urlscan.io logo urlscan.io
SecurityTrails logo

ubs.med.br Open in urlscan Pro
2606:4700:3036::ac43:841e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ubs.med.br/
Effective URL: https://ubs.med.br/
Submission: On February 16 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 7 countries across 35 domains to perform 206 HTTP transactions. The main IP is 2606:4700:3036::ac43:841e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ubs.med.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.
This is the only time ubs.med.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638::b 44788 (ASN-CRITE...)
2 2 3.122.47.214 16509 (AMAZON-02)
14 142.251.208.98 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 69.192.160.219 16625 (AKAMAI-AS)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 2 37.157.4.25 198622 (ADFORM)
3 3 216.52.2.6 30282 (AS-INAPCD...)
2 2 63.33.255.124 16509 (AMAZON-02)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 104.18.25.185 13335 (CLOUDFLAR...)
1 1 51.89.9.252 16276 (OVH)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 1 217.79.188.21 24961 (MYLOC-AS ...)
1 217.79.188.11 24961 (MYLOC-AS ...)
1 2a02:2638::2 44788 (ASN-CRITE...)
20 2a02:2638:1::8 44788 (ASN-CRITE...)
1 2 95.100.75.47 16625 (AKAMAI-AS)
2 2 172.217.19.102 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
206 33
1    2606:4700:3032::6815:486 (United States)

ASN13335 (CLOUDFLARENET, US)
ubs.med.br
7    2606:4700:3036::ac43:841e (United States)

ASN13335 (CLOUDFLARENET, US)
ubs.med.br
3    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
24    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
40    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    3.122.47.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-214.eu-central-1.compute.amazonaws.com
pm.w55c.net
14    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
cm.g.doubleclick.net
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    63.33.255.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-255-124.eu-west-1.compute.amazonaws.com
match.360yield.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2a05:d018:d29:3605:675d:6b7d:32db:18ea (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
20    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    95.100.75.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com
www.awin1.com
2    172.217.19.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
Apex Domain
Subdomains		 Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
748 KB
40 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 164
232 KB
31 criteo.net
static.criteo.net — Cisco Umbrella Rank: 630
csm.eu.criteo.net — Cisco Umbrella Rank: 8410
pix.eu.criteo.net — Cisco Umbrella Rank: 8393
759 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27316
ad4m.at — Cisco Umbrella Rank: 9707
assets.ad4m.at — Cisco Umbrella Rank: 36187
768 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
248 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
382 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 ubs.med.br
ubs.med.br
167 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
6 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 591
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 55634
imagesrv.adition.com — Cisco Umbrella Rank: 17652
1 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8334
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9696
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15146
54 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 28127
ui.cleverwebserver.com — Cisco Umbrella Rank: 28465
call.cleverwebserver.com — Cisco Umbrella Rank: 29571
48 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16118
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 337
959 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2330
795 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1874
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 714
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 88059
static-de.ad4mat.net — Cisco Umbrella Rank: 113114
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9006
696 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 60094
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 73457
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 65275
436 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 66484
261 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
5 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
336 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422
715 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1952
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 32171
610 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1124
213 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 863
602 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
43 KB
206 35
Domain Requested by
40 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
ubs.med.br
tpc.googlesyndication.com
24 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
ubs.med.br
22 pagead2.googlesyndication.com ubs.med.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
20 pix.eu.criteo.net
14 cm.g.doubleclick.net googleads.g.doubleclick.net
9 static.criteo.net ads.eu.criteo.com
9 fonts.gstatic.com fonts.googleapis.com
8 www.googletagservices.com googleads.g.doubleclick.net
ubs.med.br
8 ubs.med.br 1 redirects ubs.med.br
7 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
6 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 www.gstatic.com googleads.g.doubleclick.net
3 ap.lijit.com 3 redirects
2 ad.doubleclick.net 2 redirects
2 www.awin1.com 1 redirects as.ad4m.at
2 csm.eu.criteo.net ads.eu.criteo.com
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 match.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 pm.w55c.net 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 rtb.fr.eu.criteo.com
1 imagesrv.adition.com
1 ad2.adfarm1.adition.com 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 onetag-sys.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 gcm.ctnsnet.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net ubs.med.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 call.cleverwebserver.com ubs.med.br
1 ui.cleverwebserver.com ubs.med.br
1 www.googletagmanager.com ubs.med.br
1 scripts.cleverwebserver.com ubs.med.br
206 51

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-02-12 -
2023-05-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh

This page contains 29 frames:

Primary Page: https://ubs.med.br/
Frame ID: E387867EA075BA5F0320EBB6A508A247
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 111590CFC3AE89158D5E22ABCE3A8F32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&adk=318159125&adf=2184669829&lmt=1675362649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fubs.med.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925767&bpp=6&bdt=978&idt=167&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8212516383406&frm=20&pv=2&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=189
Frame ID: F7E4E388191C7C3B9718F7D24BD1BCC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Frame ID: 6BB23F8168DC49FA1B1FF6394FFE49D9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Frame ID: 3B90666D74C9909F052C0BFEE379C8C7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Frame ID: 5E272F04E248223AE17901FB48A82B3A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Frame ID: DDE63B8AF2355E8969A3E2674454D5C8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Frame ID: 2B2A2AD4821F7CA4385EC5E12F1D5E7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: 37AE7A99E3D46C5E3A8AD59EEDCF2540
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: E03E607ABF85F3C15D742E945AB76911
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7D66E98A2673E690C4C6B010DD99D8F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C9D7D050CAA33ABDFD3FC3CE90D73F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CHqXStoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBLwBT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQI2XJeoT7hzycCVJwrbZH29qxzFXWIhYG8yNiYlE9qTI8ZyZedLmABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA0MTMwMDgwNjc5MTc5MTIYAA&sigh=eUnfJpwAmbc&uach_m=[UACH]&cid=CAQSOwDUE5ym3wfYR72z4BuYMbbxZC8Juja4sIM-Xmvhe4D-SRtsu7i9jFtjYrsCzDpe3WLCWT_jjve1keoWGAE
Frame ID: 43BD677658A3D2FE670828D2DFD3FDA0
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
Frame ID: 4ADB4912EDEE4358210E0CD16705323F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B80BFBD37F9E253EF65E1EBB513E455
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Frame ID: 4E274DD00820195F74257E78CFE079D0
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Frame ID: 679E38B732B4985D5A70DE44798B9D26
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cu8FdtoTuY58axqjsA-jmiLgI7vmgym2Wk8azqRDa2R4QASCe9NYGYJXK-YGUB6ABsPzR9QPIAQmpAtjz8S8t_6g-qAMByANIqgTGAU_QJsjQpQOPkdDFTPr8MrM2tmTx5YuNqERVgvIC5zIPzLazro30_czdeQ_z-L3WDCY5L8t8jutkkBaOFpu0Z-GW772jmjL32b8YuZaF9fWbOAgVHYEIdvTm_3gk85CYE2uzRif59bQFqmVs4e2nukD4GfhEj7nfv5b_BZhAmgQ7JVkSu01dNT-KaS0FH30IA2_nL7oh0l7VsVDPx0T0TftMHIcTLpO01ru1mbOgS_-IT_2J8xFf2vPOP3hitg1841qvpTIozcAE_dqg-uQDkgUECAQYAZIFBAgFGASgBi6AB7iDrgqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_9RLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0wNDEzMDA4MDY3OTE3OTEyGAA&sigh=C7lXty6hiSk&uach_m=[UACH]&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&template_id=419
Frame ID: 2B3033CCFEB85D5A82FC16D205D06FB1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BEBF75BD7E313392F08EBF630CDA7F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 324D822C79429AED6A0FA933C0BFDAA5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9003817783E6B2270E13E14750AC1A1E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: 5A99F2CE85DDA88875BF024E1ECFD1F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 961EFFEAB86144913C90E8EF79F0A1C7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: BDEB9D529E957B10193FF63DE9DC46AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0191BF2ED659FA0E3640AF9DE1371697
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: 56A0A333200AE7D91B4D4834A2730BED
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D11E74F653ED0FF17F44CBF3DC89C38C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Frame ID: E9752D0AE9A911DBE6F4AAB7A7F52B75
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Frame ID: BA66799F7A10CAAA67C9885512C95378
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UBS.Med.br - Unidades de Saúde do Brasil

Page URL History Show full URLs

  1. http://ubs.med.br/ HTTP 301
    https://ubs.med.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

206
Requests

93 %
HTTPS

57 %
IPv6

35
Domains

51
Subdomains

33
IPs

7
Countries

3489 kB
Transfer

6908 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ubs.med.br/ HTTP 301
    https://ubs.med.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZtv5Xtfsq9Dbmcx6nD3Bhi41P8Vj5tkBPVnkFVVt2eB_1C0xxwIbAYacw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZtv5Xtfsq9Dbmcx6nD3Bhi41P8Vj5tkBPVnkFVVt2eB_1C0xxwIbAYacw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkd2eHFmeEkxUHNKWmQ1&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZtv5Xtfsq9Dbmcx6nD3Bhi41P8Vj5tkBPVnkFVVt2eB_1C0xxwIbAYacw
Request Chain 117
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAHMvE99YScdWz9ZzzRpxGg&google_cver=1&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK86eoGN-HR8c6AvHFM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDgzODc3NTczNzA4ODE0OA%3D%3D&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK86eoGN-HR8c6AvHFM
Request Chain 118
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ0O695MYaOwN2TpLyjT8QTzLATNThOqdx4&google_gid=CAESECBDfqM9AUHda_M6BM323_E&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ0O695MYaOwN2TpLyjT8QTzLATNThOqdx4&google_gid=CAESECBDfqM9AUHda_M6BM323_E&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxOTMyMDcwMDAxMTc5Mzc4MjA3Mg%3D%3D&google_push=Aa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ0O695MYaOwN2TpLyjT8QTzLATNThOqdx4
Request Chain 120
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECoNmOSSxpUnU7jx2eCndSs&google_cver=1&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi_Gj1t1MuLRgVtYKggbyNC4Y HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECoNmOSSxpUnU7jx2eCndSs&google_cver=1&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi_Gj1t1MuLRgVtYKggbyNC4Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1OTgzNjUxOTU5ODYyMDU1Nw&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi_Gj1t1MuLRgVtYKggbyNC4Y
Request Chain 121
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Request Chain 122
  • https://match.360yield.com/match/ebda?google_gid=CAESEFsueKH1jeJLlZqRsD4EtDM&google_cver=1&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJh4uZkrKfM HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFsueKH1jeJLlZqRsD4EtDM&google_cver=1&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJh4uZkrKfM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GYn7_LQWSXuECMLfkMWKXw&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJh4uZkrKfM
Request Chain 126
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 144
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGQu3BTwwD_hexVwgWotjMA&google_cver=1&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshbSIKkv9iqRPPzuQiK-Ew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshbSIKkv9iqRPPzuQiK-Ew&google_hm=GwPc7YfQS7qvhDpax6mVwI4
Request Chain 146
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF5KglD3ihxaGY_cRciniIY&google_cver=1&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUiZHKinnA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUiZHKinnA&google_hm=eS1nSXY5YWZsRTJwRWtmTnJ3OGVKUTh2RlY2VFdxYnVKMn5B
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_cver=1&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdDlD9atkm0AZ7BpiTfKeUoKV-P9NU4AqPObOBRrE0b6mLhvO11GaTtKCFLHPeb7UEbg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdDlD9atkm0AZ7BpiTfKeUoKV-P9NU4AqPObOBRrE0b6mLhvO11GaTtKCFLHPeb7UEbg&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_hm=Y-6Et9NgscTbH9vl5qdZwAAABLAAAAIB&google_nid=index&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdDlD9atkm0AZ7BpiTfKeUoKV-P9NU4AqPObOBRrE0b6mLhvO11GaTtKCFLHPeb7UEbg
Request Chain 148
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRFwqTVk5no2IlZw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRFwqTVk5no2IlZw&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Request Chain 149
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF987x1XEVsuLgnnJs-fkpk&google_cver=1&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetaxMpS0r1SHTxljZ1mB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetaxMpS0r1SHTxljZ1mB
Request Chain 150
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI9a74pvvyXaURfI8M4Hc9U&google_cver=1&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwNUgw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwNUgw&google_gid=CAESEI9a74pvvyXaURfI8M4Hc9U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc0ODg4Mzg4OTEzMDYyMzM0MzE4Ng%3D%3D&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwNUgw
Request Chain 156
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 165
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 168
  • https://ad2.adfarm1.adition.com/banner?sid=4593833&gdpr=&gdpr_consent=&kid=5627035&bid=17040887&wpt=C&ts=1944066353&ipt=0 HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 211
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSnroXkmv0CFXOe_QcdJB4MGw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 214
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1676575928_9a3dfb90-ae30-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=

206 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ubs.med.br/
Redirect Chain
  • http://ubs.med.br/
  • https://ubs.med.br/
66 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbdd134e0cb5aa52596f8d31e040abe1561883499463be07f1e0bb1c6d9c00c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000, must-revalidate
cf-cache-status
HIT
cf-ray
79a8b509ce319a41-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 19:32:04 GMT
expires
Thu, 16 Feb 2023 10:33:28 GMT
last-modified
Thu, 02 Feb 2023 18:30:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byOQLroULchw1jgm9uP3czdehoBa0OGPZuPOJMD90C0Mb6g0x7KNHJ04C0dM6Kuasg4AVuuBwPH6796qidPCjN82%2BMBa5oNnKkspNT74EtX6tfzxQBzzSDOAnmzRRGebTL8RCR6LkbWp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Cookie

Redirect headers

CF-RAY
79a8b5096dd13623-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 16 Feb 2023 19:32:04 GMT
Expires
Thu, 16 Feb 2023 20:32:04 GMT
Location
https://ubs.med.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBBIetuqqPlJ%2F8TNRFErOVGQ8ruE3b0PZvAVIl0sqHrppvJklFeGH%2FabA%2FcmJLvUi9vJEnguT1XzfDgDTpcQzvaFRSN%2FaJ4hXm%2F5Oez6Gvgjo%2B%2Fw8wqwQYqYPBkQ%2Bcym42IH9%2BYh3aNx"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0-css4b5acf766276c1024f64b081645f68fc866723f0bb1af20e6ca17a0961ce5.css
ubs.med.br/wp-content/cache/fvm/min/ 		147 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/wp-content/cache/fvm/min/0-css4b5acf766276c1024f64b081645f68fc866723f0bb1af20e6ca17a0961ce5.css
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6778009b637c9db4af940d6090178f605e68e1a30137ca6ac562798eba1b77cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Feb 2023 18:28:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rToD1a5qBPyzc8hBiNBU1f8vFM6aukRQZZI7xoPmKv3DYfqCCMZJSk4UmMv3yWpQmvh8fOcEYN36r7sUvV7PnuXgDYwYRvV8%2Bb4si%2Bm4P4jIHV725I5qow7QY3gkJJ3A0pXx3b60dcd%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public
cf-ray
79a8b509fe769a41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 19:32:05 GMT
0-jsdf191c532f286bd5da1540606748e93b0632ca48eefee7129de804304d7ec9.js
ubs.med.br/wp-content/cache/fvm/min/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/wp-content/cache/fvm/min/0-jsdf191c532f286bd5da1540606748e93b0632ca48eefee7129de804304d7ec9.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd83f19bacbeb1d1f4bfc3fecf9047cd45f1075958455d340beb6794f28a8559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Feb 2023 18:28:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfbJvmI4nRgGFq%2B7LwCeYSvLGbihAlyZG4DMs%2Ff9HzwbqPn6EPTG8eVttsoPii2V0brgCpSI1SLThcgocOWKslAnmzOeRn7j9QkiSpKKI2R1jVpIdgrZ%2BxzUvADrEs6l1sC6Vm7U0sx7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
private
cf-ray
79a8b509fe7a9a41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 19:32:05 GMT
logo-ubs.png
ubs.med.br/wp-content/uploads/2020/05/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ubs.med.br/wp-content/uploads/2020/05/logo-ubs.png
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
527eb07e1872a687fa88c286056a58e372240fa53ddcdeacd63041155695fb36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 11 May 2020 21:19:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eORRnEoZp3lAnCk1kOewDBwTT0D2AAxeJNXSwMDBvcOd7LgaCO0djWoorApjWdQfdpwGa889Y2O0yOxo5oJFkRfsvzHF3Ww44ZXSkee9I66RVxgQTfexUWFZUppMS5DnVnDmpmUEmJQS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public
accept-ranges
bytes
cf-ray
79a8b50c7efe9b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5419
expires
Sat, 18 Mar 2023 19:32:05 GMT
rocket-loader.min.js
ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2023 11:11:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ecbdcc-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2WKCcMnHq5HrX%2BvymQKKERhSPnYBhaTPlLdtzIDtcU67VD73e2WiSGvhr0H23s7n%2F918XerzFKRaJgjQf%2FFmNG78Hj8ARjstnUn%2FBq5iaz%2BfwKIiJWycBMOKJtKsKnu%2FfSAFG6%2FsePy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79a8b50c8f209b6e-FRA
expires
Sat, 18 Feb 2023 19:32:05 GMT
fontawesome-webfont.woff
ubs.med.br/wp-content/themes/ubs/fonts/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/wp-content/themes/ubs/fonts/fontawesome-webfont.woff
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/wp-content/cache/fvm/min/0-css4b5acf766276c1024f64b081645f68fc866723f0bb1af20e6ca17a0961ce5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1

Request headers

Referer
https://ubs.med.br/wp-content/cache/fvm/min/0-css4b5acf766276c1024f64b081645f68fc866723f0bb1af20e6ca17a0961ce5.css
Origin
https://ubs.med.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 12 Jul 2017 14:01:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqj3gbR8%2F9QTr3qWhWA7jeJrF6%2BMyKfR8LkTTsctfYqeTrx6q6U2hRIOmT7LPZRocnzvhs%2B1LXbB1vjXU8EuggJ1LwfCX%2FBfGODvT9zQxgHWqvx9yt3cAyrVTY73KYrATQUpAGk2PqqE"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=3600
cf-ray
79a8b50cbf699b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 16 Feb 2023 20:32:05 GMT
a0660a7088d90fab627f8893bd0c36fb.js
scripts.cleverwebserver.com/ 		128 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/a0660a7088d90fab627f8893bd0c36fb.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c05b5a9739c3ed9d84ea0e69d738e27f1af0797033d12399a748ec40a11d22e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
x-amz-version-id
.rc.EIJUo_k.JAg3NYmVj7Ce.M0V7GtV
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Feb 2023 15:58:00 GMT
server
cloudflare
x-amz-request-id
AZ50KPTB0BQ8T8Z4
etag
W/"19f08c3fd650aa93cee71c8bce74cd3c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
79a8b50d09a22c47-FRA
x-amz-id-2
wsmxQAxYUMP98R5e/Ne0EIi81w4chh0fFHymZhYqpWvsLmYJYqauP5aOF/FXsOumAetHVVF5Yx8=
expires
Thu, 16 Feb 2023 20:02:05 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3493925-76
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96820961215817661053d79a3544582c1c83e2967b2762b4f55dd0cc17223f2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44117
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 18:37:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Feb 2023 19:32:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4272f3887f25caa60c84d6c25726741c7acb5e701262d15c27e01a5cc8b015fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49742
x-xss-protection
0
server
cafe
etag
10969112964681303085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:05 GMT
customscript.js
ubs.med.br/wp-content/themes/ubs/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubs.med.br/wp-content/themes/ubs/js/customscript.js?ver=6.1.1
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:841e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869554bba8a13dce2b603d9b80221d5aa0f5860eb41d3acbf47a6e9c1878e4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 Oct 2017 23:25:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=au59DqyOLGcOlizT8iiiG2BieHVQr9Gez6OhwHaAtv6sVciSlSqzhF1B2t1GfZ%2BatCd%2FQCk3ZL8D8FFfYFwWcYXPPhFIeQpJBG1nDlvaAmL6CbDYWsPiUyCUUCMq7KAtdBDWzxwhGmWj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
private
cf-ray
79a8b50ccf8f9b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 19:32:05 GMT
/
ui.cleverwebserver.com/ 		159 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7983bc23ef32f0db821563ffef967eda18b38a4d3a5090fff222acddc016d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79a8b50ecd3c2c47-FRA
content-type
application/javascript
/
call.cleverwebserver.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=60206&c=DE&r=null&l=36&b=Chrome&os=Win10&mob=0&v=1.35.4&ref=aHR0cHM6Ly91YnMubWVkLmJyLw%3D%3D&ruri=&iv=-1&ctr=DE
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79a8b50f0da72c47-FRA
content-length
43
content-type
image/gif
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04915d8237e96e4442f5d92f9bec5fe8f25242b73ed707832284b0d10c6582d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49562
x-xss-protection
0
server
cafe
etag
13794740654703816299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:05 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 		366 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9ed6269710ec1c9591f11757443de1a1b7c62015221c1ef98af7ff62a6867db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123020
x-xss-protection
0
server
cafe
etag
14890402910216316422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 1115 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 12:57:18 GMT
etag
10353107486223812946
expires
Thu, 02 Mar 2023 12:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
654fcd2152a303119bfc8470498d3d2c5abe1711b2affadfce661c8ae9d0e8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49741
x-xss-protection
0
server
cafe
etag
17026401358949070239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:05 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ubs.med.br&callback=_gfp_s_&client=ca-pub-0413008067917912
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11564e6ccd477b6b72f5deeb69f5bacaa91c526f48e73ad5b22bdfe7d2175525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ubs.med.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ubs.med.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F7E4 		299 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&adk=318159125&adf=2184669829&lmt=1675362649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fubs.med.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925767&bpp=6&bdt=978&idt=167&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8212516383406&frm=20&pv=2&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e347bb13caf20b8f4fffa8ac632ed36b656112bb5ac8902d7bb2ca62c225101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
68111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:06 GMT
expires
Thu, 16 Feb 2023 19:32:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6BB2 		91 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9687f48acdbc648dfca8d6aa5c150004310964ff6fa939a32649764628fa8bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32275
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:06 GMT
expires
Thu, 16 Feb 2023 19:32:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f56f2e6648941905c1d316766faeae51cd42a7ad8861af23c6b6d95f148190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49563
x-xss-protection
0
server
cafe
etag
13542677628126883284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230213&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc05b07cd454adabdd92a6fee9b48afccee787ae991b6e3bd453b0eac040a3c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11141
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3B90 		100 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
895619f1f18745d8e8daaaa0eadb74a875407bcdf1859b29a1122959ea0a8bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:06 GMT
expires
Thu, 16 Feb 2023 19:32:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5E27 		87 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbea9bab5019527a3393c718f457ed51af3e964f333e0e958cf5dc21b3280e5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32505
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:06 GMT
expires
Thu, 16 Feb 2023 19:32:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3493925-76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Feb 2023 19:12:07 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1199
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 16 Feb 2023 21:12:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:06 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=380125636&t=pageview&_s=1&dl=https%3A%2F%2Fubs.med.br%2F&ul=en-us&de=UTF-8&dt=UBS.Med.br%20-%20Unidades%20de%20Sa%C3%BAde%20do%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=191037860&gjid=1252722320&cid=234690506.1676575926&tid=UA-3493925-76&_gid=219652148.1676575926&_r=1&gtm=457e32f0&z=199596882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ubs.med.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ubs.med.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6BB2 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 19:29:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:06 GMT
css
fonts.googleapis.com/ Frame 5E27 		7 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c5b03967ef763468d5072aa4312d7d9e82d314b01221324cd930b23f6c1169b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 19:32:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:06 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5E27 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 18:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14095
x-xss-protection
0
server
cafe
etag
4132495698818969146
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 18:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E27 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:06 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6BB2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
15454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 15:14:32 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6BB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdKnHtoTuY7A3tansA7WCi9AO2bTegG-ti8bFwBCowP_UqzUQASCe9NYGYJXK-YGUB6AB5Yei4gPIAQmpAg-bzHs76LE-qAMByAPLBKoEwQFP0EHkLTQyqrAdV9gBRoxwyc5e-EoalBQzyhK5KnC7ehyo73-z2-1ZYZ8XoysrR9rploLNKbaI3KBFbPHR7K9TtHPZ3ffSsfj1_rdJ3yl_OV-e8R5M-yi1cfwtZqC3x9Zufi3kEOp9VOqhupi6261AOam_54jUtbQvH5o3SIu2tfe1w_qYdZUrrDvDbmTTv6PImzCvsBOf__hQ8Q0cZdsJ2u15yN0ddyJHZw90rh2Ya-DG3dOII1c3yg04behk56yKwATGuqanjQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgfd1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzagW0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTA0MTMwMDgwNjc5MTc5MTIYAA&sigh=6gvOibX4vyA&uach_m=[UACH]&cid=CAQSGwDUE5ymf_Zf2cJJ_rDOZ_ndu0BwLzUk1FCORBgB&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Feb 2023 19:32:06 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/477148377964746266/ Frame 6BB2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/477148377964746266/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0c7ef7a9e9484b9c51515ec155fb398c478e8efb108afd3fd431b9c8d1ba6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:00:21 GMT
x-content-type-options
nosniff
age
1905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14672
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:28:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Feb 2024 19:00:21 GMT
13858113926643679640
tpc.googlesyndication.com/simgad/ Frame 6BB2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13858113926643679640?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2333edce18f6144809d20bf4bf66d566d96d88ef2ec3bc2ae2b5392193da0613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 08:58:32 GMT
x-content-type-options
nosniff
age
38014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2022
x-xss-protection
0
last-modified
Wed, 03 Apr 2019 10:46:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Feb 2024 08:58:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 6BB2 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6BB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6BB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BB2 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:06 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame 6BB2 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:07:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 May 2023 20:26:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 5E27 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5E27 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5E27 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91d03b03333899fbd90c0dd4c01bae0b583b10fffb806a0cb1ee2d0d6c4115d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52310
x-xss-protection
0
server
cafe
etag
5663903750454443536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:32:06 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ubs.med.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ubs.med.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DDE6 		102 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118eef7b9de43dbc644d7183d3f700adf8252c574700813903244b9bf63324dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
35789
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B2A 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ecebae631c796c36085ad84cb441d066982cd34223c7a45ef7544eb41f80810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12475
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 3B90 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 18:14:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:06 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 3B90 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
15454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 15:14:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 3B90 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 3B90 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 3B90 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B90 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:06 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame 3B90 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:07:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 May 2023 20:26:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3B90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CF-_WtoTuY_uuBZbMYrSZi-AOwZyM5mWercys-RDR14qzkw4QASCe9NYGYJXK-YGUB6ABn6PywQPIAQmpAg-bzHs76LE-qAMByAPLBKoEyQFP0DTDt5Nlbu_yHusX7c1VWuhKLbYTA72SS3ckXUYYVRXjy6MHcgf50HNZJVcqY5Uxk6JCpSJECoxu_hDNeekaRq92DOR6-LZcg0_UDvIgOyTQUGOveblIsY8jcq2kAYOPy9WQLDUw_eueSg7JmECaYWVbCjTAmCqPL_3rjXRcjmXgEONqigSJtC7UBK-kS2OVAmFLwltjUSr-AEVSLnnf3uYypM1TkcnZW0zKCMXqJ-Aamm5i3BjHLn-C8dHCzDy1JB8SpV6V8p7ABNmIv9fLA5IFBAgEGAGSBQQIBRgEoAYugAfJ3I0-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5vwC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMDQxMzAwODA2NzkxNzkxMhgA&sigh=ah0jzEw3hsA&uach_m=[UACH]&cid=CAQSGwDUE5ym5lL3oyEzWW5MsgGCn09MYuED_CFjSRgB&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 6BB2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db54ac0e0b998f6ca8272807fe3e37c6c17a7ea67cd4a9d9b7114c1dbe266063

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/3277109485315648614/ Frame 3B90 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3277109485315648614/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a6a8351a09caa9d0ecbed6cda865a9ba6975d06d95c5c7ef41339bb5f5aeabc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 23:41:45 GMT
x-content-type-options
nosniff
age
157822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51814
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:42:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Feb 2024 23:41:45 GMT
truncated
/ Frame 3B90 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3B90 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame 37AE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 12:51:54 GMT
etag
10353107486223812946
expires
Thu, 02 Mar 2023 12:51:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame E03E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 12:51:54 GMT
etag
10353107486223812946
expires
Thu, 02 Mar 2023 12:51:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame 7D66 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0413008067917912&plah=ubs.med.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 12:51:54 GMT
etag
10353107486223812946
expires
Thu, 02 Mar 2023 12:51:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame DDE6 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 19:03:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame DDE6 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
15455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 15:14:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame DDE6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame DDE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame DDE6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
l
www.google.com/ads/measurement/ Frame DDE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeyJAfZnMnMvcrQqe_vRST2lkG6jrcqOtZbL2dWDMNs-XJp3ZIlN74yr40hXdmVfrnUHhwwtUu254FUj7INe6wXRqr5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDE6 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:07 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame DDE6 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:07:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 May 2023 20:26:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5E27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAcPQtoTuY82uBoLIYqawhMgCwZyM5mWercys-RDR14qzkw4QASCe9NYGYJXK-YGUB6ABn6PywQPIAQapAg-bzHs76LE-qAMByAPLBKoEwwFP0HPpEfdEo4YMBDnoErTwfGDGRAVLEFaSavXL_v_Q7mDRAE1rj0h8df_D8brENF-U4-TRINGeit6IL1DQI4q7eNJqkankjiOMYHNtttRRFEMtY0SgeVGiicUdgGcTozz6j2tqxUP0RYRIlY94sYjj_rz42NCf7b0H2h8GliFnKV5aCv3F78NOrRCIYnXCYsgDGBvSLD79I_9JVDjIqQvaUAqwcFyehZ7_L_xJfPniJJIIXA22czBz0gYC9t3qjn1dd8HABNmIv9fLA5IFBAgEGAGSBQQIBRgEoAY3gAfJ3I0-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0vQG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMDQxMzAwODA2NzkxNzkxMhgA&sigh=8ZqZuFJoGA4&uach_m=[UACH]&cid=CAQSGwDUE5ymHPNvKZshKZxc1H1WEgJIYoYWv7i2GRgB&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0C9D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:11:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3B90 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9393831ca238a842ebce4748a4332c4c4db92926fbe1e00bcfcfdf9932e461b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E27 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f45e07bcbaa202fad15f2089f297ca94a1baa6e96bf28e41d540f7b3edbd83d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5E27 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:28:06 GMT
x-content-type-options
nosniff
age
241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 19:28:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E27 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:13:56 GMT
x-content-type-options
nosniff
age
22691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 13:13:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 43BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHqXStoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBLwBT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQI2XJeoT7hzycCVJwrbZH29qxzFXWIhYG8yNiYlE9qTI8ZyZedLmABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA0MTMwMDgwNjc5MTc5MTIYAA&sigh=eUnfJpwAmbc&uach_m=[UACH]&cid=CAQSOwDUE5ym3wfYR72z4BuYMbbxZC8Juja4sIM-Xmvhe4D-SRtsu7i9jFtjYrsCzDpe3WLCWT_jjve1keoWGAE
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 43BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kxc1h7q82fa08frz2zvkasgpm4wjdk5h4ygjytm2eeb0dexhm1n6yrabmhc53z055szpdyxmqmcs3kpsp8v8jtcgrpftsa3qymy0p8qcvtg1z5r5f500cv3nmvms3wgt74pcm0qp2hx9vxr017ame0mwdcs2wnv9kg0k1xpbd78fz1vtv2q3ynypatde8vvyen7pq4d15q7eazemzve6z77kqamg035k0tje8zh06mx69ng3m5bz1vtn6gabr5w2yvspcjggpm28tmcfkfr74xbn2cabjetpbtxjmtvf9n7n5p9sfp9h89cwnq7by6vg6c832p2pazrb9b0zwdh36j3s79m3ejxyqbfpnp091bdcdpwee615v7kdset8h65kzggyh1t23yxf60&b=Y-6EtgAK7I0KGJaSAAKWFJLfDNkMRqxFapjtpg
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Feb 2023 19:32:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 4ADB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a82ecef3fc5e767f74026ee3d8971752c3633b0cc177b04246b6018719e6c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
79a8b518b854914d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 43BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B80 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Fri, 17 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 43BD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
l
www.google.com/ads/measurement/ Frame 43BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUTnb-frGWWLq_7Jay-ZU3GApRXOwL4Iaxeq_nVhyFe6F8_oQ6TA0dq1dppjz9sXQ03Z8pXoVPndRkApfFI_fDdqo19w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43BD 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DDE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cv77ltoTuY5WrK9Op7AOr6oagBZDpgN5spu2w1PwP2qOr0JQdEAEgnvTWBmCVyvmBlAegAa2l0I8DyAEJqQIPm8x7O-ixPqgDAcgDywSqBMkBT9Cw6Sin-nq8i1IuTMMBdrD3JE-UmfrFdgA2A6JezrD2B11PiTB1HCEu9ubjnh6Vh_522r--2KlZXZIsT1NxlYom1ynW1yUarxKTcplSYI1u9dfL0NkWe6RwG2pnAao-TTxCAr2oMXCmPTVDwp8qhzdD1OWjJwUtM6C0f16ez9O_KL_oBc9L30dLccQZhbZjwQ1qwJkRLMee-1gotiDJzqFYq3hnMOkpNP0eb_zT8mGktJ4_9QeTiFsP97NSjq8F1QPwrRS8sIo5wASgwbmCuAOSBQQIBBgBkgUECAUYBKAGLoAHu9qvcKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJA10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMDQxMzAwODA2NzkxNzkxMhgA&sigh=ZHkNm6I-P4o&uach_m=[UACH]&cid=CAQSOwDUE5ymZY8FOoi7tyqnfe5NEXhuOjDrrVSsOyU4p9SmfGicTeVYJaO-BSHuhyEATECriqEGMvsZxLMjGAE&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/3529198506799940249/ Frame DDE6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3529198506799940249/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0dd39cd53bb12ecac8b525f0e1ef1418a7b86ee1bef559691cbedea922b2b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 08:35:17 GMT
x-content-type-options
nosniff
age
471410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15782
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 15:04:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Feb 2024 08:35:17 GMT
truncated
/ Frame DDE6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DDE6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 37AE 		8 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 17:32:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 37AE 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
15455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 15:14:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 37AE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 37AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 37AE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37AE 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:07 GMT
3fa5291869997d20adf47a02a7a75d04.js
www.gstatic.com/mysidia/ Frame 37AE 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:07:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 May 2023 20:26:58 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4E27 		169 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d35820c569e0b1afdd8e4563bee0fb25ed7e94db1574ad9c9a94e13e0d85ba7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=doC9DcknXAmWlDO8sI8Mt3SknjLyB-1wJ4LAKePOUP5Hbw7oqTpNCQ-umu1On-0iWVD9PuDqK2K4jFNvIJsZRRv7V3iuPp5ZisnCkfWmWV-D_S0hq5QAWzfjlopiCzoNkuAv7g6PT-xgEwW_2MwmKuELKH6tsYuqK2sbhmLF300wlZCfKj9s0kgAVnXnmotcP0xHveFJnMflSvM-EpUhqFah-rYb3jfvA7h_8u5owdFwDjsqfAnLQNaYc8_R3U5bBBcrHA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
96217307
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame E03E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame E03E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E03E 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:07 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/ Frame 679E 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c5c09c1260cd2943265b2743f09da255fae07ece6182075441258e164242d6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
87066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3502
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 19:21:01 GMT
expires
Thu, 15 Feb 2024 19:21:01 GMT
last-modified
Fri, 08 Nov 2019 19:56:41 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 2B30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cu8FdtoTuY58axqjsA-jmiLgI7vmgym2Wk8azqRDa2R4QASCe9NYGYJXK-YGUB6ABsPzR9QPIAQmpAtjz8S8t_6g-qAMByANIqgTGAU_QJsjQpQOPkdDFTPr8MrM2tmTx5YuNqERVgvIC5zIPzLazro30_czdeQ_z-L3WDCY5L8t8jutkkBaOFpu0Z-GW772jmjL32b8YuZaF9fWbOAgVHYEIdvTm_3gk85CYE2uzRif59bQFqmVs4e2nukD4GfhEj7nfv5b_BZhAmgQ7JVkSu01dNT-KaS0FH30IA2_nL7oh0l7VsVDPx0T0TftMHIcTLpO01ru1mbOgS_-IT_2J8xFf2vPOP3hitg1841qvpTIozcAE_dqg-uQDkgUECAQYAZIFBAgFGASgBi6AB7iDrgqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_9RLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0wNDEzMDA4MDY3OTE3OTEyGAA&sigh=C7lXty6hiSk&uach_m=[UACH]&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&template_id=419
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 2B30 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8846
x-xss-protection
0
server
cafe
etag
8106178524699001248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 2B30 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 2B30 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
21641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 13:31:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B30 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ubs.med.br
URL: https://ubs.med.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 19:32:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BEB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 16:22:49 GMT
expires
Fri, 16 Feb 2024 16:22:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 324D 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc21d7ee9efd47d9b50c420ddb13229928cce36f14d55eecfa0cb219ffb1b01f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HmP8wGJuL3Myt5pFI_M8Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ubs.med.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-HmP8wGJuL3Myt5pFI_M8Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Thu, 16 Feb 2023 19:32:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.34/one-ad/ Frame 4ADB 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.34/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675961363
age
613972
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdsk_oFxMrfQmT18UehTVqYFLCgKqe5owZa4nS6b5rDwh5FIXXl_KZlKkbMq5tI5jX6pwgkrGCLZNFReNIBmAJJUlCBIpNSF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 16:50:00 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1675961400209468
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSkOwNEi48v0t5zXf8AT%2BPwwiy%2BWsE33r0RRjlTs2kVUj%2F8NEhaEG7%2FBpJfP7p3IYogG3CXc1edwnyBILqMNcPjsL4qPVOMXkAHF5oMKC%2Bt%2FLX8A02Yt8Z52WrQY2egyc%2FYirSEiPyY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
79a8b51979d7914d-FRA
expires
Thu, 16 Feb 2023 20:32:07 GMT
r62eglto.js
ad4m.at/ Frame 4ADB 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
188862
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQPvEvwbehic%2Bin%2BOkB%2F647FjN3IhS5CB%2BknfpxKrhErRcp37y1sRNSBIo1avksaQVNx%2BRjcDgxrZQ1vYP%2BoDTJrJiCG2XfvpSPww3ZxS454eLFoKL2M%2FRPzQA%2FiDxiaJFEAvzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
79a8b5199a05914d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 13 Feb 2023 21:55:50 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 679E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
384
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:25:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 679E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 04:42:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
53399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 17 Feb 2023 04:42:08 GMT
EmbedCanvas.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/js/ Frame 679E 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/js/EmbedCanvas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3a93e5890e46a717c88ad130d2f6e79683539ef69e33694d1a643b83b5ac8dd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 19:03:31 GMT
age
174516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22081
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 19:56:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Feb 2024 19:03:31 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BB2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:40:31 GMT
x-content-type-options
nosniff
age
21096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 13:40:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BB2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 12:23:05 GMT
x-content-type-options
nosniff
age
25742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 12:23:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BB2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:13:56 GMT
x-content-type-options
nosniff
age
22691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 13:13:56 GMT
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkd2eHFmeEkxUHNKWmQ1&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkd2eHFmeEkxUHNKWmQ1&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZtv5Xtfsq9Dbmcx6nD3Bhi41P8Vj5tkBPVnkFVVt2eB_1C0xxwIbAYacw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Feb 2023 19:32:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkd2eHFmeEkxUHNKWmQ1&google_gid=CAESEPYULrbQHFYEouim8FxHdL4&google_cver=1&google_push=Aa02lx8AxyJAtD2YQWYq_gfURzHn1F6Mnk9Y2CIsJKix8mZtv5Xtfsq9Dbmcx6nD3Bhi41P8Vj5tkBPVnkFVVt2eB_1C0xxwIbAYacw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAHMvE99YScdWz9ZzzRpxGg&google_cver=1&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDgzODc3NTczNzA4ODE0OA%3D%3D&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK86eo...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDgzODc3NTczNzA4ODE0OA%3D%3D&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK86eoGN-HR8c6AvHFM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDgzODc3NTczNzA4ODE0OA%3D%3D&google_push=Aa02lx_nZJX3wTEijOGFgWuEItxQLF7gFDAV-sSH6zEjWfDEOsnPovYLf7jwm3MHQhSVCKCHO-gMvFWdo1fzkK86eoGN-HR8c6AvHFM
Date
Thu, 16 Feb 2023 19:32:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx99b3PA...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx99b3PA...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxOTMyMDcwMDAxMTc5Mzc4MjA3Mg%3D%3D&google_push=Aa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxOTMyMDcwMDAxMTc5Mzc4MjA3Mg%3D%3D&google_push=Aa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ0O695MYaOwN2TpLyjT8QTzLATNThOqdx4
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxOTMyMDcwMDAxMTc5Mzc4MjA3Mg%3D%3D&google_push=Aa02lx99b3PAVNry3h0kDLOOlwH4lqhsCa1TlZNgYUVUrt140k3M6LQp0OIbem4FewfnzQ0O695MYaOwN2TpLyjT8QTzLATNThOqdx4
pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Thu, 16 Feb 2023 19:32:07 GMT
sync
odr.mookie1.com/t/v2/ Frame 4B80 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM-7olloTMpzKXE6ptapV1Y&google_push=Aa02lx8UItDw-hCgyTgU6BeWIe3fmh49O0M7Ksb6GRjVJuKHcE1JsHTGIAYQ0mpxcE9rjEsDHejS16Drqlombo_V73B6_3qjjSpynIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECoNmOSSxpUnU7jx2eCndSs&google_cver=1&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECoNmOSSxpUnU7jx2eCndSs&google_cver=1&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1OTgzNjUxOTU5ODYyMDU1Nw&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1OTgzNjUxOTU5ODYyMDU1Nw&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi_Gj1t1MuLRgVtYKggbyNC4Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1OTgzNjUxOTU5ODYyMDU1Nw&google_push=Aa02lx9FfvmvD2mjmPE-lCIKbRbAzVI14JQjTygP-VtEDIqaBXR-LUKDniokqlgeDUZpPFyne8z_rzIi_Gj1t1MuLRgVtYKggbyNC4Y
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXd...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXd...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg&google_hm=GKvUqGZHWmLaBXZxRRab...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Feb 2023 19:32:07 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx89MUvoCALVgcam_ZqFjb0BWRQi-ccFyZCl7cioNRt_dl4Z7naF7HFtHhebQgv1IfN5NAjDzUnLIJn3ITeXdvbKCM0Z6tzssg&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4B80
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFsueKH1jeJLlZqRsD4EtDM&google_cver=1&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFsueKH1jeJLlZqRsD4EtDM&google_cver=1&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUsz...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GYn7_LQWSXuECMLfkMWKXw&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GYn7_LQWSXuECMLfkMWKXw&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJh4uZkrKfM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GYn7_LQWSXuECMLfkMWKXw&google_push=Aa02lx9t8L-5Yu56WzTYfdsFuA4EaFgFyUw6BIy_-xQdldTNRD3JkEa-PCyfMK32178B9k2mTN5qj8j7KLHHbUszITDtIJh4uZkrKfM
access-control-allow-origin
*
date
Thu, 16 Feb 2023 19:32:07 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 4B80 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZZhv2UGyvWPx7ZrDjXyPdoYFOn0SIX_EvnHwTRoLJvs4GftYLcBFJ9YSHRLt2jGI-Vl1R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=90&adk=3975884382&adf=271796810&pi=t.aa~a.1994534330~rp.4&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x90&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=10&bdt=1811&idt=10&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108%2C1060x280&nras=3&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tGQbFA6mKt&p=https%3A//ubs.med.br&dtd=69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9003 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:11:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3B90 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 16:20:09 GMT
x-content-type-options
nosniff
age
97918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 16:20:09 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C9D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Thu, 16 Feb 2023 19:32:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 5A99 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=108&slotname=1333971085&adk=250477977&adf=3519860513&pi=t.ma~as.1333971085&w=1060&lmt=1675362649&rafmt=11&format=1060x108&url=https%3A%2F%2Fubs.med.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1233&idt=7&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C1060x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=F4CfvTOs1n&p=https%3A//ubs.med.br&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 961E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Fri, 17 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DDE6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fc6d730a2ea6c7be729903d171715e212c0a2b30ab858bb4bba5457c2859634

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 43BD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c51d6500f70927703c78c6457915a1de5070f2d26fb94f9b582e4ef227a51f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2B30 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bfdc5409b44d2d689dec3c239adfd715371fc02d20f3d1eb0c6ea590904fcf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame BDEB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1411497807&adf=2231897594&pi=t.ma~as.3164382913&w=1152&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1152x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575925868&bpp=6&bdt=1079&idt=91&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1472544216&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mbQZp7fSji&p=https%3A//ubs.med.br&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4E27 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4E27 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4E27 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 11 Feb 2024 19:32:07 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4E27 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 11 Feb 2024 19:32:07 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4E27 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ULtJgdf-d25BDl79y1zj0KUH4QX6XgSeb7GRNX0g4JzHqOuo4MJeiGCZFb9zPHR8TZIBg5Kel66AKXt4ggUa9VX3xXYb-M2WSS1NvJtRbk1s0nyjyzkeNR4on6ord43M-QWTK9WeI5NvFklwI5fzdVG9gvMoyUZu3lfgKo1ibRMrBRW7lRYqXvFGeYgaZRu4ZGQNr8SpqHNBZ0ra-3nNO4q4jFQp9eD0Js33QgltUkH_RQyfDBIrm7PYqKyPsew52JAWC0MiLmBmSpZ56n5A8MRWUGZnCuZDB2p2hRnGrAOKBiE72lmgZNhkYqtEUppxI0t8V9GHsMRxtEoweEkO53LgsInKx-8xaGHk1h-b9N_Ygbtg_aFPu0r2rGD7rh2UYds7qWZWZuKvyUwmNgnb6n1TNzGJ6AhxyE8uq8NjeiGw02Br
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2155962
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 324D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230213&jk=2930457557478265&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0191 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:11:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4ADB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.34/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3345
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb%2BUsY8YDzySm45OogN09v5fmH04s8o%2Buy%2F5FEHJqPAiHkFeE%2FtQSzQEyyF5gXBKL9K6IbzcV4nABVKtqXKdBldUhQJoTr3wb8%2FvZUFCb0WXAZ62Vv2VRQ4f5Eu9lDAgTy2krQju08XvZHZdAhwS7yTp"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
79a8b51b2a8430ee-FRA
expires
Thu, 16 Feb 2023 19:25:39 GMT
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 56A0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&slotname=3164382913&adk=1846478241&adf=766642486&pi=t.ma~as.3164382913&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926023&bpp=7&bdt=1234&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=1579670217&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=c22ifkRAj9&p=https%3A//ubs.med.br&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 5BEB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
frame.html
ad4m.at/ Frame D11E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
168509
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
79a8b51b685539f1-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Thu, 19 Jan 2023 19:22:47 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A6BBLoO3ZoS7Itp4GY3oN47ThrW2ghRxKThUfiEnAgSCF4YaoRHq7w1zqywe4aNZQu6wHRZ2ktWQgIQ4caw7oDlpJCSGrpzPaUlw%2FhEYYYQc7px4P4eGdDlz%2BgzHqeEVvHuGI4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGQu3BTwwD_hexVwgWotjMA&google_cver=1&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshb...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshbSIKkv9iqRPPzuQiK-Ew&google_hm=GwPc7YfQS7qvhDpax6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshbSIKkv9iqRPPzuQiK-Ew&google_hm=GwPc7YfQS7qvhDpax6mVwI4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_Ts0mSn-V_6zHkb7gyaqAsunZTIAQdHU5ZYmOH6f3eAJ15-L0eCRNRf4s0Qbwwwho8RW54ABLqshbSIKkv9iqRPPzuQiK-Ew&google_hm=GwPc7YfQS7qvhDpax6mVwI4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 961E 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDAh6z8vbZugMyT-wimrXLE&google_cver=1&google_push=Aa02lx-ef0YDWKj1c28qOVZSD9FRXfugsVMDSWzI66SXEySwbTJu11WSKZGLu-VAgPLR2-OBRdXs2cMUTkTmwoSOQeQkMOy3m21cIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF5KglD3ihxaGY_cRciniIY&google_cver=1&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUiZHKinnA&google_hm=eS1nSXY5YWZsRTJwRWtm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUiZHKinnA&google_hm=eS1nSXY5YWZsRTJwRWtmTnJ3OGVKUTh2RlY2VFdxYnVKMn5B
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8A3g8Bz-FCxqFeshXnmExDtp7uK8YCOaRTsoNrPgPWrUMvvbcDFXADL9dFSA8ppIGHs9AYPz6kYxZqNlwm5P3xfUiZHKinnA&google_hm=eS1nSXY5YWZsRTJwRWtmTnJ3OGVKUTh2RlY2VFdxYnVKMn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_hm=Y-6Et9NgscTbH9vl5qdZwAAABLAAAAIB&google_nid=index&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_hm=Y-6Et9NgscTbH9vl5qdZwAAABLAAAAIB&google_nid=index&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdDlD9atkm0AZ7BpiTfKeUoKV-P9NU4AqPObOBRrE0b6mLhvO11GaTtKCFLHPeb7UEbg
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4GwrEgA%2BVDeG3qC3z0L9Egy7SsVTi3UAn%2FI73ocQufbAow6VF1YkFvEIWi6yA1eRTFW3UZ4YMDGlh98cBwzwne6%2BsdDtqy6b6fwA8U%2F2pL1l5l8rREFD%2FVGysPin4luhv5V1eFZpuwMJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAnzb0o8kN2V2ZmI9DnApBI&google_hm=Y-6Et9NgscTbH9vl5qdZwAAABLAAAAIB&google_nid=index&google_push=Aa02lx_3vUz6zjGrdB3IkIxAcJyV2a_EHzPdDlD9atkm0AZ7BpiTfKeUoKV-P9NU4AqPObOBRrE0b6mLhvO11GaTtKCFLHPeb7UEbg
cache-control
no-cache
cf-ray
79a8b51caf8d367d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKZ5Y6sfutE6c1nGQe7FxRU&google_cver=1&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRF...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRFwqTVk5no2IlZw&google_hm=GKvUqGZHWmLaBXZxRRab...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRFwqTVk5no2IlZw&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Feb 2023 19:32:07 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_MvChD-iFafR5pIIzi-x6pHtiWrD89ZR11rb13epOGdDaavVQANUeBYiuGCDjRRMG_uFHkr-rZ9VMZIXGRFwqTVk5no2IlZw&google_hm=GKvUqGZHWmLaBXZxRRabvPnk
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF987x1XEVsuLgnnJs-fkpk&google_cver=1&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetax...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetaxMpS0r1SHTxljZ1mB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetaxMpS0r1SHTxljZ1mB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_9aLaD-sgcSQpYCfIhhujBBYTfEtAJB15-3UbKiKrO3pAxNKcw-kfwOCa4egtZ_KSD00dYjERcetaxMpS0r1SHTxljZ1mB
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 961E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI9a74pvvyXaURfI8M4Hc9U&google_cver=1&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilw...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwN...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc0ODg4Mzg4OTEzMDYyMzM0MzE4Ng%3D%3D&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc0ODg4Mzg4OTEzMDYyMzM0MzE4Ng%3D%3D&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwNUgw
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc0ODg4Mzg4OTEzMDYyMzM0MzE4Ng%3D%3D&google_push=Aa02lx89XL532CS_rn9QJromdg4J2GqeYfVg42L_EWj5QIUhlp9bxlJtPAuQXu4euYkSzOaTDz6ENExyPP5ApgB0ysCR3oTilwNUgw
date
Thu, 16 Feb 2023 19:32:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 961E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkrisnttohxLzJavtP2MPf8irKaIFyoqLuE6h6X_M3qswVQtGjvlyBReWQaInLwNhYSZ4o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 679E 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/js/EmbedCanvas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 19:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:07 GMT
css
fonts.googleapis.com/ Frame 679E 		2 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/js/EmbedCanvas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
075446d8551ecc439b3f689fa00706996502eafb75fa75aa662252f7cc03e288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 19:32:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 19:32:07 GMT
d8c8f1b5b51c58239accadf301f7f929.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/images/ Frame 679E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/images/d8c8f1b5b51c58239accadf301f7f929.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815aa7b0f0b4520c714fb5ee59f8f818fdc044af91adf920af82b2da504e0df2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Feb 2023 17:14:43 GMT
x-content-type-options
nosniff
age
8244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3736
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 19:56:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Feb 2024 17:14:43 GMT
7b6da766eec3581e87c06a5994812df9.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/images/ Frame 679E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/images/7b6da766eec3581e87c06a5994812df9.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10953060782551645352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f16be41be56439804acee577d6985ff0f31434e0334b573d6dcc2a15a474af31
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Feb 2023 12:28:43 GMT
x-content-type-options
nosniff
age
111804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 19:56:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Feb 2024 12:28:43 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9003
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Thu, 16 Feb 2023 19:32:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DDE6 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 16:20:09 GMT
x-content-type-options
nosniff
age
97918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 16:20:09 GMT
truncated
/ Frame 37AE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 37AE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b71b833e94200708f895c6c4f6eb63e82a46fed77d71f34e9958e04de7d9aa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4E27 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1347255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uylRjkk6iY2%2Bt%2FZZqAmKnt8VdDLEV0vei1%2FSsGodioaQMSGQW96TBQ0OXff17zK5kXOJRHmfwMyQx5L9NiGGyiYrSVlrvhxLA48GIxefQ%2FNeLp4Gn2%2FIzs4%2BGToRxAAL6bsYy5TfOkYus9hvXqjAeDpL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79a8b51c49a53723-FRA
expires
Tue, 06 Feb 2024 19:32:07 GMT
animejs.js
static.criteo.net/animejs/ Frame 4E27 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
all
csm.eu.criteo.net/ Frame 4E27 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=doC9DcknXAmWlDO8sI8Mt3SknjLyB-1wJ4LAKePOUP5Hbw7oqTpNCQ-umu1On-0iWVD9PuDqK2K4jFNvIJsZRRv7V3iuPp5ZisnCkfWmWV-D_S0hq5QAWzfjlopiCzoNkuAv7g6PT-xgEwW_2MwmKuELKH6tsYuqK2sbhmLF300wlZCfKj9s0kgAVnXnmotcP0xHveFJnMflSvM-EpUhqFah-rYb3jfvA7h_8u5owdFwDjsqfAnLQNaYc8_R3U5bBBcrHA&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4E27 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4E27 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0191
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
expires
Thu, 16 Feb 2023 19:32:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2
fonts.gstatic.com/s/rubik/v23/ Frame 679E 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76daefe52b6acc9186d0b1a2a4a15acab20bcd18cb7f0c25256ae60671a335c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:42:37 GMT
x-content-type-options
nosniff
age
13770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17572
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:13:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:42:37 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 679E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 16:35:10 GMT
x-content-type-options
nosniff
age
10617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12848
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:35:10 GMT
1x1.gif
imagesrv.adition.com/ Frame 37AE
Redirect Chain
  • https://ad2.adfarm1.adition.com/banner?sid=4593833&gdpr=&gdpr_consent=&kid=5627035&bid=17040887&wpt=C&ts=1944066353&ipt=0
  • https://imagesrv.adition.com/1x1.gif
68 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Protocol
H2
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Feb 2023 19:32:08 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Feb 2023 20:32:08 +0100
server
ADITIONSERVER v1.0
etag
7200838780032451797
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 37AE 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkljptoTuY50axqjsA-jmiLgIn9Dxg2_g9Pf3nRGGzv-VhBsQASCe9NYGYJXK-YGUB6AB_P2zkCnIAQGpAtngjh6u6rE-qAMBqgTDAU_Q0oWyzB-Plfqxli2oNtuhC0ONjs2QLqJqmEEcEgZXXBxV2BvxWr6q4V21xBx8JUaxSKUvvPJxQCgtI-Sk3G5GgMrMVrfMfG6_LqEanbeTI161tatRSGp1ql41c9LRAvx_yIHL8qrk3e7SKPE1JgbqP6wcnwZKHPn5mvumSE4Tgf_NuVZ7KPiJuAAcHmmpXZKDNZoO4NZVaj9AJd2R0J4A7n8cmqUen1wg2ddYVpobZpV_0vpBcA3NnJ6M8oiCk3yQyMAEnpyskJYEkgUECAQYAZIFBAgFGASAB_y1hPADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9sMC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMDQxMzAwODA2NzkxNzkxMhgA&sigh=tios66QJcIg&uach_m=[UACH]&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&template_id=5020&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame E975 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0413008067917912&output=html&h=280&adk=2948133176&adf=2581412900&pi=t.aa~a.1994534330~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1675362649&rafmt=1&to=qs&pwprc=5407000762&format=1060x280&url=https%3A%2F%2Fubs.med.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676575926601&bpp=13&bdt=1812&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4da4cedfe59bcf8a-2243ba8286dc006a%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg&gpic=UID%3D000005788dc9b700%3AT%3D1676575926%3ART%3D1676575926%3AS%3DALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA&prev_fmts=0x0%2C1152x280%2C1060x280%2C1060x108&nras=2&correlator=8212516383406&frm=20&pv=1&ga_vid=234690506.1676575926&ga_sid=1676575926&ga_hid=380125636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072384%2C31072387&oid=2&pvsid=2930457557478265&tmod=298312065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RjYaxmuYLa&p=https%3A//ubs.med.br&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 4E27 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
rs
ad4m.at/ Frame 4ADB 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e877ba8389bd1af891bfb39b14c8d268fa459f5ab96de5d3eb79b10bf4f4e969

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3y03fX1Ng2mESgqeyfJiGr28nwaUTa9HMosi1LKfVRSY%2FN43LN9I5bBa1djSUz6bDoI1TzqEBw7Tq0Dn5uEGf26Z8uvaYlhN%2BNixW3kfWD2lWjBeiOCuoaq4rsI6gRtuaCO4pc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
79a8b5212f6c2bfc-FRA
x-backend-server
aa-reachservice-group-europe-west1-85bm
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 679E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 22:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
77286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:04:01 GMT
generate_204
tpc.googlesyndication.com/ Frame 5BEB 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IeHozQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame E03E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b0945d6ce189e6fb380780cc44905f563c4bab969d5697bf2790b2db7191db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 4E27 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:32:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E03E 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuEfZtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEtgFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l-JtMZnmtnmAmOMiWDTomuxyPTGFv6IlkqnDcM5pP3iHuWvnmtY2YAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDQxMzAwODA2NzkxNzkxMhgA&sigh=dL5WzM6h5_Q&uach_m=[UACH]&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Feb 2023 19:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame E03E 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMC-MLQB9AOdg2ICAgAAADHIJat6xfhkELWE7mOVzn0L5d9hYDyTAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
204284
content-length
0
img
pix.eu.criteo.net/img/ Frame 4E27 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=232&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=356&s=2k83D-jPpIN0qxtK-jYSrEfV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29230669
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27603
expires
Sun, 21 Jan 2024 03:09:58 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1573478455%2F19305485-Eyk2dNTp.jpg&v=3&w=400&s=clGqG9peNAg-I2yiIhVl_pcN&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=412356
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9320
expires
Tue, 21 Feb 2023 14:04:44 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		354 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=jBnWN17oJ5tiMqvOBZjs9kr3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29037710
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
354
expires
Thu, 18 Jan 2024 21:33:58 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544803151%2F18300358-BQBk5bjM.jpg&v=3&w=400&s=7q9r08ZyY2ZjqaZMxEethEAi&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=387569
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7468
expires
Tue, 21 Feb 2023 07:11:37 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22205677-gw18eCKD.jpg&v=3&w=400&s=7Wh7eQEAVWbH4LZlncwOH2WO&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b3f1acd797f56900e86d30d09258d9cc0fb7da5fccca58e20a45086bad2fe7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=481594
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
77880
expires
Wed, 22 Feb 2023 09:18:42 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		305 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=WxeZ40iswIdbUILCBA5EYhvv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27894069
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
305
expires
Fri, 05 Jan 2024 15:53:17 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22242959-St0zWgsN.jpg&v=3&w=400&s=1Mzn-o6OnhN1pNJE1nadhTjy&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
99db216f8fc5675e74fc42ba1cf0a6d3a03078fb3973e3d492a0533988d8795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=568599
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17076
expires
Thu, 23 Feb 2023 09:28:48 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F13128063-cJR0HWU6.jpg&v=3&w=400&s=VM15aB5l3btgs6goqhqI37_q&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a95f42349fdea4437c1f111edbc922153a2e2b0f16f1738cd66bfdf85619a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=487786
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11532
expires
Wed, 22 Feb 2023 11:01:54 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22095879-gWT0MCRQ.jpg&v=3&w=400&s=AbJ3GAQkuC15SSp4ruO0e3bB&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3059d7a2174c4c98b350393a2b60bbc302ffe12b394ba4d120b0922f5a6bb026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=509332
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
74630
expires
Wed, 22 Feb 2023 17:01:01 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=01JKQy1uWUfNL-3B4pN9nv6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28904193
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
110076
expires
Wed, 17 Jan 2024 08:28:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6BB2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssL9olVCfZm3oeXZvQawMKzinx74jHZUAzhlzlaVU2qYY2V7goRwe7t__s8ZndMgNZOy-Ho-neKVdtnQIQTwAWxZNTOFSLg_UKCnYHFGEyXBWDRLhOl6xOiwpHT4v0H7kWLsnncAg&sai=AMfl-YQ9b4tzFrPtQsGYRlLSzvT6SRtj6lfyYz7r-O1555hsyLIwcoOgEaBN1MnetK-H-IgIwXqIDSOEkj_b&sig=Cg0ArKJSzMuFvHpsAc7yEAE&cid=CAQSGwDUE5ymf_Zf2cJJ_rDOZ_ndu0BwLzUk1FCORBgB&id=lidar2&mcvt=1000&p=0,0,280,1152&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1411497807&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676575925965&rpt=1417&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230213&jk=2930457557478265&bg=!6Oul67_NAAYuhb89DoU7ADkAdvg8WrfRCUez5UjO8UTEqLqdQFIsJzU0NkaSleVjEpwNVOSi2tnzgFlqup8XZXkuaWgs_RrTngACAAAAeFIAAAACaAEHCgBQNlRtK2wp-q8G_aPtFrd9UnvTtQ3vDUEbZWJvjD-GUGZ-zXWuQj3pwuC1GqyURD3yNQv7jDWVeROOLtLD78sWyA6CotT0IHY9kaa8d4igoHeZAupaSo7oqX9Hj0Fg4PIu9qJ4we2UDOBm8l5XH28dN7mz68oZDELXR-cyzwtEd12dADfz-SO1-GI95jFDt91Plkt_k_HmBIdMBAZC5I71QcRnTKIlgK8aSioCs7JRYrtyGvFF2b5s6DWE2hmzgIL-n2frwZXJWgcJaOOjlapm5BdTzCIcxoRA_c5gHswIvJF4gxZ2wgGDpmPZKgsFxv5k25nzayW0ehSUH0fku4oBAkbd1miGLFj1g5AdC6qW9L_m36FwytKCRfJG3g5l3oHrYCrFBN3sJHoWRng0xEXTjauhr55oswOTKgrGBGtmHgGvQ6QeSVOLCp13cw2Y0XBOb_Y7hqB1fjgcaCqG9Ke8E61Qd0e-n6EdNAf_-vbUYPu_VkmkvxwYCwHlMxeCrHIZIJmD1oOIl-xX_saYABAvDxGLpqg3hqLLKImKigqK7IR6CW9udX2dqpt3gUbXxLv4Ef2gEzhj3-l2rbzACCYqbt77_mDvjKKZ4sY4ISvKlVpqXUukSrVZdWc9VYCo5a80A-gd9IPG2RmTD7Pj9SA8zfDTWJrToOQXetvBw6imAYmUMNE2GxF5ZRYvAJnsFXdvTaPtaR-t__fQhX1N7zT0D8k8WEYkQjHu_ZSp3U9eLHKAYX5t2etva-sMDjERYlGdA7jf7NR8kBm6vR35HNAlUt-lZxbS5NiFHuh57D_LFz0wA4V7EKpLlFy5ELrDpBF-Zzyligu5mJzQbcQE7Wr82xKS-8lGq1AVYAgAUYZJfMyd4VEB6khi7BCTHOuYC1rV8thDv_to8t2heDwHqWWKdb7kqCEvUKstv0xX4FmNDSJKUBWzLtS9Wd_pc6Mt1jU9S5mAPE_YR_l5XLwl02-h6tsj8irmNt_DPpu2w5kgEkrlKy0ooXHrOXg0Hbj-cBzBhBeoTVWwds_MlUsTw4JRNmo1Sjl1DodvRbWYoorl9S7nMXqyVlGzF1ju6os2uI_9OCcVKLj7TzONvLfTag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ubs.med.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79a8b520def22bfc-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Feb 2023 19:32:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL1o214Ui6L%2F9GcMKGs2fs2znERlwkuQmzSJcC4kdszKcrfcoSyDNPaiyBpZSiWC89dy5yG%2BqbMEtQnfVt8ixTvyZSMaTyy4PI7xIFw75S%2BzidyAB0eZakbHNZC7Iw2ZumvkIMA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-85bm
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B90 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbEgWWm6Www9-88Wk9EEdY5NA4w1FAOuOuamSaD42VQeB5_oAjgHWZk-WGC46KFzdVSShJ35dUZxyKcJY-JVTV3xADVrK_ssU5vej1LqH8qHGFv3kjUoJELxy0rhHpUmI0wEVeDg&sai=AMfl-YTtjSTmICNWpsORGZGxuOoOrcrqB15ueP_SlNX_3NZ-oMtTDWmt7Y_NElg3g7hgR2viKH7XJ6sT--O5&sig=Cg0ArKJSzK8DuCq73DgTEAE&cid=CAQSGwDUE5ym5lL3oyEzWW5MsgGCn09MYuED_CFjSRgB&id=lidar2&mcvt=1032&p=0,0,280,1060&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&vu=1&app=0&itpl=22&adk=1846478241&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676575926042&rpt=1392&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B30 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdXsF9Pkeofuzwt2HoXRowu5foFO6_ESDinoI5kAJFLpMH-97pV0K0aDucbTKoIgH-Bgr0abZOWSlkDcQXTgQ842JMTLEy5X6JnrVjpzoKqZ2oFnnwGOJGuk3DCpEZ4fYmHWeMFQ&sai=AMfl-YQRiDcKdb7-J3f77CIrSFSwazLbs8eQpHT2owisluRNcsb3qsq3MyMblZbFQXifFMipid9iIxB0g2bk&sig=Cg0ArKJSzGqq8WSpbxcdEAE&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&id=lidar2&mcvt=1034&p=1,0,83.84375,646&mtos=0,1034,1034,1034,1034&tos=0,1034,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=2&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676575927213&rpt=209&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=232&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=356&s=2k83D-jPpIN0qxtK-jYSrEfV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29230669
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27603
expires
Sun, 21 Jan 2024 03:09:58 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		354 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=jBnWN17oJ5tiMqvOBZjs9kr3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29037710
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
354
expires
Thu, 18 Jan 2024 21:33:58 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1573478455%2F19305485-Eyk2dNTp.jpg&v=3&w=400&s=clGqG9peNAg-I2yiIhVl_pcN&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=412356
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9320
expires
Tue, 21 Feb 2023 14:04:44 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		305 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=WxeZ40iswIdbUILCBA5EYhvv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27894069
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
305
expires
Fri, 05 Jan 2024 15:53:17 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544803151%2F18300358-BQBk5bjM.jpg&v=3&w=400&s=7q9r08ZyY2ZjqaZMxEethEAi&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=387569
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7468
expires
Tue, 21 Feb 2023 07:11:37 GMT
rar
as.ad4m.at/ad/ Frame BA66 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc50c24421aba9a75152e764dd46c224c41134f5bb3c79eb9caf8e86e095945
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kde524dxdwzas2m8ns0xt5mvyrqm2mps0v6sqwd8kf826e2zqdhasqy4555bm61ggm2h640q9j2v1a1serg2rcx8y24eepcw2q7906gywjd9t9bwf63vkmx323cks9xx913mfcszwnyk4g7bgr1fsrg4rg4jsyma4b39w6gapkt6d7www4d3fyafpr2c56mr38j141dank58vh5s770nz3wc15f1863bnm8c92s7yxbg7tnsda3g9y6kckymrdpa9wpbyvwxrh2x6xbrhrhg6jj83nh846frj1n5dh3h914cw2zkj5syf2s4y29530yz7xr8t4yxx9sf1fyxxs2arf22z9bhty30fgs9vvvsaazq9faejj532vhec3fz8egmsyky2czt94rj1wbcjcwf35e3cmhax2h20h1c50tr46qtvyp9g2wf1j02157xase1m3nxxdz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%26client%3Dca-pub-0413008067917912%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
79a8b5217b4039f1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 19:32:08 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
img
pix.eu.criteo.net/img/ Frame 4E27 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22205677-gw18eCKD.jpg&v=3&w=400&s=7Wh7eQEAVWbH4LZlncwOH2WO&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b3f1acd797f56900e86d30d09258d9cc0fb7da5fccca58e20a45086bad2fe7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=481594
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
77880
expires
Wed, 22 Feb 2023 09:18:42 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22242959-St0zWgsN.jpg&v=3&w=400&s=1Mzn-o6OnhN1pNJE1nadhTjy&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
99db216f8fc5675e74fc42ba1cf0a6d3a03078fb3973e3d492a0533988d8795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=568599
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17076
expires
Thu, 23 Feb 2023 09:28:48 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F13128063-cJR0HWU6.jpg&v=3&w=400&s=VM15aB5l3btgs6goqhqI37_q&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a95f42349fdea4437c1f111edbc922153a2e2b0f16f1738cd66bfdf85619a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=487786
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11532
expires
Wed, 22 Feb 2023 11:01:54 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22095879-gWT0MCRQ.jpg&v=3&w=400&s=AbJ3GAQkuC15SSp4ruO0e3bB&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3059d7a2174c4c98b350393a2b60bbc302ffe12b394ba4d120b0922f5a6bb026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=509332
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
74630
expires
Wed, 22 Feb 2023 17:01:01 GMT
img
pix.eu.criteo.net/img/ Frame 4E27 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=01JKQy1uWUfNL-3B4pN9nv6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28904193
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
110076
expires
Wed, 17 Jan 2024 08:28:42 GMT
default.css
as.ad4m.at/ad/style/0.1.34/one-ad/ Frame BA66 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.34/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675961363
age
613974
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdsk_oFxMrfQmT18UehTVqYFLCgKqe5owZa4nS6b5rDwh5FIXXl_KZlKkbMq5tI5jX6pwgkrGCLZNFReNIBmAJJUlCBIpNSF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 16:50:00 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1675961400209468
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul8MJXI951guN%2Bc99mzJSK0640S7Ip1TNmQ5GK8AuDz84zerYhoF4Un1JZyP4aZfWKuShTedp4Rt8GVuQfo58o2M759j4ltvmnHwcJz9Tn7NbxZe686Z2X59hp20e856R98zt0%2FZwF4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
79a8b521bbae39f1-FRA
expires
Thu, 16 Feb 2023 20:32:08 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame BA66 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1897208
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWyzVrtwSA2wIzofY5WuldDUwxda7Uj2QodQDCX%2Fv%2BtZPGmgSUwpBpYH8vyaRndRydcb73w1n8lB19kZrRzDSVJyJfsmp2xTFjSAeBEteAhA%2FlTxuIpPbbeBMnBEwSx1QKLAqe9iyZcruF%2FG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db89914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame BA66 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1891830
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzVCBNgUKaAC%2FLqAheF0BWNVnVPYEguWSvLl77JKhXRE1gYQu9ftkast7iPs4%2Fs%2F1oC1hqoRSTa61tij2Bc44wmkd%2BuCiewxj8tfC5MP53yLnNrUgbxMDdGX95bX%2BgruhELFA7tBLkweVaxp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db84914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
cshow.php
www.awin1.com/ Frame BA66 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Feb 2023 19:32:08 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BA66 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
354145
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwyJQlWTVfXCMwmWH%2FXrrRwBj29eFY6F2tTwSPNE7VyhE1W9MMAq%2B6Gz6aM5GANTHiLrWLFp2OetEnvGabi6oUXnPMgF4zAPQrZJEnuiKfFXhWWJUTH15SKVnoUh4cBBsECTzHnJ5DAPxqP5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db87914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame BA66 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2248207
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59907
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG7NMNe%2BlEW7O%2BYvlO1XBcCqQHGNaS8RsEo45RxqJpx3fOLOPr0QzWYmUM0y0e3j%2Fq64a8OhY79DAJ2yFniqVK1bgdH91b3w8xYBdeo8MLRevqWBcWHz8LnNr%2BuOip3VI5SRhXCzZB7HNo5v"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db8a914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
/
partner.o2online.de/a/ Frame BA66
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSnroXkmv0CFXOe_QcdJB4MGw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 19:32:09 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame BA66 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2410701
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTbrR55HoQsLf0EPv67ZdLd%2Fr61mIwEGOwjvffZ6%2Bww7dh4ya1Zyfrtw%2BCD8ATR57wM9MO78UXGfGMAfdoYOW32nTh52KBTgqQ0AiYyMPEkx%2F1lkDvP5R0vxSWdC7NN1K%2FSPBHgoYjEkMDwQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db8b914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame BA66 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1175684
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTAJVzT0NtZMVVaet3q13fC%2B6cfIIu56E0%2BYdLeTEuVyNFVwXracSLlrlL0U1vFL6VjQercipOwpM0%2FQ0Z5GOv%2ByMJXjH%2B9qcyRXZCs%2FxatAeTZXLmOuvPIMwSSYqHXyqIxoZ4Tw7gmuTGX5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79a8b521db8d914d-FRA
expires
Fri, 17 Feb 2023 19:32:08 GMT
ztpv.php
www.conrad.de/ Frame BA66
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1676575928_9a3dfb90-ae30-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1676575928_9a3dfb90-ae30-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=728&d=90&e=&g=8bbc47c6c44e8fd37c5ffe2504edbee0%2F7942547282285287844&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676575928514&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6gbhc187pw5amcq40947b5qk3wezrrt0mk3ttg5mne42pcapzkd4dbehsrt8z8kvxrw0w9hwtmcb40x3f8zgqwh93jxqmjnwpjxkq0c8ep3337k22b3gkj24f7c3man8nx5rq4ky3gppmkdp5sygw4e4aavt4hmkqa0ggzaaxe5gnqnm5fazptgw97m5ez2xzg02zc40zzjm49x60gce5ddnh73y665hfgrw1wc9v9qj8bv6psmp1m1cfcsxedv365gbyta7eczv00cmg5be5n%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuUMftoTuY43ZK5KtYpSsirgDkOGBhFy2qMKK8ALAjbcBEAEgAGCVyvmBlAeCARdjYS1wdWItMDQxMzAwODA2NzkxNzkxMsgBCakCD5vMezvosT6oAwGqBL8BT9Ai2kKppjAf_zIrTldFC5ufPMy8PdUblGG0rDyIARKp_ENiiD5M6IY7XwEvvjOOd_oZBVhSueZPgHxHP5J3p2YMRP25PEs9FNG_hPRx7fCks_QJ3rv4i4IbWv8vuMlxO7Wd2EhghMIoDHguj2By17g02j6VGh_PcOn6AkD0zbh9VW501Wcwz9Y8-zmbx-_MvE2SHThQYWfo6FMCAHxUjhrmd__VKeOlxvjcDA7bc-Er8Kmptx4ksvrBNHG_M6eABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OWflulhKarpWG3v3CyMY2G03OOw%2526client%253Dca-pub-0413008067917912%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 19:32:08 GMT
via
1.1 additional-webserver-blue-b3gw (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
strict-transport-security
max-age=15552000
age
0
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=04v1W0Rh5k34lrxIMr7PN5fYrAyYeGqgpIV4AqS9PkI-1676575928-0-AR91_ikEpQGGqX6kPJTyf1PBRub5X2j7iA9GIExvDslwyYTVjRGwDA1kB6YjDyl2DeaZMhWfZ5ejAKZu0MN0eZWo1HDJGThyLwCH7x5iaEVDcpJIqZ8X-rP61l-BnuzQEA; report-to cf-csp-endpoint
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
server-timing
intid;desc=2e2ab6821b05148a
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=04v1W0Rh5k34lrxIMr7PN5fYrAyYeGqgpIV4AqS9PkI-1676575928-0-AR91_ikEpQGGqX6kPJTyf1PBRub5X2j7iA9GIExvDslwyYTVjRGwDA1kB6YjDyl2DeaZMhWfZ5ejAKZu0MN0eZWo1HDJGThyLwCH7x5iaEVDcpJIqZ8X-rP61l-BnuzQEA"}],"group":"cf-csp-endpoint","max_age":86400}
x-varnish
353685409
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
79a8b5233858911e-FRA
expires
-1

Redirect headers

Date
Thu, 16 Feb 2023 19:32:08 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1676575928_9a3dfb90-ae30-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 37AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8IYXxs9ppGAarOSyqnYCfq_sJLwUvsXponhG3mN3tr7ryN4tZd8L5cOU_P5XXEoQvTiCEAdoRiUxnUh1_FYvGXCOkiIS_YLjtoMwcjhqCwBogy0SUR8CoAAm3zl7J4VglKLd0eA&sai=AMfl-YS6Mon0Ku3DbD_zH-2mttKHqVuDC3xteyXyTtPpfVt5sQjjyErAYa2wzA9-waQVHHqMC_8IFK6h-eJv&sig=Cg0ArKJSzIThKJ8auKOYEAE&cid=CAQSGwDUE5ym75wHHQI1gQlc7DEcrCRg9HlQVm_hchgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159123&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676575926741&rpt=953&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4E27 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=doC9DcknXAmWlDO8sI8Mt3SknjLyB-1wJ4LAKePOUP5Hbw7oqTpNCQ-umu1On-0iWVD9PuDqK2K4jFNvIJsZRRv7V3iuPp5ZisnCkfWmWV-D_S0hq5QAWzfjlopiCzoNkuAv7g6PT-xgEwW_2MwmKuELKH6tsYuqK2sbhmLF300wlZCfKj9s0kgAVnXnmotcP0xHveFJnMflSvM-EpUhqFah-rYb3jfvA7h_8u5owdFwDjsqfAnLQNaYc8_R3U5bBBcrHA&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-6EtgAADR4KexRGAAIzaFteVSnaLFzinbCmXg&u=%7CkVPf7duz4fqbMvGb8qcADaFaLdg9I%2B9xC3ECLt2BJc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNyz330KBrzNlxcM_jautE7nswLE3YRXbVaSnOUG2DYvIZTm4B7ssEBUiJH9IhIgtbqwifvb3E50quO6EoJZnB1hXZaip1ELyBzgj0UDSqnmhem4MR_YCcMHxvr5b1OY9vNE4LO-VuIeZhU16be27sDZNokYNtaeIh3EJzQ_OWjxmfHZoM7rStC_lUWF0gXlwOLSuVZwhM-wgCQLceMdrN6BKFEstqdfEWIzUA_31FEhMv-Anm08vPbitGmC1dY1IEIxJg64vlBrC8i70vn1sKmo2QNV-Muioux73LKHERzLjZn3G7GgvkykEbiPejRx750q6GgTIvlwWV5NTn-5gLzswfcJ7mhbuNdu9FJdFJlydij7xEwMRJODC8LjfE00bOd2xwQ3WSpUZcolSO8yBmSTTMlBCz2rLDTK322r8-R4_Iq7xRnaOu9rGXRgyFfB_d4ploFELXaGb2kPfpwFbz2pFv0-wurt1pcEIEOazmVNNlYiUeA6y0B3q8ouHpuh9dFdiufbibSFKnhy0F6zhOuZAM4IDfghOQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC929EtoTuY54axqjsA-jmiLgIyZ7SsVzVnZH3cMCNtwEQASAAYJXK-YGUB4IBF2NhLXB1Yi0wNDEzMDA4MDY3OTE3OTEyyAEJqQLZ4I4eruqxPqgDAaoEuQFP0FYP2-sbQF9R7-tdqXr4PR0oWMoozT2KbtskWpPSYRbsqL4dulh0iFNx5l-7Nit5sep0nxfBTv_L0hGHiFkoowEveSQZny6xfwGMsYWb7Np6QQjtGgKBdjyefsSCXGnhsPVuIVpRegFTWqhHFJ8EPVKQKzb-U5kck3g7aE3NbDqeWei3LIC3AZuu3VO_0l_Ltuf1HVZ6EdwQncMDn81JweDMoPSmjsgTxf6fVkL8Mv0qNO9LZq8toYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33dVGfynZlTmhHzVu_z-n0PHG74g%26client%3Dca-pub-0413008067917912%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Feb 2023 19:32:08 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E03E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHxPc8OegF5L7D0pHIsbiUzGsA9VJlB_fVkhB6Fg0O4VveInDs_t5fTq6GMc9hl6yIpCk2b4Q5jgmppkKil-3ZbL8&sig=Cg0ArKJSzJQXpfHvV073EAE&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=318159124&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676575926743&rpt=764&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 19:32:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| oncontentvisibilityautostatechange undefined| href undefined| $ function| jQuery object| __cfQR object| CleverCore boolean| CleverCoreLoaded object| mts_customscript object| adsbygoogle object| dropdown function| onCatChange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| google_lpabyc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager string| GoogleAnalyticsObject function| ga object| GoogleGcLKhOms object| gaplugins object| gaData object| google_llp object| googletag object| google_image_requests

42 Cookies

Domain/Path Name / Value
.ubs.med.br/ Name: __gads
Value: ID=4da4cedfe59bcf8a-2243ba8286dc006a:T=1676575926:RT=1676575926:S=ALNI_MYxYppLYIeqo0sDYZ4btrFemP_llg
.ubs.med.br/ Name: __gpi
Value: UID=000005788dc9b700:T=1676575926:RT=1676575926:S=ALNI_MZk5wwoeAS818cXB0nXQQSFWt6yBA
.ubs.med.br/ Name: _ga
Value: GA1.3.234690506.1676575926
.ubs.med.br/ Name: _gid
Value: GA1.3.219652148.1676575926
.ubs.med.br/ Name: _gat_gtag_UA_3493925_76
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmNkMhPhtfeqFudfbIf_6aMCRzFIbxE-MK9ybZbFtoWV-H7cXZgK9jBW9uYr1U
.adfarm1.adition.com/ Name: UserID1
Value: 7200838775737088148
.lijit.com/ Name: ljt_reader
Value: GKvUqGZHWmLaBXZxRRabvPnk
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.w55c.net/ Name: wfivefivec
Value: nGvxqfxI1PsJZd5
.360yield.com/ Name: tuuid
Value: 1989fbfc-b416-497b-8408-c2df90c58a5f
.360yield.com/ Name: tuuid_lu
Value: 1676575927
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 7159836519598620557
.3lift.com/ Name: tluid
Value: 3748883889130623343186
.casalemedia.com/ Name: CMID
Value: Y.6Et9NgscTbH9vl5qdZwAAA
.casalemedia.com/ Name: CMPS
Value: 1200
.casalemedia.com/ Name: CMPRO
Value: 1200
.ctnsnet.com/ Name: cid_1b03dced87d04bbaaf843a5ac7a995c0
Value: 1
.ctnsnet.com/ Name: gid_CAESEGQu3BTwwD_hexVwgWotjMA
Value: 1
.blismedia.com/ Name: b
Value: 63EE84B7055386B85CBDA806BLIS
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.yahoo.com/ Name: A3
Value: d=AQABBLeE7mMCEDPn1sNU_1SZlzWg6FwE7ngFEgEBAQHW72P4YwAAAAAA_eMAAA&S=AQAAAl4K9JvKBh5Ev_BHn2ZIHMQ
.addthis.com/ Name: na_id
Value: 2023021619320700011793782072
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 63ee84b70c7b5bba
.addthis.com/ Name: ouid
Value: 63ee84b70001f4cc5c39df4b41b646f027e8b83cb6d8328b1b68
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20230216
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.adfarm1.adition.com/ Name: lv_5627035
Value: w=4593833|t=1676575928
.awin1.com/ Name: awpv11354
Value: 412871|1676575928|9a3dfb90-ae30-11ed-acb0-22645d5ed731
.awin1.com/ Name: awpv20044
Value: 412871|1676575928|9a3e49b0-ae30-11ed-ab4b-226222ea62e0
.awin1.com/ Name: AWSESS
Value: 415363:2904924
www.conrad.de/ Name: HTLP_timestamp
Value: 1676575928
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 5mR6IyFtEpIyxVoYlfqTFqNQlMHITRW2zyiJ8Qlzr2s-1676575928-0-AYv44UvBxEVVI5jb03n6jDrcHrN4p3xK4QgWK7yOsYX2oZhoduf4DX3A9arXb2ZwItc66xs6b14Nk4tEf3xKaWM=
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3NjU3NTkyOXZsZWExZGUyMDIzMDIxNjIwMzIwODgxNzgwNTgwMzcxWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023021620320881780580371X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3NjU3NTkyOXZsZWExZGUyMDIzMDIxNjIwMzIwODgxNzgwNTgwMzcxWDExNzY3OVYxMjI2MTMyNzAyT

2 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=318159123&client=ca-pub-0413008067917912&fa=3&ifi=7&uci=a!7&btvi=4&xpc=1XtoqX0rHt&p=https%3A//ubs.med.br
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad2.adfarm1.adition.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
call.cleverwebserver.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsp.adfarm1.adition.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
imagesrv.adition.com
match.360yield.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
rtb.fr.eu.criteo.com
scripts.cleverwebserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
tr.blismedia.com
ubs.med.br
ui.cleverwebserver.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
104.18.25.185
142.251.208.98
167.233.13.224
172.217.19.102
178.250.0.160
216.52.2.6
217.79.188.11
217.79.188.21
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700:3032::6815:486
2606:4700:3036::ac43:841e
2606:4700::6811:180e
2606:4700::6812:18f6
2606:4700::6812:7e05
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400d:802::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a02:2638:1::8
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638::2
2a02:2638::b
2a05:d018:d29:3605:675d:6b7d:32db:18ea
3.122.47.214
34.160.236.64
34.96.105.8
35.186.193.173
37.157.4.25
51.89.9.252
63.33.255.124
69.192.160.219
76.223.111.18
84.200.5.215
85.114.159.93
95.100.75.47
04915d8237e96e4442f5d92f9bec5fe8f25242b73ed707832284b0d10c6582d6
075446d8551ecc439b3f689fa00706996502eafb75fa75aa662252f7cc03e288
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
0fc50c24421aba9a75152e764dd46c224c41134f5bb3c79eb9caf8e86e095945
11564e6ccd477b6b72f5deeb69f5bacaa91c526f48e73ad5b22bdfe7d2175525
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
118eef7b9de43dbc644d7183d3f700adf8252c574700813903244b9bf63324dc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2333edce18f6144809d20bf4bf66d566d96d88ef2ec3bc2ae2b5392193da0613
2a6a8351a09caa9d0ecbed6cda865a9ba6975d06d95c5c7ef41339bb5f5aeabc
2b0945d6ce189e6fb380780cc44905f563c4bab969d5697bf2790b2db7191db5
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
2ba7983bc23ef32f0db821563ffef967eda18b38a4d3a5090fff222acddc016d
2c05b5a9739c3ed9d84ea0e69d738e27f1af0797033d12399a748ec40a11d22e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e347bb13caf20b8f4fffa8ac632ed36b656112bb5ac8902d7bb2ca62c225101
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fc6d730a2ea6c7be729903d171715e212c0a2b30ab858bb4bba5457c2859634
3059d7a2174c4c98b350393a2b60bbc302ffe12b394ba4d120b0922f5a6bb026
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3bfdc5409b44d2d689dec3c239adfd715371fc02d20f3d1eb0c6ea590904fcf9
3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3ecebae631c796c36085ad84cb441d066982cd34223c7a45ef7544eb41f80810
4272f3887f25caa60c84d6c25726741c7acb5e701262d15c27e01a5cc8b015fc
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a
4c5b03967ef763468d5072aa4312d7d9e82d314b01221324cd930b23f6c1169b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527eb07e1872a687fa88c286056a58e372240fa53ddcdeacd63041155695fb36
5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b71b833e94200708f895c6c4f6eb63e82a46fed77d71f34e9958e04de7d9aa9
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654fcd2152a303119bfc8470498d3d2c5abe1711b2affadfce661c8ae9d0e8f1
6778009b637c9db4af940d6090178f605e68e1a30137ca6ac562798eba1b77cd
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
76daefe52b6acc9186d0b1a2a4a15acab20bcd18cb7f0c25256ae60671a335c2
815aa7b0f0b4520c714fb5ee59f8f818fdc044af91adf920af82b2da504e0df2
869554bba8a13dce2b603d9b80221d5aa0f5860eb41d3acbf47a6e9c1878e4e8
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
895619f1f18745d8e8daaaa0eadb74a875407bcdf1859b29a1122959ea0a8bf7
89f56f2e6648941905c1d316766faeae51cd42a7ad8861af23c6b6d95f148190
8bbdd134e0cb5aa52596f8d31e040abe1561883499463be07f1e0bb1c6d9c00c
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb
91d03b03333899fbd90c0dd4c01bae0b583b10fffb806a0cb1ee2d0d6c4115d9
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
96820961215817661053d79a3544582c1c83e2967b2762b4f55dd0cc17223f2d
9687f48acdbc648dfca8d6aa5c150004310964ff6fa939a32649764628fa8bc7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99db216f8fc5675e74fc42ba1cf0a6d3a03078fb3973e3d492a0533988d8795b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a95f42349fdea4437c1f111edbc922153a2e2b0f16f1738cd66bfdf85619a525
a9a82ecef3fc5e767f74026ee3d8971752c3633b0cc177b04246b6018719e6c1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0c7ef7a9e9484b9c51515ec155fb398c478e8efb108afd3fd431b9c8d1ba6d1
b3f1acd797f56900e86d30d09258d9cc0fb7da5fccca58e20a45086bad2fe7af
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c51d6500f70927703c78c6457915a1de5070f2d26fb94f9b582e4ef227a51f2e
cc21d7ee9efd47d9b50c420ddb13229928cce36f14d55eecfa0cb219ffb1b01f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0dd39cd53bb12ecac8b525f0e1ef1418a7b86ee1bef559691cbedea922b2b0e
d35820c569e0b1afdd8e4563bee0fb25ed7e94db1574ad9c9a94e13e0d85ba7e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db54ac0e0b998f6ca8272807fe3e37c6c17a7ea67cd4a9d9b7114c1dbe266063
dc05b07cd454adabdd92a6fee9b48afccee787ae991b6e3bd453b0eac040a3c3
dd83f19bacbeb1d1f4bfc3fecf9047cd45f1075958455d340beb6794f28a8559
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e877ba8389bd1af891bfb39b14c8d268fa459f5ab96de5d3eb79b10bf4f4e969
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16be41be56439804acee577d6985ff0f31434e0334b573d6dcc2a15a474af31
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f3a93e5890e46a717c88ad130d2f6e79683539ef69e33694d1a643b83b5ac8dd
f45e07bcbaa202fad15f2089f297ca94a1baa6e96bf28e41d540f7b3edbd83d7
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7c5c09c1260cd2943265b2743f09da255fae07ece6182075441258e164242d6
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9393831ca238a842ebce4748a4332c4c4db92926fbe1e00bcfcfdf9932e461b
f9ed6269710ec1c9591f11757443de1a1b7c62015221c1ef98af7ff62a6867db
fbea9bab5019527a3393c718f457ed51af3e964f333e0e958cf5dc21b3280e5c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2