T2XDMJGgxlDPVqIubxMOvnaviN9WuQL1cT0PgG-5Nq_Xc2KeJX5GyCE1mYsbIykwJqpYuhOl4CLrPRHQhbTU9LEEIWARZZMvuHuma2S5YehzoF_KPsi4Iz_We8GvlJCqy8sOd13rw6Xrt_UglWziQWf7HMs0E6XkSf9cavVw1qIWNq4IxL4bxuQ9mXTyKu5YS6DcMMzTz2Xfp2-AuvLp8vKOeQAAge2bFf8yvE83hElcKbKpQDN82Pmg6tldF20gEWwo1Wzqwmbpf2ERfSnWDxxUGF7FEtidTBLTm25U8i0PKm4FvEHSpitWoE1VIZAo13g_n2tKx3wPB3kU8bKmzcTvdpfyUG-kfHWQYOgcU3u4es3KNSnjZlapuZ90xZHb_VedykiNzJRMr9FyifGuD_IJyMJVy7GMog Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	206 Partial Content	file.mp4 r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4D86	2 MB 2 MB	346ms 14ms	Media video/mp4	2a00:1450:400e:9::9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-5hne6nzs.c.2mdn.net/videoplayback/id/aea370ef8a3f1299/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825230663/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C492646E1324515E1AADE4DA415F79429BC49DE.1C02BDC3A6A7A01E1FA69766BA2B957416273B3B/key/cms1/cms_redirect/yes/mh/gs/mip/2001:ac8:20:3b00:1011:4651:b353:9507/mm/42/mn/sn-5hne6nzs/ms/onc/mt/1680821335/mv/m/mvi/4/pl/49/file/file.mp4 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:9::9 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 363da4ea9c86a2e150c989895dcbdf114c7abd492ce0bc197093f7c90e224025 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Range bytes=0- Response headers Date Thu, 06 Apr 2023 23:00:21 GMT X-Content-Type-Options nosniff Content-Range bytes 0-2240566/2240567 Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2240567 Last-Modified Thu, 06 Apr 2023 12:01:57 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com Expires Thu, 06 Apr 2023 23:00:21 GMT
GET H3	200	eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response pagead2.googlesyndication.com/bg/ Frame B2B0	36 KB 14 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 13:44:00 GMT content-encoding br x-content-type-options nosniff age 33380 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14213 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 05 Apr 2024 13:44:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9C68	0 0	40ms 40ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=4110757253356433&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers
GET H3	200	lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response pagead2.googlesyndication.com/bg/ Frame 8251	36 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 14:32:34 GMT content-encoding br x-content-type-options nosniff age 203266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14171 x-xss-protection 0 last-modified Mon, 03 Apr 2023 13:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 Apr 2024 14:32:34 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0146	0 25 B	45ms 44ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeuZEA08vZMz7L47Ex_AP2fCA6AEAAAAAOAHgBAI&bg=!vL-lv-vNAAYIJb0jKCU7ADkAdvg8Wv1JJokDyGAwL6ZpzCGVdGJz8iqBbNyNwKMU7GaKrl1wARjPa3PdJmS9oDqqs6EQ-PMn7pQCAAAB7lIAAAADaAEHCgA1w--wG69HxYEc6LMdtz_E6V6cnay263jWTD6lxHtcXTrGvMEfzNwDPdP3JwRBm-WbL68or_iZAuw7iFWAYtExoDApAczDGUGnCAu2q6B34TAoS5Kq14A0xYB4zpnfX6xXttMNvmyHfJ8IH9GheH7Hon43jO5I4-NDGQn6rKjxns9rohXNr0PC6LhQIkxXMshOUnC9OdRQXcqS9wuGrB__E96HF79vnCoh__JGnpW_dbuNab04ymkvuf4EJf1wQ-DNJ-Z41JDBSr9MschSvigSNsIfIdIoQDtXJE5BVF8fo9p2Z18s5gX05skCSPW8ogBMtM6vcVGw-OrWMZdc_PFhlkK9llzwHdWhtn1RODwcN-QIJcDuhQe1NLHSjm8tmORXq_cRDO2WIIJWdBedJWrnMEPZJ-3wt3UQxrS6AvgPVj7FzvXEZLR8pqTKeg1OgCGjAO6WfGJ5H1yuyGh3HTiIKKJI4Os6VabX1J-X-UvIn2Vvq6FS9oBda6-8Sx2bh2LQkqbQpruYmmNpNJ-wQDK3jogfZUtVZVpC0z-JnNS_G6Q7nvWFudZ6LSSVe53BVPMtRIMidVEnMbGdajJXiaZV3rgZD3ufQDp_rfSgSCBsT6C8qbUNh4pN5HLjMOozBH8XI8RBTLCf88XMvT4KkWJJ60I-PzlceRc4fdKEG_KISztZfGoW-7znMOZCVGbgYqSP5jgawLcylnuX7UlN4pg_9hjDPmXV47f2n_QAtOw5_zuxIunt0e7G7M06GBHmgyYMMN-uT30A9lufByQ1DSWzVRJ6WgsumsRNGKMGalzhpM8vu7tmbAXEUoyE7Dn2r_Z2LYKtcLQUZLS-BsdFmTfMcIMu71ogsb7orv8EXuI-3ehEChPB4fkWAgjXt6Y3qNkW6iNUmS5L6twEIvBabMKxa90qYBm2hsqq3PFRkl5aSwYqHk_mK8O2ns1eOU74uOTWmeFdX_HZMh9_4DDq6o5w5Dg-LSKbehxBccyjnMy_cozlpRZfdM7pmB7mP6fMRyND8kJXzmTdmiO6HtJ48rXkhYIHOPf4LKfRYjowJW-YQ4owmofu Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1CF1	0 28 B	40ms 40ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5398309604026&version=m202301230201&ct=76&x=1&cor=7298584160913819000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 8251	0 10 B	9ms 8ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?RIp1qw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 23:00:21 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2B0	0 28 B	44ms 43ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BY_VJBE8vZN-7FKGQ9fgP-5WUiAQAAAAAOAHgBAI&bg=!MTKlMmbNAAYIJb0jKCU7ADkAdvg8WrxNx_3Ka5La_hYwJEg0HdxKNxl29mEwHGtgXxHMo8zvoX55MrK1oyMRDs0F4Tf_isSrnVQCAAABClIAAAADaAEHCgBIbjFw3LfBujekQECtcWRPbZCjntlzCvN2iYkJNEfFQkD5tswMoyMyknYMBHAjRlYrBqF-60qbdZfZYqMVnnkLylrQTeUONlWCmQLoTouqMVOXeAlrJLDAIhxAx-tae3ZNn03rV47GhRcOzoEscF04Nh-YcA9psga8_NVhsth-8LB_miO9n5e3sat-E4_NapZN9H5CceeGLmzaTIa7Xy_RiaehzLZqJlZvzrhox54HK34kS2BHyVgPscUXkzEABtaGmiv9xstapcKUJiUZGlvRXkcJJDl9LRr2WakFL2Cf9dk8SkhzDIfWVqhoe0u2NE88e3fNA3mhQVU-EgAHM0aDa8Wvk3qSeB4gNvi0WeppH5cdufXwfTDIhO7tFN_p1P105sSf_evrjrJtSvoqq4oLq_uchbpKpKhwnGN3med4QenGofzcl3p6K9g1rUCd0z5_Lo_Lrv193CIl8hjICe9EjkLlnXq6RqlBJnDH1t98zmNjJO7GRhZ0WhHGnu8ZF9CqBnv_jd1dHElFVkgiIkXmPyDVnBfIO8M3rAHumDUEri6sE7am5WtMb5zovrf9bf291AoQSwhrHatm8h7sQFnnEETKllzBLFbTs-aAzOtxRNj5fIu67MaeFVYbv9gfuibXm2QwScnbCC06g1-qKjK2B71CnTGo2h3WOATJ7Zj2eUSAiJHY-bxkAhU75EnFqHG7VFuUPMqVVMxYBDd6xPWlA13rYE5QunPa5dTlGCdii-sRwtjXiORJF2p61LYYUawknEguW50ecpmqRjjtXDX8MiC34a-KjDwu0H7ketfTUSt4p4Ct0V1m64-hVTEUXX0fh4TAF_KXQl_6iVn4tSmCCDIEHs__6TmHiWWsWBDJvEufat3ocjhsYRLRSP2p0NVZem31QoHghuMe1lqlD5HMtzGJPOKh3LxM7D9nzFf8Lf2kppnZkCkyDsa6Yj4a4HXT3q9OzSRhsZXfiPCLN_PUwyk5_FK7B9dkEmaLOniF-vfLn0-Ia3goIK36ttPW-WScsD1gc4s--waYCF4uUNI9ZrQghH4Rour8hkZALY7yXgDRwHPSc30e9ihWNu8it-tXVEQN Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3408	0 28 B	40ms 40ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1245042451195&version=m202301230201&ct=76&x=1&cor=13433772056104004000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96EB	0 28 B	40ms 40ms	Ping image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5249486037392&version=m202301230201&ct=76&x=1&cor=7962766181263103000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4D86	0 54 B	368ms 367ms	Ping image/gif	2404:6800:4007:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lg5q17aw&c=3416499742560&slotId=1708249871280&qqid=CI_hlfutlv4CFcWVdwoddtYBCA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=996&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230405_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4007:814::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2e25e5e878c23ba313bbcb7d29c229d8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Thu, 06 Apr 2023 23:00:21 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	43ms 43ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=4110757253356433&bg=!MjGlMWXNAAYIJb0jKCU7ADkAdvg8WtWFqfgIcvPNpeHaACG3vs07L8qLpzSf9FzeS02JkL64g6fEgx1RXarzgqb2MINv6SkFMAICAAAA2FIAAAADaAEHCgCPaaXTXN8ype1JFrWMaUsajaB35_ilLnI4muR9ATz3kyKWpSlHbqxoMuwvf4HRMp34U8updGcmUppGQBs_AO8ZKnWQlMOcAO3R0APuIwK4u7FfI0cZqY3HQjW0SDFjXr1PAd4mhIxsPRR9HvAazDUEeinRsthD1LoQfD5U7MeIPZVqIFgNqtQfmJ3vN_aGDQOZAqnprhmOhK9ltYFP_Q6cZl1LpTcajQLsdDbLDicyrx3bpO8c1_NcXgiFyhYedH_60z2BIqBaHqZ0Pib_un2P8uKoEdj0YCnGvt3uz8nzFAlcaUclOxxfnZ0RJ8HjsQeI9rFtTkkYc4SCcR4VGwnHcfa40B9QxsQ-VCW0lcHCWm1wbukk_WPOOWaOg2agQtfBjBfeYaCwMq9lXPlT6Co-zRCr1YX8JmoCaGjMTmVr1mUO8L96hA1zYe5S5_rLv_n_juz2uf-5KjBv6uJEM7YgwjJhTB2iWYq92_97vcfEanj_e1Z_Fzj9BSgC1P6hro7aTv2o4i8DVUNQOow6flayrzMScddpJuvL2qLmX6YofOrbY74if3AzRGIoUZvRuXckDrUPy9YbICyvpM6kBwyamvlJl5XbHDArkK62GOtp7Ikt_ZG17HoCCVGQrQqXwAPZ8Rv5jQthBpOdyOIeuw6l5KPJ6BVQOAiq--1jtClMSnD8_1QHym0ej76bV2jvXEW63BgcwLaVF_MjGnAn-ag4JCD0-6xNspab7Wj6wANBp9rJAMDARKfG56yU6cgHkdQS0ZCamTAGn_k04jxR8TV2dSj8GqMkdeVIWUq_fhbpUSh-8iE9JZQkBYXH5RvQaIDoO93T1jWBz9q79TWbwjcsUJVaVdaA2-Ty1ykj5fIg9Em1E4jmml-yP-brfFwj-ZfFK8cIFrDM79UGUo7NtTvgD56qqgJsWKh_02LIP-ha14vDwljU6Fvms1N9SC5g4Wt8I48mRP6QEJshmrn12MY3wd5_9GqKua5qxMfXaKS2UhdjmZwi9Q1kJZ5rOBFRuQS9uc9kAMh-qgDNBsDK3tGumXVOcuUJ2wnFhkwcQMYlEt4RM9qoQ8j7CXFPIuG0Md7zBBWc6yEDJFyEq0k Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://zsshares.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers